[Sirened]

>Also, for some perspective, at that time Ubiquiti kept all the hardware signing keys in a private GitHub repo that every employee had read access to. And they were in plain-text. So... yeah.

This is frankly worse than any of this other news. So there's essentially zero trust associated with the code signatures since any employee, past or present, can sign a payload. Wonderful.

[_pplp]

I've since heard that the repo has been taken down and all the keys rotated, but just kinda makes you wonder how many APs and switches and cloud keys, etc are still out there using compromised keys.

Also, even though they may have had read access, not many knew it existed. But it wasn't super hard to find (I stumbled across it basically).

Oh and then there the whole metrics collection debacle, where the controller basically phoned home about the topology of every network that it managed. Even if you opted out. Opting out just meant they fuzzed your ID so any given record couldn't be linked back to PII. Which may or may not be legal, IANAL.

But either way it definitely wasn't clear that opting out meant data was still collected. Super sketchy.

[ex_ubiquiti]

> Also, even though they may have had read access, not many knew it existed. But it wasn't super hard to find (I stumbled across it basically).

We didn't have read access until Nick Sharp and his team took over GitHub permissions and gave everyone access. Wonderful security work.

> Oh and then there the whole metrics collection debacle, where the controller basically phoned home about the topology of every network that it managed. Even if you opted out. Opting out just meant they fuzzed your ID so any given record couldn't be linked back to PII. Which may or may not be legal, IANAL.

Nick Sharp was at the core of this too! He built the 'trace' system to collect all of these metrics and had all of these ideas about how to secretly collect the data in ways that would be hard for people to detect.

He pretended to be a principled person who stood for security and privacy, but whenever he saw an opportunity for political gain he abandoned all principles. He was the only person I knew at the company who was enthusiastic about collecting all of that data.

[_pplp]

Oh god don't remind me about Trace. I had to deal with the Controller side of that and it was a damn nightmare.

He basically dictated that you couldn't use any kind or repo+deployment pipeline except for what his team was building. Which wasn't actually functional for like 8 months. So we never even got a dev or staging tier to test against for months.

And then when I ended up with access to push things along, the actual apps for the trace system we're... not well implemented.

Ugh... I could bitch about this stuff for literal days but I gotta drop my kids off.

[AeroNotix]

Oh hai people who used to work at UBNT. From reading your responses here (and elsewhere) it definitely seems our paths did not cross, but the shared sense of Schadenfreude is good and strong :)