zZzleep zZzafe

Badge: Force field

We are approaching production grade quality on our smartbed! But before we can start publishing your pee-statistics to the cloud we must take some time to add some proper security to our solution.


We need a way to ensure that data cannot be read or altered in transit between the server and the smartbed. This is achieved by running all traffic over the TLS encryption protocol. This way, no one can intercept how much you pee pee.


Our server in Cloud City can be controlled over ssh. In order to restrict admin-access to the server, only individuals with an authorized private ssh-key can connect this way. This is achieved by adding the public key of authorized individuals to the file authorized_keys on the server. Password-authentication has been disabled to prevent users typing insecure passwords.


With an open source project like ours, it is important not to store database credentials in the code. Also, zzzmartbed-hackers will be displeased to know that the database is only accessible from the server localhost though a secure proxy client.