<div>Oops, my error, I think I'm already using PPPoE. But don't you lose the firewall of NAT (re unsolicited traffic) in pass-through mode? ...and a MITM in the modem could still play funny games if your traffic isn't encrypted from your computer.</div><div><br></div><div>Am I wrong in thinking a VPN (set up on the PC, not in the router) would offer far greater security through an (any) untrusted router? I mean, isn't that what is recommended for people logging into their corporate network remotely (say from a hotel, etc)...?</div><div><br></div><div>As far as I know, the RPi incorporated the GPU driver with the OS in the one big blob that goes on the SD card. As such, you can verify the integrity of everything volatile / rewriteable before using it, with a simple MD5 checksum across the whole SD device. ...but I may be mistaken :)</div><div><br></div><div>Btw, they should make modem routers (and USB controllers, motherboards, hard drives, etc) with non-volatile firmware, or firmware inserted via microSD card, so it can be replaced and verified, according to known checksums. Am I the only one who would pay for this? Anyway, I digress.</div><div><br></div><div>Cheers, Dirk</div><div><br></div><div><br></div><div><br></div><div><br>On Tuesday, 20 October 2015, Brad Campbell <<a href="mailto:brad@fnarfbargle.com">brad@fnarfbargle.com</a>> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">On 20/10/15 11:47, Dirk wrote:<br>
<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
I might have to look into using a modem in pass-through mode, and<br>
hopefully my ISP can enable the PPPoE at their end.<br>
</blockquote>
<br>
Is your router currently configured for pppoe or pppoa?<br>
<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Does your Billion modem have any firmware that can be updated or<br>
compromised (i.e. wouldn't solve my issue), or is it all hardware?<br>
</blockquote>
<br>
All modems/routers have firmware that can be updated and compromised. By using the modem in passthrough mode it'd have to be modifying the ppp encapsulated packets on the fly. Not impossible, but a bit more complex than just re-routing IP packets using the kernels filtering infrastructure. There hasn't been a 'hardware only' modem in 30 years.<br>
<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Btw, I'm considering using a Raspberry Pi (not sure how secure Raspbian<br>
is though), to get around the possibility of BIOS malware in my PC, as I<br>
can verify the integrity of the Pi's 'firmware' by rewriting the OS onto<br>
a small SD card each time I need to access important online accounts.<br>
</blockquote>
<br>
How can you verify the integrity of the PI? I thought it had some binary blob drivers for the GPU. That's no more secure than the BIOS in your PC.<br>
<br>
<br>
_______________________________________________<br>
PLUG discussion list: <a>plug@plug.org.au</a><br>
<a href="http://lists.plug.org.au/mailman/listinfo/plug" target="_blank">http://lists.plug.org.au/mailman/listinfo/plug</a><br>
Committee e-mail: <a>committee@plug.org.au</a><br>
PLUG Membership: <a href="http://www.plug.org.au/membership" target="_blank">http://www.plug.org.au/membership</a><br>
</blockquote></div>