From: dpreed@reed.com
To: "Dave Taht" <dave.taht@gmail.com>
Cc: cerowrt-devel <cerowrt-devel@lists.bufferbloat.net>
Subject: Re: [Cerowrt-devel] Friends don't let friends run factory firmware
Date: Tue, 18 Feb 2014 17:43:44 -0500 (EST) [thread overview]
Message-ID: <1392763424.813511608@apps.rackspace.com> (raw)
In-Reply-To: <CAA93jw4VShAFb3=SqmLRhN3B-PTKNzmP2WNQqVxbvA2mfKMQgw@mail.gmail.com>
Apropos of this topic construed broadly, just got the following in my email. I'm thinking about a MicroZed network appliance anyway, so a PMOD interface is interesting because that's the MicroZed peripheral standard. But wouldn't it be nice if one could have this kind of authentication in a router?
http://www.maximintegrated.com/app-notes/index.mvp/id/5822
It's a nice little chip, easy to interface to almost anything. Pretty easy to make a PCB that can be added to almost any commercial "home router".
On Tuesday, February 18, 2014 5:21pm, "Dave Taht" <dave.taht@gmail.com> said:
> On Tue, Feb 18, 2014 at 5:13 PM, Dave Taht <dave.taht@gmail.com> wrote:
>> While we are at it. (wobbly wednesday)
>>
>> http://www.ioactive.com/news-events/IOActive_advisory_belkinwemo_2014.html
>>
>> Don't leave home with it on.
>>
>> At least they left the signing keys for the certificate in the
>> firmware, so that bad guys can exploit it, and good guys, improve it.
>>
>>
>>
>> On Tue, Feb 18, 2014 at 5:10 PM, Rich Brown <richb.hanover@gmail.com> wrote:
>>> More excitement...
>>>
>>> https://isc.sans.edu/forums/diary/Linksys+Worm+TheMoon+Summary+What+we+know+so+far/17633
>
> I was incidentally quite surprised to see the original limited scope
> of the DNS changer worm. I didn't think we'd busted the folk involved
> in the scam soon enough, nor was I happy with the ensuing publicity,
> nor with how long it took for Paul to be able to turn off the the
> servers supplying the (4+m) busted routers with corrected data.
>
> The world has been ripe for the same attack or worse, across over half
> the home routers in the universe, as
> well as much CPE.
>
> This is in part why I'm so adamant about getting DNSSEC support "out
> there", adding sensors to cerowrt,
> improving security, doing bcp38 and source sensitive routing and the like.
>
>
>>> _______________________________________________
>>> Cerowrt-devel mailing list
>>> Cerowrt-devel@lists.bufferbloat.net
>>> https://lists.bufferbloat.net/listinfo/cerowrt-devel
>>
>>
>>
>> --
>> Dave Täht
>>
>> Fixing bufferbloat with cerowrt: http://www.teklibre.com/cerowrt/subscribe.html
>
>
>
> --
> Dave Täht
>
> Fixing bufferbloat with cerowrt: http://www.teklibre.com/cerowrt/subscribe.html
> _______________________________________________
> Cerowrt-devel mailing list
> Cerowrt-devel@lists.bufferbloat.net
> https://lists.bufferbloat.net/listinfo/cerowrt-devel
>
next prev parent reply other threads:[~2014-02-18 22:43 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-02-18 22:10 Rich Brown
2014-02-18 22:13 ` Dave Taht
2014-02-18 22:21 ` Dave Taht
2014-02-18 22:43 ` dpreed [this message]
-- strict thread matches above, loose matches on Subject: below --
2019-02-04 20:41 [Cerowrt-devel] friends " Dave Taht
2019-02-05 21:06 ` David P. Reed
2014-01-12 15:23 [Cerowrt-devel] Friends " Rich Brown
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://lists.bufferbloat.net/postorius/lists/cerowrt-devel.lists.bufferbloat.net/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1392763424.813511608@apps.rackspace.com \
--to=dpreed@reed.com \
--cc=cerowrt-devel@lists.bufferbloat.net \
--cc=dave.taht@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox