0

Security of Device Provisioning

Kevin

February 24, 2020 10:34

None

Follow

Hi,

I'd like to know whether there is a mechanism securing who might take ownership of a BrightSign player during device provisioning (B-Deploy, BrightAuthor:connected). Device provisioning seems to be designed to be used remotely (in which case BrightAuthor:connected cannot "see" the player on its LAN to validate ownership), and contrary to the activation procedure, there is no local user interaction required with the player.

Let's take an example:

1. User A purchases a device, which happens to have the S/N "A".
2. User A receives the new device "A", but requests device provisioning for another device with S/N "B" by mistake.
3. User B purchases a device, which happens to be the one with S/N "B".
4. User B receives the new device "B" and requests device provisioning for it.
5. Whom will device "B" be assigned to in the end?

Another case: user A sells a device to user B, but without removing the device from BrightAuthor:connected. How can user B take ownership of the device through device provisioning?

If someone knows, please let me know.

Thank you very much for your reading.

• Facebook
• Twitter
• LinkedIn

1 comment

• 0
  
  Kevin February 27, 2020 17:37

  I've just tested this by trying to move a device between two accounts (different users and networks). Only the first user requesting provisioning for a given serial number gets access to the corresponding device, even if the device has never been switched on (which is the point of this feature) or if another user actually in possession of the device tries a factory reset and a device activation.

  This behavior can be annoying if a device is resold after having been linked to an account, because the buyer will have to wait for the seller to unlink the device before being able to use it.

  The main issue is that guessing serial numbers seems to be quite easy, so anyone could maliciously request provisioning for multiple devices that have not yet been unboxed by their rightful owners. Of course, BrightSign could resolve such an incident manually, but it would be better if this could not happen at all.