SSL not configured nor enforced.

[ghost]

Accessing Umbrel and apps over HTTP instead of HTTPS presents a security problem. For example, when using a 2-of-3 multisig in Specter, where one wallet is a Bitcoin Core hot wallet, the user must input the decryption code before signing a transaction. That code is submitted via a form over plain-text HTTP. Anyone on the network can sniff out that traffic, including programs designed to eavesdrop specifically on Umbrel.

Potential Solution

There are handful of solutions that allow for automatic SSL certificates to be generated on bootup. From a Docker perspective it should be even easier to compose existing images with auto-SSL. A quick search on the Docker Hub returned several containers that appear to automatically configure and route SSL traffic. Then it's just a matter of adjusting all links to enforce HTTPS and redirecting HTTP to HTTPS.

[lukechilds]

Yes, currently during beta Umbrel makes the assumption that the local network is secure. See our security document for details: https://github.com/getumbrel/umbrel/blob/master/SECURITY.md

We plan to resolve this before a stable release. Unfortunately SSL alone is not a good solution to this problem, see prior discussion for why: #190 getumbrel/umbrel-os#53

[ghost]

Sounds right.

[maltokyo]

TOR link is not even available for me on first start, check here: #473