Looking for some WiFi AP Security Advice

Top Page
Attachments:
Message as email
+ (text/plain)
+ (text/html)
+ (text/plain)
Delete this message
Reply to this message
Author: Mark Phillips via PLUG-discuss
Date:  
To: Main PLUG discussion list
CC: Mark Phillips
Subject: Looking for some WiFi AP Security Advice
I am working on a project and need some security advice.

The project is a wireless model rocket launcher. It consists of a Raspberry
Pi 2 W (Debian Buster) connected to a daughter board with circuitry
to control the current to ignite the igniter, a TP-Link Wifi AP, and a cell
phone. There is a web site (apache and flask) running on the Pi that allows
the user to control the circuits on the daughter board to launch the
rocket.

The typical location for launching the rockets is in a large field far from
any buildings or trees. Typically, there is no Internet connectivity even
on cell phones, but there are quite a few people attending the launch.
There are also times when this launcher will be used in a more urban
environment (like a high school), and I want to make the system
"unattractive" to the high school students who think it would be cool to
hack the launcher during a launch.

I want to set up some sort of secure connection between the cell phone and
the web site running on the Pi. My main concern is an attacker connecting
to the web site and igniting the rocket while the user is connecting the
wires to the igniter. Model rocket motors generate an exhaust gas with a
temperature of ~3,000 F. Also, the igniter needs 2-4 A dc for 300 - 500
msec to ignite the rocket motor.

I thought about SSL, but I would have to use a self signed certificate
(assuming no Internet), and I have read that it is not that secure. I am
using a long password to access the AP, a password protected login to the
web site, and another password as a launch key to enable the igniter
circuit and launch the rocket.

I am not a network security guru, so I am not really sure what my options
are. Do you have any other suggestions on how I can make this system more
secure?

Thanks!

Mark
---------------------------------------------------
PLUG-discuss mailing list:
To subscribe, unsubscribe, or to change your mail settings:
https://lists.phxlinux.org/mailman/listinfo/plug-discuss