Hi,
I am trying to convince a family member that the Holoport is not
a potential fall in door for hackers to the local LAN.
So I’m doing a bit of an attack surface analysis.
Personally I can’t imagine a much safer device than a Holoport,
but it turns out clearly arguing it is harder than I thought.
This is not the usual topic about security of data within Holochain (the hApps DHT shards & agents source chain)
but rather about the security of data in the local LAN that the Holoport shares a router to the internet with.
Thus I put it in the Technical Watercooler section. No idea where else.
What I’m unclear about is sand-boxing.
Code that’s run in browsers is AFAIK heavily sand-boxed.
Not getting allowed access to any of the hard-disk contents but a small designated area only
and definitely not allowed local LAN access.
Rearding 3rd party hApps:
ChatGPT told me: “In general, the Rust code in a Holochain application runs as an independent process with its own memory space and file access privileges, separate from other processes on the device.”
In how far is that correct? Is this additional barrier really there?
Or is trust to 3rd party hApp developers and their code
both the first and the last line of defense?
If an additional sand-boxing barrier is there:
Will this eventually change when other programming languages get a HDK API. (e.g .NET languages)?
Granted to my understanding holochain hApps are requiredly
both open source and adhering to the CAL license.
Which makes a lack of a second line of defense less severe.
And current community is extremely trustworthy.
But still.
As a bad example: On android every second app wants unrestricted
read write access to ALL of the permanent memory 
.
Not a fan.
My Holoport appears in local LAN with a DHCP given address.
Android Fing LAN scanner gives: hpos ~ eac AUTOMATION-CONSULTING ~ [IP in local LAN]
So I guess in principle it can gain access to all other computers in the local LAN.
A different second question regarding attack surface:
– Is the automated Nix update process done over the same ZeroTier VPN as where the Holochain traffic goes?
– What about access to the “Host Console”?
ChatGPT told me: “If Holochain is running on NixOS and system upgrades are done remotely via the ZeroTier VPN, then the remote system upgrade channel should not add any additional attack surface.”
Which makes sense, but I’m not sue about the prerequisite assumption.