Skip to main content

Security

Sandboxing

Capabilities installed on your devices are executed in a sandboxed environment using Linux namespaces (Linux containers) created using unshare. The constructed sandbox hides sensitive information from the capabilities such as your Transitive Robotics certificates (in .transitive/certs), all home directories, and most of /var.

Using Linux namespaces directly provides the same isolation benefits as Docker but does not require any software beyond what Ubuntu already installs by default. It also means that sudo is not required.

The Transitive Robotics agent runs as the user you installed it with using the curl command from your fleet page. If you further want to increase security, you can create a new user just for this purpose and install the agent as that user instead. Our sandbox is also compatible with Docker, so long as the container is privileged (required to create new namespaces, i.e., Linux containers).

Uninstalling

If you ever wish to uninstall the Transitive agent and all installed capabilities again, you can execute ~/.transitive/bin/uninstall.sh.

Data Security

We here describe data security for the typical setup where a "user" of Transitive embeds one or more Transitive capabilities into their own web dashboards. "End-user" here refers to the user of the user's web dashboards. This can, for example, be an internal user at the user's company, or a customer of the user's company.

Meta-data

Meta-data transmitted between robots and cloud is encrypted using robot-specific SSL client-certificates, and data to/from web users is encrypted using TLS 1.2 or 1.3 (HTTPs/WSs). Each capability author decides which data to share between robot, cloud, and web users, what to store on the robot and the cloud, and how long to retain this data for.

Logs

Robot

Each capability installed on a robot has its own log, written to disk. These log files are rotated on a daily basis and currently retained for three days. Except for error messages, these logs are not uploaded to Transitive Robotics servers unless explicitly configured by the user.

Cloud

The last 100 MB of logs of the cloud-components of capabilities are retained.

End-user Data

No end-user related data is stored by Transitive Robotics, other than potentially logging the id of the end-user provided to us by the user on the JWT tokens they provide for authentication.

Capability Specific Data

WebRTC

Some of the capabilities Transitive Robotics offers use WebRTC for establishing a peer-to-peer connection between the robot/device and the operator. These capabilities handle additional data: video streams and control streams.

Transmission

All data is end-to-end encrypted using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (or similar) as the DTLS cipher (Datagram Transport Layer Security), i.e., for the key exchange, and AES_CM_128_HMAC_SHA1_80 (or similar) for SRTP (Secure Real-time Transport Protocol) cipher, i.e., the actual media stream encryption.

Storage

No video or control data is stored on Transitive Robotics servers, simply because we have no access to these streams. Most such peer-to-peer streams are not even routed through Transitive Robotics servers. And if they do, because a direct connection was not possible, the streams are encrypted as described above.

The only meta-data stored is the session history.

Third-party capabilities

We make no warranties about the data security or data handling of third-party capabilities, i.e., capabilities whose publisher is not transitive-robotics. Please contact the publisher directly.