Security & Privacy Issues

From LinuxMCE
Jump to: navigation, search

We take your security and privacy very seriously. All information about your LinuxMCE system is stored in your local Core and is accessed using the local LinuxMCE Admin Website installed on the Core. This information never leaves your Core (with the exception of the user IDs, Installation IDs, and Device IDs).

It is important that these IDs be globally unique. For example, if you decide you want to add LinuxMCE telephony to your system and allow other LinuxMCE users to call you by dialing your user name, your user name must be unique. If you go on vacation and decide you want to allow a neighbor with LinuxMCE to add a scenario on his Orbiter to turns on the lights in your yard, the lights in your yard must have different IDs from the lights in his yard. To ensure that all these IDs are unique, your local "LinuxMCE Admin" site will request a unique ID from the web site when you add a new installation, user, or device.

You will notice that you have an installation number reflected on some screens, therefore.

However, no information about the device -- other than the ID -- is stored on the LinuxMCE server. Your passwords, configuration settings, and other confidential data are stored locally and there is no 'back door'. The default installation when you use the Kick-Start CD disables all outside access -- you can only access the LinuxMCE Admin website from within your home. You can use the LinuxMCE Admin website to selectively allow some devices to be accessed from the outside, however.

The LinuxMCE Admin website can be set up to be accessed from the Internet, for example. You will always be warned of any possible security risks that that may entail, and the site will help you setup proper barriers to prevent unauthorized acccess (such as SSL certificates for encryption).

In the future, LinuxMCE will offer secure, encrypted tunneling services through our secure servers. That way you can access your local Admin website securely without having your own SSL certificate, even if your ISP blocks incoming connections or does not provide you a static IP.