[plug] Safely using an untrusted router

Brad Campbell brad at fnarfbargle.com
Tue Oct 20 04:01:48 UTC 2015

On 20/10/15 11:47, Dirk wrote:

> I might have to look into using a modem in pass-through mode, and
> hopefully my ISP can enable the PPPoE at their end.

Is your router currently configured for pppoe or pppoa?

> Does your Billion modem have any firmware that can be updated or
> compromised (i.e. wouldn't solve my issue), or is it all hardware?

All modems/routers have firmware that can be updated and compromised. By 
using the modem in passthrough mode it'd have to be modifying the ppp 
encapsulated packets on the fly. Not impossible, but a bit more complex 
than just re-routing IP packets using the kernels filtering 
infrastructure. There hasn't been a 'hardware only' modem in 30 years.

> Btw, I'm considering using a Raspberry Pi (not sure how secure Raspbian
> is though), to get around the possibility of BIOS malware in my PC, as I
> can verify the integrity of the Pi's 'firmware' by rewriting the OS onto
> a small SD card each time I need to access important online accounts.

How can you verify the integrity of the PI? I thought it had some binary 
blob drivers for the GPU. That's no more secure than the BIOS in your PC.

More information about the plug mailing list