Lighthouse Security Megathread

[m88youngling]

This thread is for discussing security concerns and issues with Lighthouse. Given that we are more than a year along in this project, I'd like to invite us to talk about security in retrospect and plans for the future.

To start off, I'll ask this,

What are all of the features that we have so far that protect Lighthouse users?

@Slendy @Zaprit @daggintosh

Then, what's missing?

[Zaprit]

we should probably at some point set up some sort of security policy. As for security features currently in lighthouse, and any other developers correct me if i'm wrong, we currently have:

• rate limiting
• ip banning
• moderator level deletion
• good grief
• whatever intrinsic security we get from using a memory safe sandboxed language like C#.NET

what's missing is:

• a codified security policy
• large scale unit testing (last unit test was updated 7 months ago by Jvyden)
• and while this is a more administrative thing, I suspect the server is not being regularly monitored for potential intrusion however i can neither confirm nor deny this

[m88youngling]

Some things I can think of off the top of my head,

• PSN and RPCN verification
• IP authentication (which may later be replaced by NPTicket signature verification #569 )
• CAPTCHA

Can you describe in a little more detail what you mean by security policy? I assume this means primarily for Beacon, as every instance will be different when it comes to policy

We could arrange for a test of each security feature again alongside another purge event like we did April 1st of this year.