My application sends data to the Ubidots dashboard using unencrypted TCP. In the API documentation, the following is stated:
Blockquote
We strongly advise to use TCP with TLS to make sure your data travels encrypted, avoiding the exposure of your API token and/or sensor data to third parties."
Blockquote
Can you please explain to me how an unencrypted message could be intercepted? As far as I understand, both cellular and WIFI (With password) signals are already encrypted, so wouldn’t further encryption be redundant? Where and how would it be possible to intercept the message that justifies further encryption?
Greetings, there are a lot of resources that you may find about this topic on the internet, please give a look at some of them. We made in the past this video, explaining the generalities about data encryption that also may be referenced by you.
Hi Jota, thank you for the reply the video is very instructive and informative… It delves into a bit more real-life application details than the API documentation.
My takeaway from the video, especially the conversation from 24:00 to 26:00, is as follows.
(Disclaimer, this is my own personal takeaway from the video and online resources and I’m not claiming to be an expert in the field… in the video it is also mentioned that this is debated among Ubidots customers.)
the video is very instructive and informative… It delves into a bit more real-life application details than the API documentation.