adacam

History

Kayos 9c4b0e26b9 docs: security hardening plan v1.0 Addresses all 4 open CVEs with specific implementations: - CVE-2: Per-device WiFi password derived from serial/MAC + salt - CVE-11: SSH key-only auth, ADACAM_PUBKEY injection at liberation - CVE-14: adacam-api bearer token derived from device serial - CVE-7/16: Kill usb-updater, no OTA for single-owner device Also covers: firewall rules, tunnel security assessment, data-at-rest recommendations, priority order for implementation.	2026-03-14 11:27:23 -07:00
..
HARDENING_PLAN.md	docs: security hardening plan v1.0	2026-03-14 11:27:23 -07:00
SECURITY_REPORT.md	docs: deep audit report — CVE-6 through CVE-15	2026-03-14 10:00:56 -07:00

Kayos 9c4b0e26b9 docs: security hardening plan v1.0

Addresses all 4 open CVEs with specific implementations:
- CVE-2: Per-device WiFi password derived from serial/MAC + salt
- CVE-11: SSH key-only auth, ADACAM_PUBKEY injection at liberation
- CVE-14: adacam-api bearer token derived from device serial
- CVE-7/16: Kill usb-updater, no OTA for single-owner device

Also covers: firewall rules, tunnel security assessment,
data-at-rest recommendations, priority order for implementation.

2026-03-14 11:27:23 -07:00

HARDENING_PLAN.md

docs: security hardening plan v1.0

2026-03-14 11:27:23 -07:00

SECURITY_REPORT.md

docs: deep audit report — CVE-6 through CVE-15

2026-03-14 10:00:56 -07:00