From: Sebastian Moeller <moeller0@gmx.de>
To: Mikael Abrahamsson <swmike@swm.pp.se>
Cc: "Dave Täht" <dave.taht@gmail.com>,
cerowrt-devel <cerowrt-devel@lists.bufferbloat.net>
Subject: Re: [Cerowrt-devel] security guidelines for home routers
Date: Mon, 26 Nov 2018 23:13:14 +0100 [thread overview]
Message-ID: <05A88D6B-51BC-4CC5-98D9-E85AE11D96AC@gmx.de> (raw)
In-Reply-To: <alpine.DEB.2.20.1811261932460.14216@uplift.swm.pp.se>
Hi Mikael,
> On Nov 26, 2018, at 19:35, Mikael Abrahamsson <swmike@swm.pp.se> wrote:
>
> On Mon, 26 Nov 2018, Sebastian Moeller wrote:
>
>> And 2) basically is a complaint that there is a weak MAY clause for guaranteeing that 3rd party firmware like openwrt is installable. I think this was weakened on purpose by the DOCSIS-ISPs which seem to have zero interest for 3rd party firmwares for cable-modems/routers. (I would not be amazed if cable labs would actually rule something like this out per contract, but I have zero evidence for that hypothesis).
>
> 2 is interesting from a security point of view. With secure boot special provisions have to be put into the router to turn off secure boot to be able to install anything on it. Question is how this would be done in a way that is both secure and somewhat user friendly.
I guess that most cheap routers do not actually do "secure boot" but rather make it hard to flash not-approved firmware binaries from the GUI, and for the intents an purposes of the BSI document that level of security, in spite of the talk about firmware authentication by digital signatures, seems sufficient. So no need to secure the JTAG interface, or even a tftp update method that can be initiated by pressing a button on the router or similar.
> 2 also implies sharing drivers etc, and it's unclear how this would be done.
Why? In my reading 2 basically just turns the "The router MAY allow the installation of unsigned firmware
(i.e. custom firmware)" into a "The router MUST allow " it does not rule that the manufacturer needs to actively help to develop said custom firmware IMHO. Now it would be a great idea to do so, but certainly not required.
> I believe Germany is too small to drive this requirement, we'd need at least US or EU size market to really succeed with this.
Yes, I agree, this is one of the issues where one of the heavy-weights needs to get involved. My bet is on the EU picking something like this up first though. ATM I do not see much appetite for such regulatory actions in the US.
>
> --
> Mikael Abrahamsson email: swmike@swm.pp.se
next prev parent reply other threads:[~2018-11-26 22:13 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-11-26 18:05 Dave Taht
2018-11-26 18:24 ` Sebastian Moeller
2018-11-26 18:35 ` Mikael Abrahamsson
2018-11-26 22:13 ` Sebastian Moeller [this message]
2018-11-27 11:03 ` Mikael Abrahamsson
2018-11-27 11:52 ` Sebastian Moeller
2018-11-27 13:34 ` Mikael Abrahamsson
2018-11-28 13:49 ` Sebastian Moeller
2018-11-27 18:23 ` valdis.kletnieks
2018-11-26 18:40 ` Dave Taht
2018-11-26 21:05 ` Toke Høiland-Jørgensen
2018-11-26 22:28 ` Sebastian Moeller
2018-11-27 0:29 ` David P. Reed
2018-11-27 11:07 ` Mikael Abrahamsson
2018-11-27 11:17 ` Jonathan Morton
2018-11-28 9:17 ` Michael Richardson
2018-11-28 9:14 ` Michael Richardson
2018-11-28 19:10 ` David P. Reed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://lists.bufferbloat.net/postorius/lists/cerowrt-devel.lists.bufferbloat.net/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=05A88D6B-51BC-4CC5-98D9-E85AE11D96AC@gmx.de \
--to=moeller0@gmx.de \
--cc=cerowrt-devel@lists.bufferbloat.net \
--cc=dave.taht@gmail.com \
--cc=swmike@swm.pp.se \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox