Version 2.6.0.182

Enable Twitter support.

This will allow the Stoker to send tweets to any specified Twitter account. There will be a tweet generated every time an alarm condition is set/cleared and there will be a tweet at regular intervals. The frequency of these periodic updates is user defined.

Warning: Please be extremely careful using this. There are several security pitfalls that the user needs to be aware of. Basically, the entire process is vulnerable. Yikes! I’m no security expert, but these are some thoughts the user should be aware of.

  1. The user will need to enter the Twitter account name and password into the Stoker webpage. The connection between the web browser and the Stoker during the operation is NOT secure. This means the account name and password can be sniffed out while submitting the info to the Stoker.If this is of concern, make sure there is a direct wired Ethernet connection between the Stoker and the computer – no wireless, no switches, no hubs, no routers.
  2. The Stoker stores this information in non-volatile memory. The Stoker software will never publish this information. But Mr. Evil Hacker-man could potentially break into your house, steal your Stoker, unsolder the non-volatile memory, disassemble the executable, and then extract the info from the chip. But man, that’s a lot of work.
  3. The Stoker uses Basic Authentication to send the tweet. This effectively means the Stoker sends the account name and password in raw text direct to Twitter.com. Please see the Twitter APIdocs regarding basic authentication.Since this request uses the Internet, this means the account name and password are vulnerable to anyone sniffing the traffic.

Not exactly a happy set of thoughts. Kinda sucks to be the party-pooper, but there are some things you can do to minimize the risk.

  1. Create a new Twitter account just for the Stoker.
  2. Try to limit any type of personal info on the Stoker profile.
  3. Create a totally new password for the account. Use any strong password generator site to create the password. Here’s a Google search.

Usage: After upgrading, with your new Twitter account strong password in hand, open up the Stoker webpage, and click on the check box labeled “Show Twitter options”.

  • Updates – this enables/disables the Twitter support.
  • Username/password – info for the new Twitter account.
  • Update interval in minutes – number of minutes inbetween periodic tweets
  • Message header – a few words at the beginning of each tweet
  • Click save changes
  • On the “Update successful” page, click on the “Back” link and wait for the new page.
  • Once the new page is served up, reboot the Stoker.

2.6.0.182