From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-pl1-x62f.google.com (mail-pl1-x62f.google.com [IPv6:2607:f8b0:4864:20::62f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.bufferbloat.net (Postfix) with ESMTPS id 3A6BB3CB37; Thu, 16 Nov 2023 15:29:57 -0500 (EST) Received: by mail-pl1-x62f.google.com with SMTP id d9443c01a7336-1cc68c1fac2so11517335ad.0; Thu, 16 Nov 2023 12:29:57 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1700166596; x=1700771396; darn=lists.bufferbloat.net; h=content-transfer-encoding:cc:to:subject:message-id:date:from :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=cLjN8MSrUAiDr6N8+NpD/rPFvYXFEIOMlswailwbRpY=; b=ItxORNxiGIVeOXXjkS/KP74tJuGkenfWvHpamsFR1d97T6dgGvRjZ1UkOCxHdVRWP1 1/71HWO+cFJTkAqIFq0dh473tofK3yYp6pHO/2OHciwYm4/N/yib5MKebsGVRcl+UGkb 4OvelLa659sX4EZI53yJIhf2ks63e9PRwbIAO5sgQf/fjdRrS++YRSdGUUFhTfXI5Zqo mCgQB7+ppSR99buHNLD3+xZ+wEtzfywPghS9PbfnxPoLdZu6ylmTTvjuJspOSbza7rJO ZwV/vFfnnw456wKEvswPvkExppPT4Xe/7Bfjwjddtv51l2M16gB2KAq54r8STpYfejpd qKTA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1700166596; x=1700771396; h=content-transfer-encoding:cc:to:subject:message-id:date:from :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=cLjN8MSrUAiDr6N8+NpD/rPFvYXFEIOMlswailwbRpY=; b=rhs1GsmAn15sawuJzEoiEQmhPLtkUf7nW5GbWQZDsdm6vJxobnKlYiXLosUW8Ha1bN xX8Lz9jPccLbLFy/rIlRXxrol+AnH8N5KW5OOedwvYTPgcm/CYNZ5cRew2aGoCLe29oW /qeXKQeJnUhICsWIti0eOGsqlT9jgdZo0M6Nl01PLHzMAgvoZGfGrTsDPIuHhYCOeNcA 1cppvsjoH7qWTMEa9iqJriweToMaNqCL/A0MPsozRipOFrVUhkQ/eZQKOL2CBqgGcfoo VGqRdtNwtXA7CM7t6e9TVpc3+plST8AYfkfYwyBO8HjXw54a+5RqyswITnT9W7kkbxog WJkw== X-Gm-Message-State: AOJu0Yw7tip0bdYjIG3iuVz6JCY7khl1b0XNAeavgzez5h2E0QxHECfZ 9W0HtDzcaBHzwq5y5Bz2XnTILRTB+sllGNVzGBfhYhTG/Ok= X-Google-Smtp-Source: AGHT+IGc7h87vkGBVox2JWs4ISpZt/Hph22hoNpA81yw6ldKQVCVt5U0oK6/+vTXy2oQ8I3MCCRDo9YsZR1Vy3JuOEw= X-Received: by 2002:a17:90a:4f:b0:280:c9a1:861e with SMTP id 15-20020a17090a004f00b00280c9a1861emr20718258pjb.13.1700166595829; Thu, 16 Nov 2023 12:29:55 -0800 (PST) MIME-Version: 1.0 From: Dave Taht Date: Thu, 16 Nov 2023 15:29:43 -0500 Message-ID: To: =?UTF-8?Q?Network_Neutrality_is_back=21_Let=C2=B4s_make_the_technical_asp?= =?UTF-8?Q?ects_heard_this_time=21?= , Make-Wifi-fast Cc: Avery Pennarun Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Subject: [Make-wifi-fast] Attackers breach plume X-BeenThere: make-wifi-fast@lists.bufferbloat.net X-Mailman-Version: 2.1.20 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 16 Nov 2023 20:29:57 -0000 Plume is one of the biggest sellers of "managed wifi devices". Now breached= . https://cybernews.com/news/plume-data-breach/ I have not ever used their stuff (why should I hand *any* details of *my* network to a third party? I trust my builds of openwrt only), but the last I had heard (5 years ago) was Plume had managed to get fq_codel running on two out of three devices they had, but not deployed, so I assumed they were managing little that I cared about, while sharing stuff I did not want them to have. On the other hand, if attackers twere white hat in any way - or an independent researcher were to look over all the files... especially the wifi stats - hoo boy! what a great global view into wifi behaviors that no-one else has in the world today. I wonder what that would be worth on the black market... "hey buddy, you wanna know what fire tv sticks are really doing on networks?" [1] Cross posting this to nnagain in part because of the twisted thought in a title ii world: What is the ISP supposed to do about compromised devices they can see? In this case the plume OUI MAC address is visible to the edge router. What of transient compromise - once breached, other backdoors installed elsewhere? [1] (one thing few knew about chromecast and other wireless stick devices in 1996 is a huge percentage of them were wedged into a few inches from the tv to the AP, overdriving the wifi antennas, messing up the network for everyone) - google's published research here: https://apenwarr.ca/diary/wifi-data-apenwarr-201602.pdf Having never heard a plume rep call anyone and tell them to use a wire for their tv instead... makes me dispute the value of plumes "managed wifi" and not having seen a drop of public research out of them and their insane stock price... ummmm... Also the tv sticks, many ap routers, all tablets (well the kindle is lame), are more than powerful enough to be actively sniffing the air of not just the local network, but ones nearby. --=20 :( My old R&D campus is up for sale: https://tinyurl.com/yurtlab Dave T=C3=A4ht CSO, LibreQos