[plug] Safely using an untrusted router

Dirk justanothergreenguy at gmail.com
Wed Oct 21 04:43:19 UTC 2015

No, I don't trust my modem router (and nobody should IMHO) given how easily
they're getting hacked, and how infrequent the firmware is updated (if at
all).  Router security has been found time and time again to be
poorly implemented (eg. in some cases you can't disable UPnP (despite
ticking the checkbox), can't disable WAN-side admin (despite ticking the
checkbox), WPS is broken, port 32764 funny games, services running inside
the router that shouldn't be, etc etc).  Anyway, best not to trust a
consumer router.  It's an easy target for hackers these days.  Better to
treat it like a public wifi hotspot.

I trust my ISP a lot more than my modem router.  I rely on a reduced set
of valid TLS certs (including OCSP verification) to ensure I'm connecting
to the right destinations.  I trust my ISP pays far more attention to
maintaining its network security, than router manufacturers do in
maintaining their products after purchase.  I think that's a reasonable
position to take.

I agree with you that security can be broken anywhere along the line
(stolen private TLS certs, malverts served up, etc), but we're all in the
same boat.  We're all relying on TLS certs, strong encryption,
strong server-side user authentication, etc).

Agreed, RPi firmware may already contain a backdoor.  Just an option I was
going to look into down the track, for defeating persistent threats
like BIOS malware.

At the end of the day, I should at least be able to fetch uncorrupted
package lists and security updates for my Linux OS.

I still suspect my router, and was hoping a VPN to a trusted ISP would be
an easy solution, to defeat any funny games inside my home router.

What do you all do to ensure you're getting a trustworthy connection to
your ISP?

Do you all trust your home routers?

On Wednesday, 21 October 2015, Brad Campbell <brad at fnarfbargle.com> wrote:

> On 20/10/15 13:17, Dirk wrote:
>> Oops, my error, I think I'm already using PPPoE.  But don't you lose the
>> firewall of NAT (re unsolicited traffic) in pass-through mode? ...and a
>> MITM in the modem could still play funny games if your traffic isn't
>> encrypted from your computer.
> In my case NAT is performed on the server that handles the PPPoE
> connection. You appear not to trust your modem, but seem to have implicit
> trust in your ISP and everything between the ISP and what you are
> connecting to.
> Am I wrong in thinking a VPN (set up on the PC, not in the
>> router) would offer far greater security through an (any) untrusted
>> router?  I mean, isn't that what is recommended for people logging into
>> their corporate network remotely (say from a hotel, etc)...?
> As I said above, if the only piece of untrusted gear is your home router,
> then yes the VPN will help. Your faith in everything else being completely
> trustworthy is misplaced however.
> As far as I know, the RPi incorporated the GPU driver with the OS in the
>> one big blob that goes on the SD card.  As such, you can verify the
>> integrity of everything volatile / rewriteable before using it, with a
>> simple MD5 checksum across the whole SD device. ...but I may be mistaken
>> :)
> So what if the blob already contains a backdoor? No point verifying the
> MD5 of a compromised blob.
> If you are really concerned, talk to some real IT security professionals
> and do a proper Threat, Vulnerability & Risk Assessment (TVRA). Manage the
> real risks rather than the perceived risks.
> I get the idea you seem to think your highest level risk is a firmware
> compromise. Lets start from basics. What are you actually trying to protect
> against? (ie what threat are you mitigating by cutting the router out of
> the loop?)
> _______________________________________________
> PLUG discussion list: plug at plug.org.au
> http://lists.plug.org.au/mailman/listinfo/plug
> Committee e-mail: committee at plug.org.au
> PLUG Membership: http://www.plug.org.au/membership
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.plug.org.au/pipermail/plug/attachments/20151021/0e045b42/attachment.html>

More information about the plug mailing list