Bastards.
There's a more in-depth analysis of windows being a rootkit, and the new MS privacy policy explicitly stating that they harvest everything.
And the proposed FCC wifi rule is a horror--outlawing changing firmware ona wifi-enabled device--even a Raspberry Pi!
I've been stocking up on small routers that can run OpenWRT, just in case.
Cheers
Phil Hobbs
Something to hide, citizen? If you've done nothing wrong, you have nothing to fear.
Terrorist...
-- John Devereux
nts
MS privacy policy explicitly stating that they harvest everything.
na wifi-enabled device--even a Raspberry Pi!
.I'm not sure it is quite as crazy as you make it sound.
if you can change the firmware that controls the radio there is not much point in the radio being certified in the first place.
afaict it only covers radios that use 5GHz because that potentially interfe res with weather radar and some emergency service
I don't think a raspberrypi would be affected, the wifi on usb not the main SOC
-Lasse
On Sun, 06 Sep 2015 14:10:40 +0100, John Devereux Gave us:
This idiot drank the kool aid.
1984 in your face, dumbass.
The current proposal (8 Sept. deadline to comment) targets devices using the 5 GHz band.
The 5 GHz band is part of the "Unlicensed National Information Infrastructure (U-NII)" regulatory domain - not the same as the ISM bands which include other uses - microwave ovens, ion thrusters, plasma cleaners... Maybe this is the nose into the tent.
-- Grizzly H.
There's a more in-depth analysis of windows being a rootkit, and the new MS privacy policy explicitly stating that they harvest everything.
That would be my interpretation - the rules are to cover the Wifi firmware in the Wifi chip/module, rather than the system to which it is connected. Updating a router with OpenWRT or playing with a Raspberry Pi is akin to installing an OS on your PC - while the FCC want to stop you putting new firmware on the Wifi card or USB dongle.
As far as I understood it, the certification rules for radio transmitters around the world (not just the FCC) already have restrictions on the firmware on the Wifi transmitter itself.
Of course, this could be a case of some half-wit at the FCC not understanding the situation properly, and attempting to limit user control of routers.
SOHO routers are trivially hackable, and rarely patched. There's at least one big botnet consisting of hacked routers.
Making devices which require physical user intervention to change firmware would be a very fine idea--let's start with BIOS, USB keys, and hard disks.
Somebody should make a SATA dongle that does that. Shouldn't be that hard.
Cheers
Phil Hobbs
-- Dr Philip C D Hobbs Principal Consultant ElectroOptical Innovations LLC Optics, Electro-optics, Photonics, Analog Electronics 160 North State Road #203 Briarcliff Manor NY 10510 hobbs at electrooptical dot net http://electrooptical.net
I often receive information covered by federal court protective orders, and have a lot of NDAs that require me to protect other people's information, just for a start.
Cheers
Phil Hobbs
-- Dr Philip C D Hobbs Principal Consultant ElectroOptical Innovations LLC Optics, Electro-optics, Photonics, Analog Electronics 160 North State Road #203 Briarcliff Manor NY 10510 hobbs at electrooptical dot net http://electrooptical.net
That's true (at least for many types of SOHO router - quality and security varies). But that is none of the FCC's concern - they are (or should be) concerned about transmission of radio noise, not botnets and malware.
That would not be a bad idea, IMHO.
They will have good faith belief as soon as someone signs a check.
om:
tent >(such as the content of your emails, other private communications or files in >private folders), when we have good faith belief that doing so is necessary."
or a 3 letter agency tells them to
-Lasse
On Sun, 06 Sep 2015 17:41:59 +0200, David Brown Gave us:
Way more than you are after or could comprehend the depth of function of, but...
How does the software industry escape product liability?
I smell a touch of satire here.
If not, then please post your email password.
No? Why not?
-- RoRo
At least *someone* got it! :)
I thought "citizen" would have been enough of a giveaway for anyone, but no...
-- John Devereux
If in doubt, go into your router setup and disable administration on the WAN port (so only local ports, under your physical control, can replace firmware). Replace firmware with a fresh copy from the manufacturer (if you can trust that source). Check to be sure that it's still blocked from WAN port administration before you reconnect to the internet.
Amen. Hard disks with multiple megabytes of RAM cache obviously could do some serious darkside computing, if they could be suborned. What would you do, if a disk were to count power-ups and on the seventeenth such, encrypt its contents?
On Sun, 06 Sep 2015 11:19:49 -0700, John Larkin Gave us:
Shit. Not only that... How do they escape product REliability?
This is why open source and Linux and FOSS are good things and places where universities and scientists "congregate".
On Sun, 06 Sep 2015 19:27:29 +0100, John Devereux Gave us:
We do not need to worry about such things up here on planet Tralfamador.
Some asshole *will* push the button.
And we so richly deserve it. Humans are pathetic.
uld
It's worse than that. It makes a persistent threat that can't be removed ev en by wiping the disc and reinstalling the OS, very much like a BIOS hack.
Disc firmware can be reflashed using ordinary ATA commands, hence the need for a dongle to intercept those.
Cheers
Phil Hobbs
That is a good start, but we should not assume the HDD manufacturers are acting in our interest, after all, the spy agnecies must be about the best customers a HDD manufacturer could possibly want, and perhaps HDD makers might be persuaded to jump through some hoops to get those contracts.
If we assume that the HDD FW may have been designed to spy on you, then there could be special sequences of data that are sent in regular write commands (e.g. cacheing data from a webpage) (or even sequences of reads) to give the hidden command to search the HDD and exfiltrate data in other read commands, and/or substitute special versions of the executables that you tried to store on the drive.
Iff you could trust the CPU and chipset and mobo bios, then a decent work-around might be to develop an open design for a slow, small (few dozen MB) very trustworthy boot drive (ideally that can be hardware write protected) which loads a software disk encryption driver which is then used to encrypt all data to/from the main, untrustworthy large HDD. If the encryption is good then there is little that the main HDD can do even if it is malicious, because any data that it inspects is encrypted, and any data that it tries to exfiltrate or substitute for an executable will not work because the decryption scrambles their payload.
Of course if the applications get subverted then they see the unencrypted data whatever we do for the HDD, but at least there is more chance of someone eventually noticing and fixing that, unlike activities of the HDD firmware.
Chris
ElectronDepot website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.