I’m a software engineer but don’t really know much about the hardware side. Did a math degree in college so I’m lacking in comp sci knowledge, to get my software job I jumped into fintech and learned the important software bits, design patterns, etc.
Anyways I want to make some gadgets using RPi or similar chips. For example I want to make a gadget with an e-ink screen that hits a public weather API endpoint once every 15 minutes and updates the screen with some weather info. Then I can put it in an encasement and just have it sitting on my desk and always have the weather info at a glance.
But when I started looking into this I saw all sorts of articles about securing you RPi and it seems like if you do it wrong you can introduce a security risk on your network. Is there a simple, even if heavy handed, solution to this? Such as, configuring my router to only allow that RPi device to make requests access certain endpoints, and not allow incoming requests at all?
Nothing inherently insecure about RPi in specific. Same rules apply to any device in your network: if you expose services to the internet, you are introducing potential security risks. Does it have to be open to everyone? Should you limit access to specific known trusted clients? Can you use VPN rather than exposing it to internet? Is your authentication scheme robust? What data does the device have access to and does it NEED to have access to all of it?
If your device only makes outgoing requests then your main concern is whether you trust the service its polling.