[173479] in North American Network Operators' Group
Re: EFF gets into the CPE router software business..
daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@vt.edu)
Fri Jul 25 13:23:17 2014
X-Original-To: nanog@nanog.org
To: George Herbert <george.herbert@gmail.com>
In-Reply-To: Your message of "Thu, 24 Jul 2014 22:06:38 -0700."
<656B966B-803B-41DB-B0EA-B8C590C4692C@gmail.com>
From: Valdis.Kletnieks@vt.edu
Date: Fri, 25 Jul 2014 13:22:03 -0400
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
--==_Exmh_1406308923_2052P
Content-Type: text/plain; charset=us-ascii
On Thu, 24 Jul 2014 22:06:38 -0700, George Herbert said:
> Any idea how well CeroWRT stands up to nation-state level intrusion efforts?
If they are as determined as FBI v Scarfo (the FBI pulled a black bag job
to install a keystroke logger in a mobster's PC to capture his PGP passphrase),
it's pretty much "game over". Isn't much the average router-class hardware
can do to protect itself at that point.
The second big challenge is that to the best of my knowledge, there exist
no router-class hardware that includes a TPM chip, which means that you're
not going to be able to implement a trusted boot environment. This means that
we're stuck with trusting at least part of the boot process (though we can
probably trust the first stage boot loader on a 3800, as that appears to be
in an actual ROM, and we'll have to trust the bootstrap code on the flash,
but if we use a signed kernel, everything after that can have some trust
attached.)
There's a number of attack surfaces left on CeroWRT, starting with the usual
"find a 0-day and point it" - good targets there are the Linux network stack,
the IPtables code, dropbear (which is nice, but almost certainly not audited
as heavily as OpenSSH), and Luci. And yes, reflecting an attack off a browser
behind the router is *very* much in scope - *most* of the pwned router attacks
we see come from javascript or other executables pointed at the usually
well-known router address from a PC behind the router.
All the way to pulling a MITM on downloads from Dave Taht's repositories. The
combination of DNSSEC, trusted crypto signatures on the dowload package, and
OpeWireless's plans to use Tor to do the software download should make it a
*lot* harder to attach via that route.
And the rabbit hole goes *much* deeper - see Ken Thompson's "On Trusting Trust",
which itself got the idea from Karger and Schell's analysis of Multics security.
http://cm.bell-labs.com/who/ken/trust.html
Actually, Karger and Schell is a good read if you haven't done so - that *was*
a nation-state funded intrusion effort. :)
http://www.acsac.org/2002/papers/classic-multics-orig.pdf
They were nice enough to go back 30 years later and tell us what we had
learned in the meantime. tl;dr: Not much.
https://www.acsac.org/2002/papers/classic-multics.pdf
Hope that 15-minute analysis helps....
--==_Exmh_1406308923_2052P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Exmh version 2.5 07/13/2001
iQIVAwUBU9KSOwdmEQWDXROgAQJVmBAApnwB+hJrJim/YltHsKWZLhFp562qvA1y
ouSqrMJCwRVgP1s9xlWeqzFWXU+1Pq2e7J0oIJRUBV5jZRQrytb+DZIH7yMKJ8y3
OfV1c0rOACgqxqZx1EQFSQ3UTDmK/PauwA9MkUoxW/iQvT3ZoRQMGlAA8nssxs+h
LIaZgfIsvuDdskAVxC5BhknmEN2lXsm/5gAmWPLcacB9o3kie24qVIi36SJxPVtl
PoazWHYpY1cPr9zqGQt4ls8c4mEWH0qJmiFn35Kiy0QQJ/5/EjmTxckYcMFB+Nla
ejned61KuXqQL2J5ykUuGQu+zDaMcbPsGhZZFcbHUse+0y0gvKxS7VAYKFAq0ARw
VG3FdXB/0pjXZSwjItGrcnJhV3EUXKS8lFT27OOKF2EwK92NC3/FT/+Jf2cmSaeM
Sfxz3NxL9cnWFOCcWH/6m3H+UrMQ2LgM1SmYv6Oz+KxZla7s/vN7fUAwMNKFuNo7
GatKYQzWx2WNlJf/MwMPA1aXHFfYM3Lf1bBsH6fW2Kwfu3O17eEfkrF/XMxE6e57
d+dqVgnXdPPtH6J8fe89ZGKa9oCRpsvX/tBurhrmTW9N4kk2wHN7FbcII7B7I3oA
nmLk3JrH6RozOX9P1H1b6bTlkmL+l+bH37EV2mNqK5P0Y55PPf6Bh2agc6LxmLXC
gDZW/itF9qs=
=WUAa
-----END PGP SIGNATURE-----
--==_Exmh_1406308923_2052P--
