From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <dpreed@reed.com>
Received: from smtp105.iad3a.emailsrvr.com (smtp105.iad3a.emailsrvr.com
	[173.203.187.105])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(Client did not present a certificate)
	by huchra.bufferbloat.net (Postfix) with ESMTPS id 1B75421F219
	for <cerowrt-devel@lists.bufferbloat.net>;
	Tue, 18 Feb 2014 14:43:46 -0800 (PST)
Received: from localhost (localhost.localdomain [127.0.0.1])
	by smtp6.relay.iad3a.emailsrvr.com (SMTP Server) with ESMTP id
	04AE51A80BD; Tue, 18 Feb 2014 17:43:45 -0500 (EST)
X-Virus-Scanned: OK
Received: from app25.wa-webapps.iad3a (relay.iad3a.rsapps.net [172.27.255.110])
	by smtp6.relay.iad3a.emailsrvr.com (SMTP Server) with ESMTP id
	D7A151A80BC; Tue, 18 Feb 2014 17:43:44 -0500 (EST)
Received: from reed.com (localhost.localdomain [127.0.0.1])
	by app25.wa-webapps.iad3a (Postfix) with ESMTP id C6F8B18005B;
	Tue, 18 Feb 2014 17:43:44 -0500 (EST)
Received: by apps.rackspace.com
	(Authenticated sender: dpreed@reed.com, from: dpreed@reed.com) 
	with HTTP; Tue, 18 Feb 2014 17:43:44 -0500 (EST)
Date: Tue, 18 Feb 2014 17:43:44 -0500 (EST)
From: dpreed@reed.com
To: "Dave Taht" <dave.taht@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain;charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Importance: Normal
X-Priority: 3 (Normal)
X-Type: plain
In-Reply-To: <CAA93jw4VShAFb3=SqmLRhN3B-PTKNzmP2WNQqVxbvA2mfKMQgw@mail.gmail.com>
References: <A69AAC4A-8BF2-4792-8B41-55642F44933E@gmail.com> 
	<CAA93jw6k=P74xAmRQ7e4=gnvxawUPSi8AFJh9H6awusv4Kt5zw@mail.gmail.com> 
	<CAA93jw4VShAFb3=SqmLRhN3B-PTKNzmP2WNQqVxbvA2mfKMQgw@mail.gmail.com>
Message-ID: <1392763424.813511608@apps.rackspace.com>
X-Mailer: webmail7.0
Cc: cerowrt-devel <cerowrt-devel@lists.bufferbloat.net>
Subject: Re: [Cerowrt-devel] Friends don't let friends run factory firmware
X-BeenThere: cerowrt-devel@lists.bufferbloat.net
X-Mailman-Version: 2.1.13
Precedence: list
List-Id: Development issues regarding the cerowrt test router project
	<cerowrt-devel.lists.bufferbloat.net>
List-Unsubscribe: <https://lists.bufferbloat.net/options/cerowrt-devel>,
	<mailto:cerowrt-devel-request@lists.bufferbloat.net?subject=unsubscribe>
List-Archive: <https://lists.bufferbloat.net/pipermail/cerowrt-devel>
List-Post: <mailto:cerowrt-devel@lists.bufferbloat.net>
List-Help: <mailto:cerowrt-devel-request@lists.bufferbloat.net?subject=help>
List-Subscribe: <https://lists.bufferbloat.net/listinfo/cerowrt-devel>,
	<mailto:cerowrt-devel-request@lists.bufferbloat.net?subject=subscribe>
X-List-Received-Date: Tue, 18 Feb 2014 22:43:46 -0000

Apropos of this topic construed broadly, just got the following in my email=
.  I'm thinking about a MicroZed network appliance anyway, so a PMOD interf=
ace is interesting because that's the MicroZed peripheral standard.  But wo=
uldn't it be nice if one could have this kind of authentication in a router=
?  =0A=0Ahttp://www.maximintegrated.com/app-notes/index.mvp/id/5822=0A=0AIt=
's a nice little chip, easy to interface to almost anything.  Pretty easy t=
o make a PCB that can be added to almost any commercial "home router".=0A=
=0A=0A=0AOn Tuesday, February 18, 2014 5:21pm, "Dave Taht" <dave.taht@gmail=
.com> said:=0A=0A> On Tue, Feb 18, 2014 at 5:13 PM, Dave Taht <dave.taht@gm=
ail.com> wrote:=0A>> While we are at it. (wobbly wednesday)=0A>>=0A>> http:=
//www.ioactive.com/news-events/IOActive_advisory_belkinwemo_2014.html=0A>>=
=0A>> Don't leave home with it on.=0A>>=0A>> At least they left the signing=
 keys for the certificate in the=0A>> firmware, so that bad guys can exploi=
t it, and good guys, improve it.=0A>>=0A>>=0A>>=0A>> On Tue, Feb 18, 2014 a=
t 5:10 PM, Rich Brown <richb.hanover@gmail.com> wrote:=0A>>> More excitemen=
t...=0A>>>=0A>>> https://isc.sans.edu/forums/diary/Linksys+Worm+TheMoon+Sum=
mary+What+we+know+so+far/17633=0A> =0A> I was incidentally quite surprised =
to see the original limited scope=0A> of the DNS changer worm. I didn't thi=
nk we'd busted the folk involved=0A> in the scam soon enough, nor was I hap=
py with the ensuing publicity,=0A> nor with how long it took for Paul to be=
 able to turn off the the=0A> servers supplying the (4+m) busted routers wi=
th corrected data.=0A> =0A> The world has been ripe for the same attack or =
worse, across over half=0A> the home routers in the universe, as=0A> well a=
s much CPE.=0A> =0A> This is in part why I'm so adamant about getting DNSSE=
C support "out=0A> there", adding sensors to cerowrt,=0A> improving securit=
y, doing bcp38 and source sensitive routing and the like.=0A> =0A> =0A>>> _=
______________________________________________=0A>>> Cerowrt-devel mailing =
list=0A>>> Cerowrt-devel@lists.bufferbloat.net=0A>>> https://lists.bufferbl=
oat.net/listinfo/cerowrt-devel=0A>>=0A>>=0A>>=0A>> --=0A>> Dave T=C3=A4ht=
=0A>>=0A>> Fixing bufferbloat with cerowrt: http://www.teklibre.com/cerowrt=
/subscribe.html=0A> =0A> =0A> =0A> --=0A> Dave T=C3=A4ht=0A> =0A> Fixing bu=
fferbloat with cerowrt: http://www.teklibre.com/cerowrt/subscribe.html=0A> =
_______________________________________________=0A> Cerowrt-devel mailing l=
ist=0A> Cerowrt-devel@lists.bufferbloat.net=0A> https://lists.bufferbloat.n=
et/listinfo/cerowrt-devel=0A> =0A