Spark Core Security - Cloud workings

Hi,

I have some (security related) questions about the workings of Spark Core Cloud:

  • I suppose every time my (dynamic) WAN IP address changes it’s transferred to Spark Cloud (equally as dyndns services)?
  • what data is transferred and effectively stored on Spark Core Cloud?
  • related to the previous question: every time one accesses (for sensing data, sending commands to actuators, requesting settings data e.g. WiFi SSID, …) its Spark Core via REST, does this mean every time Spark Cloud physically accesses your Spark Core(s) (or is the data from the Spark Core regularly transferred to the Spark Cloud and accesses the data from the Spark Cloud)?
  • if installing Spark Cloud Server on own infrastructure (inside my firewall), if i’m right, the settings in the Spark Cores are so that they point to your own Spark Core Server; how can the Spark Cores then be programmed/firmware flashed since there’s no connection anymore between Spark’s own Cloud infra and your Spark Cores and today there’s no Spark Core Build in the Open Source Spark Server?

Thanks.
Guy

1 Like

No data is stored on the cloud. Just your core public key and core id. (i think)

the Spark :cloud: is like a “gateway”. Your client applications need to reach the Cloud via REST Api to read variable or call functions.

They are not actually stored in the cloud. (core <----> cloud< ----> client app)

That’s right. The core will communicate with the server that you spin up but still able to perform OTA flash via Wifi.

The only thing is that you will not able to compile your source code into a .bin file.

You can either compile your source code locally or use the Spark Cloud to compile and download the .bin file before using the OTA flashing mechanism via your own cloud to do so. :wink:

2 Likes

I have a similar security questions need clarification.

  1. Can the SparkCore be programmed to extract Windows LAN “Share Files” information ? In an event, someone change the Firmware on the product that I try to sell. Want to ensure that this cannot be used a spy device :wink:

  2. Right now, I am using the Spark.Variable to pass Core info to my PC-Mobile program. Is this the only method that data can be extracted ? Also, transaction can only be requested by PC-Mobile side, correct ?

  3. During the Core connect (Smart Config), the network WiFi password is entered, is this being stored in TI CC3300 EEPROM ? Is this being encrypted ?

1.) You can probably attempt to connect and read the file or something but it doesn’t sound so straightforward.

2.) TCP/UDP can also be used but you are required to program it yourself. Spark.variable () is the easier way out

3.) Yup it’s stored in the CC3000 EEPROM and I believe it’s encrypted.

1 Like