IP based adoption

Whilst the IP based adoption of new AP’s is kind of nice Isn’t it a bit of a security risk?

For instance my primary WAN is actually Starlink, usually that would be CG-NAT the only reason it wasn’t is because I tend run L2TP over the top of it and egress via another ISP, if however I’d have been going out of the Starlink natively it’s possible another user would have seen my un-adopted AP’s if they happened to be logged into the cloud interface for whatever reason.

@dragon2611 It’s as much of a security risk as any local unconfigured device presents, whether it can be set up via bluetooth, or discovery on a local network, or any other method. The most important thing is to make sure that you add it to your site in a timely manner so that it can be associated to your account. Once that happens, there’s no way for anyone to “steal” your device and take it to another account, because it would need to be released from your account, first.

Also, the way our devices are initially configured ensures that MITM attacks cannot happen, because only the holder of the private key on the AP can decrypt the initial payload, and that private key changes after a factory reset of the device (i.e. you don’t need to worry about your data being compromised just because you sell a device). For those that are very security-minded, we do plan on adding the ability to view the public key (via bluetooth) to ensure that the device being configured is indeed the one in front of you.

I was more thinking that if the CG-NAT pool is large it’s possible someone will end up adopting your AP to their account.

@dragon2611 I honestly haven’t seen enough shared IPs in the wild to be concerned, but as long as you add the AP to the site, you can be assured that it cannot be taken control of by another account.