Would it be sufficient to set up a DNS entry in the network that redirects the original cloud to your own TeddyCloud? That way, you wouldn’t need to flash the Toniebox?
I’m new and considering installing and setting up TeddyCloud, but I have concerns about the flashing process since a Toniebox isn’t exactly cheap. Sure, I would still need to read the certificates, but I wouldn’t have to overwrite anything.
No, because it uses HTTPS and the box checks the certificate of the server.
This would only be possible if there is a vulnerability that allows man-in-the-middle attacks on the box.
Thank you for the quick response.
But does this mean that I can only use the device in offline mode while on vacation? Even a hotspot wouldn’t help the device, right?
Is it possible to flash a backup and restore the Toniebox to its original state? Is that complicated?
The box would run offline, if it has no connection to teddyCloud. So only existing content would run.
For this to work you either need a public server or a small VPN travel router, so you can use your home network on the go.
Flashing back can be done but not recommended for that purpose.
I understand that you are afraid of breaking something.
From my personal experience:
The Toniebox mainboard and flash chip seems to be really robust and failsafe. @0xbadbee said the same in the MyDealz YouTube video.
My first usb programmer was broken (which I didn’t know) and I always thought the problem was me putting the clamp on this flash chip the wrong way (which wasn’t the case). So I tried to put this clamp on the chip a few dozen times (until the clamp broke) and in some cases I didn’t even unplug the programmer before so there was power on the PINs while I moved them. I did this out of frustration and I was almost sure that my board/chip were broken because of me not being nice to them.
I ordered a new programmer and everything worked immediately. It turned out that my Box was still working perfectly fine!
Actually flashing the chip is not so “dangerous” as it sounds because in the first step, you only read from it. So just make sure that your dumped firmware is valid by checking size, reading it with strings and of course by extracting the contained certificates. Parse these certificates with OpenSSL on the cli.
With this original firmware of your box you can restore it anytime - even if you delete the chip by accident or write a wrong certificate on it. Make sure to backup this firmware dump once you have it.
Good luck!