From: Dave Taht <dave.taht@gmail.com>
To: "Network Neutrality is back! Let´s make the technical aspects
heard this time!" <nnagain@lists.bufferbloat.net>,
Make-Wifi-fast <make-wifi-fast@lists.bufferbloat.net>
Cc: Avery Pennarun <apenwarr@gmail.com>
Subject: [Make-wifi-fast] Attackers breach plume
Date: Thu, 16 Nov 2023 15:29:43 -0500 [thread overview]
Message-ID: <CAA93jw6EGa=yvn8_m-ZGyRALxEfVYSZMHaVunhCaZ-JAup31MA@mail.gmail.com> (raw)
Plume is one of the biggest sellers of "managed wifi devices". Now breached.
https://cybernews.com/news/plume-data-breach/
I have not ever used their stuff (why should I hand *any* details of
*my* network to a third party? I trust my builds of openwrt only), but
the last I had heard (5 years ago) was Plume had managed to get
fq_codel running on two out of three devices they had, but not
deployed, so I assumed they were managing little that I cared about,
while sharing stuff I did not want them to have. On the other hand, if
attackers twere white hat in any way - or an independent researcher
were to look over all the files... especially the wifi stats - hoo
boy! what a great global view into wifi behaviors that no-one else has
in the world today. I wonder what that would be worth on the black
market... "hey buddy, you wanna know what fire tv sticks are really
doing on networks?" [1]
Cross posting this to nnagain in part because of the twisted thought
in a title ii world:
What is the ISP supposed to do about compromised devices they can see?
In this case the plume OUI MAC address is visible to the edge router.
What of transient compromise - once breached, other backdoors
installed elsewhere?
[1] (one thing few knew about chromecast and other wireless stick
devices in 1996 is a huge percentage of them were wedged into a few
inches from the tv to the AP, overdriving the wifi antennas, messing
up the network for everyone) - google's published research here:
https://apenwarr.ca/diary/wifi-data-apenwarr-201602.pdf
Having never heard a plume rep call anyone and tell them to use a wire
for their tv instead... makes me dispute the value of plumes "managed
wifi" and not having seen a drop of public research out of them and
their insane stock price... ummmm...
Also the tv sticks, many ap routers, all tablets (well the kindle is
lame), are more than powerful enough to be actively sniffing the air
of not just the local network, but ones nearby.
--
:( My old R&D campus is up for sale: https://tinyurl.com/yurtlab
Dave Täht CSO, LibreQos
next reply other threads:[~2023-11-16 20:29 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-11-16 20:29 Dave Taht [this message]
2023-11-16 21:01 ` [Make-wifi-fast] [NNagain] " rjmcmahon
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://lists.bufferbloat.net/postorius/lists/make-wifi-fast.lists.bufferbloat.net/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAA93jw6EGa=yvn8_m-ZGyRALxEfVYSZMHaVunhCaZ-JAup31MA@mail.gmail.com' \
--to=dave.taht@gmail.com \
--cc=apenwarr@gmail.com \
--cc=make-wifi-fast@lists.bufferbloat.net \
--cc=nnagain@lists.bufferbloat.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox