Casa recently published a blog post addressing some concerns with its Casa Node 1. It makes clear that, currently, there are “no known undisclosed vulnerabilities with the Cases Node at this time.”
The primary concerns are twofold. Firstly, some users have expressed concern over the Casa Node using HTTP connections instead of HTTPS. The company claims this is not by accident — that it specifically chose to use HTTP to not create a “false sense of security.” Because this is an internal or home connection, Casa writes that “HTTPS is impractical at best, and dangerous at worst.”
Secondly, Casa Nodes have default passwords, which some claim is a security risk. However, as the company writes, “a keyboard and monitor must be plugged into the Cases Node in order to access the command line.” Hence, it is not able to be compromised.
In a tweet outlining these concerns, Casa was blunt: “you should always be careful with Lightning, which is still early and reckless.”
There are no known undisclosed security vulnerabilities with Casa Node at this time.
That said — you should always be careful with Lightning, which is still early and #reckless.
More details on security concerns raised this weekend here:https://t.co/O0LlIW9qRJ
— Casa (@CasaHODL) October 13, 2019
Casa created nodes to support Bitcoin and the Lightning Network while also earning BTC. The startup teamed up with the Sats app to “make Bitcoin easy.” However, it seems that the company is unsure of the Lightning Network as it stands now. In an effort to distance themselves from any vulnerabilities, the company seems to be blaming the Lightning Network itself rather than its own product.
As JW Weatherman (@JEWaetherman_) wrote in a reply on Twitter, none of these security flaws are present in Casa’s competitors. JW mentioned NODL as an example.
The other thing to keep in mind is that neither of these security flaws are present in any of the competitors including @nodl_it
The recent announcement from them was for far less serious issues, but they owned it and fixed it.
— JW Weatherman | mathbot.com (@JWWeatherman_) October 13, 2019
Do you think that we could see a more ‘mature’ and fleshed-out Lightning Network by the end of 2020? Let us know your thoughts below in the comments.