We take the security of our customers very seriously and have put extra thought regarding digital safety into the development of our product. We believe that we have made Friendship Lamps Powered by Filimin sensibly secure. Here are some of the things we have done to address this in the design:
- All messages are encrypted, sent, and received through TLS/SSL.
- Friendship Lamps send out a beacon you can connect to wirelessly, but once they are connected to Wi-Fi, that beacon only lasts another two minutes. After that, there is no way for anyone else to connect to them.
- There is an API key and MD5 checksum sent and received with firmware updates, on top of the encryption strategy.
- Your Wi-Fi password is never sent through the internet.
- Your Wi-Fi password is impossible to retrieve from a Friendship Lamp without dissection of the unit and our programmer (which is available only in-house).
- The color choices/groupings for your Friendship Lamp are about all that any hacker could get from our database.
When creating the original Friendship Lamp, we also consulted with a bank network security administrator throughout the design process. We still converse with him to make sure our information is fully up-to-date so that all the Friendship Lamp Devices are kept secure. So far, he's been satisfied enough with the design to purchase two sets for his own family :)
Can someone track my location through my Friendship Lamp?
No, Friendship Lamps do not track location. You may notice on our website there is an interactive map of lamps across the world. This map is for the sole purpose of showing that Friendship Lamps work everywhere that can connect to a Wi-Fi signal and does not point to your exact location.
To get the locations, we use the location based on the IP address. When your Friendship Lamp connects to our servers, we find the location of the Internet Service Provider and then randomize it by 10 miles to make sure we do not publicly give any specific information. We also never associate a Device ID with a location, it is just used for the map. There is no way to locate a Friendship Lamp based on its ID, nor is it possible to find a Friendship Lamp based on a location. We can only tell that a certain ISP (Such as Cox or Comcast) in a certain area has Friendship Lamps connecting.
If you'd rather not participate in our Live Map you can always contact us and request to opt out. If you're concerned about your IP address being visible to others on the internet, there are several steps you can take to protect yourself, such as using a VPN (Virtual Private Network).
Why does my browser show manager.filimin.com/setup as "Not secure"?
The "Not secure" message you may be seeing on your browser for the "Setup Wi-Fi & Register" page is a warning that the information you input on this page is not being sent to a recognized secure source. This is because part of the setup on this page may require you to type in your Wi-Fi information while you are not connected to the internet. Because of this, your browser cannot confirm where the information is being sent.
However, you will only be asked for your Wi-Fi information once your device has connected to the "Filimin_XXXXXXXXXXXX" wireless network being cast by your Friendship Lamp, and your Friendship Lamp is the only thing that will have access to your Wi-Fi information after you click "Save Settings". So you don't have to worry about anyone (even us!) having remote access to your Wi-Fi password, and you are not exposing your device to any risk by accessing this page.
Questions? Please contact us and we will be happy to help!
Tags: Security, TLS/SSL, API, MD5, location, map, secure, hacked, IP address, track, safe