user 57927c7c22 fix: Address P2 security audit findings ...

- VULN-012: Split STATUS into minimal (unauthed: hostname, uptime,
  rssi, version, motion, presence) and full (authed: all internals,
  build info, target IP, heap, NVS stats)
- VULN-011: Remove mDNS service advertisement and hardcoded "ESP32 CSI
  Sensor" instance name; use hostname only
- VULN-021: Increase HMAC tag from 64 bits (16 hex) to 128 bits
  (32 hex) — BREAKING: client scripts must update HMAC computation
- VULN-023: Enable PMF (802.11w) in sdkconfig.defaults to prevent
  deauth attacks at protocol level

2026-02-14 20:10:14 +01:00

1.8 KiB

Raw Blame History

View Raw