Photon ownership changed too easily

General
1

My friend had a photon that was blinking cyan and once red; it was owned by his account. He doesn’t run the CLI so he handed it to me to fix. I did and handed it back to him. Once he got it he found that it was owned by my account, not his. I released it to him, but how did this happen? I didn’t think you could take ownership without the current owner’s consent.

In fixing his photon I didn’t realize it was a server key problem so I did several things…

  1. Used the app on my iPhone to give it new WiFi credentials.
  2. At one point I wiped out the WiFi credentials and did this again.
  3. Downloaded new firmware via the CLI on my Mac with particle update.
  4. Logged out of my account on the CLI and into my friend’s account
  5. Used the particle serial identify to get photon ID
  6. Did a particle keys server
  7. Did a particle keys doctor
  8. Device was now breathing cyan without the single red blink. And, it seems, the device was now owned by my account instead of my friend’s.

Is it right that the ownership should have changed?

2

Ping @rickkas7

3

Step 1 likely changed the ownership of the device.

For the Photon only (not Core or Electron), if you use the phone app, ownership will be taken immediately as long as the device was not part of a product creator product.

The assumption is that if you have physical possession of the device and can cause it to go into listening mode you should be able to take ownership of the device.

Note that you cannot take ownership of the device without email confirmation when using the Particle CLI. The reason is that the CLI does the ownership transfer over the cloud, and could be done remotely.

4

Ah got it. So shipping a product with a Photon in it does not prevent the person who buys the product from taking ownership of the device and messing with it if they want. Ok.

Thanks for the info.

5

Hi @JSchrempp

I think you missed this caveat in @rickkas7 reply. If the Photon is part of a product, it will revert back to the product code and ownership when connected to the cloud..

1 Like