bytedreamer / aporta Goto Github PK

request for enhancement. could you display the cardholder number somewhere (anywhere actually.) I suggest it be added as line in the "Person Details" subscreen. (typo - UI actually says Person details)

feature request. Could we please have a mechanism to capture the current configuration of an Aporta instance so it can be copied to another machine. A 'tar' command in the documentation would be sufficient, not asking for code/ui modifications.

It would be nice if this used some secure mechanism (like Windows provides) to store the OSDP secure channel keys it distributes to PD's. Perhaps dotnet capabilities can provide this?

Might be user error I know. I expected the OSDP Driver Configuration page to automatically update so when I add a device it changes from offline to online. Apparently you have to refresh the page manually.

Add or removing com ports doesn't update the list when adding OSDP connections

A common feature in many modern burglar alarm systems is 4G connectivity. Because if you lose your primary connection, either due to power loss or an upstream fiber cut you won't receive any alerts from your panel, nor will you be able to manage it remotely. Cellular networks on the other hand very rarely go down.

New low bandwidth cellular technologies like NB-IoT and LTE Cat-M allows connectivity to be added inexpensively. With a module I bought off Aliexpress and a prepaid SIM card I have a backup connection for only a few dollars a month. Even better these modules can send out text messages directly with a few AT commands.

I think this would be a useful feature.

Hello,

Hashing the card numbers doesn't help with security, and makes card issuance and management harder.

With standard Wiegand cards (for example), there's generally a 26 bit ID. 8 bits are for the facility code (shared with the cards at the facility), the card number is 16 bits, and there are two parity bits.

Even if we assume that the whole 24 bits are for the card ID, we're still talking 16,777,216 possibilities total. Running a benchmark on the laptop I'm currently using with 1000 iterations, I get over 440kHash/s:

Hashmode: 12100 - PBKDF2-HMAC-SHA512 (Iterations: 999)

Speed.#2.........:   444.3 kH/s (85.72ms) @ Accel:4 Loops:249 Thr:1024 Vec:1

In other words, on this laptop, an exhaustive search of the keyspace should take around 380 seconds. Throw a decent GPU at it, and that number goes well under a minute.

Higher security with PACS cards comes generally not from the uniqueness of the ID (which is designed to be random enough to be difficult to brute force), but from having keys in the reader and keys in the card. The goal is to make the card un-dumpable and un-cloneable, rather than making it un-guessable. Even if the ID is extracted from the control panel, it can't be written to a card, unless one extracts the reader master keys.

It reacts with a beep etc. at the reader when access grant happens. I didn't see any visual or audio feedback for access denied. Is this implemented? If one runs the live Monitor on a browser you see access denied events, so at a bench you can watch either case happen, no problem.