[Freedombox-discuss] freedombox & blackhats

Matt Willsher matt at monki.org.uk
Mon Feb 28 18:31:46 UTC 2011


On 28 February 2011 18:06, Thomas Lord <lord at emf.net> wrote:

> 1. The network hardening and stealth communications
> ambitions of FreedomBox might *also* be a boon to
> blackhat applications.   That might give some people
> and organizations incentive to interfere with or
> corrupt those aspects of FreedomBox development.

Know your network. Goal 5 of the stated goals of FB is the protection
of the users' network and other infrastructure. Mitigation through use
of such things as network scans, WAP detection and analysis, checks on
the border (although the FB presently not to be a router) may help
with this and alert the user to problems.
There is no reason to trust a home LAN and much more than the raw
Internet - sure there are perimeter guards but they are not infalible
(see XSS attacks against routers with default usernames and passwords
for a cheap example)
If further gives good reason for cfengine or similar to make sure
configs don't drift (my person little drum I bang on from time to time
:) ).

> 2. If it is born out that such features are an important
> new security threat, presumably there will be investment
> in R&D to create and sell counter-measures to FreedomBox-style
> mesh networking, tunneling, etc.

 IDS (snort, tripwire) are useful tools even on leaf nodes. The system
itself will be well know to itself, making change detection pretty
simple for the less subtle of attacks.

> To be clear: I don't see anything that "needs to be done"
> in response to these speculated problems other than,
> perhaps, to keep them in the back of our minds.

I believe if we can do something we should. FB should be self
protecting, self healing and largely self managing.

I have been meaning to write up some thoughts on goal 5 on the wiki
and I'll do so just as soon as my evenings free up a bit.



More information about the Freedombox-discuss mailing list