I’ve been aware of Norns for many years now, and either tried to buy when out of stock, or didn’t have the funds available when they were in stock!
I’ve just read more about Norns Shield and DIY kits recently. I’m gutted there doesn’t seem to be any more Norn Shields officially coming out - as that would have been nice and easy! I’m not very good at soldering - so not keen on going down the full DIY route.
But I have seen a few second-hand Norn Shields/DIY kits for sale on Ebay and around other marketplaces.
My question is how safe is this? I am very risk adverse when it comes to technology and am concerned about taking (and connecting to my PC, WAN etc) a used Norns Shield unit, which contains a used raspberry/sd card.
Am I being a bit silly and shouldn’t worry?
I’m not an expert on Raspberry Pi’s - but my approach if I were to buy a pre-built or used Norns Shield would be to get a new SD card and use that to install NornsOS on, surely anything malicious would be stopped by not using the second-hand SD card.
Also, not fully sure how Raspberry Pi’s work - but if install a fresh install of NornsOS on a new SDcard is this secure? Just I’ve heard a lot of security vulnerabilities of hacking raspberry pi OS - I assume I would mitigate this by not actually having the raspberry pi OS installed? Is there anything else I would need to do to make sure its secure and not a security weakness?
Good question. Norns is definitely a very open platform with default password, sudo and a very powerful operating system… and your concerns about security vulnerabilities of IoT devices is well justified. You are being wise.
However, wiping the SD card and getting a fresh install of the norns image going (which will also protect the data of the previous owner and hence a kind of a gift) is, i would say, secure. A fresh install will anyway be nice for yourself to explore this amazing device.
Norns will come with a (a version of) Raspberry Pi OS installed, it’s the platform on which norns is built on. Change the default password via the norns menu.
On a more whimsical (SM?) note, i have been fantasizing about someone hacking into my norns, and non-maliciously making some wild and unique music on it while I cannot stop them.
Once you have a fresh install, I guess you can safely have an OS full of vulnerabilities as long as it’s untouchable from outside your lan; eg. use your router’s firewall.
(i may be wrong since networks are still (will forever be) kind of magick to me).
No, there is no user-writable storage on a normal Pi beyond the SD card.
The compute modules (sticks) as used in factory Norns have Flash on them, but if you follow the fresh install guide, it will completely overwrite anything that a previous user might have left there.