[plug] Safely using an untrusted router

Brad Campbell brad at fnarfbargle.com
Wed Oct 21 03:18:50 UTC 2015

On 20/10/15 13:17, Dirk wrote:
> Oops, my error, I think I'm already using PPPoE.  But don't you lose the
> firewall of NAT (re unsolicited traffic) in pass-through mode? ...and a
> MITM in the modem could still play funny games if your traffic isn't
> encrypted from your computer.

In my case NAT is performed on the server that handles the PPPoE 
connection. You appear not to trust your modem, but seem to have 
implicit trust in your ISP and everything between the ISP and what you 
are connecting to.

> Am I wrong in thinking a VPN (set up on the PC, not in the
> router) would offer far greater security through an (any) untrusted
> router?  I mean, isn't that what is recommended for people logging into
> their corporate network remotely (say from a hotel, etc)...?

As I said above, if the only piece of untrusted gear is your home 
router, then yes the VPN will help. Your faith in everything else being 
completely trustworthy is misplaced however.

> As far as I know, the RPi incorporated the GPU driver with the OS in the
> one big blob that goes on the SD card.  As such, you can verify the
> integrity of everything volatile / rewriteable before using it, with a
> simple MD5 checksum across the whole SD device. ...but I may be mistaken  :)

So what if the blob already contains a backdoor? No point verifying the 
MD5 of a compromised blob.

If you are really concerned, talk to some real IT security professionals 
and do a proper Threat, Vulnerability & Risk Assessment (TVRA). Manage 
the real risks rather than the perceived risks.

I get the idea you seem to think your highest level risk is a firmware 
compromise. Lets start from basics. What are you actually trying to 
protect against? (ie what threat are you mitigating by cutting the 
router out of the loop?)

More information about the plug mailing list