home bbs files messages ]

Forums before death by AOL, social media and spammers... "We can't have nice things"

   comp.misc      General topics about computers not cover      21,759 messages   

[   << oldest   |   < older   |   list   |   newer >   |   newest >>   ]

   Message 20,048 of 21,759   
   Sylvia Else to All   
   Re: Security? What "Security"?   
   14 Oct 24 11:24:16   
   
   XPost: comp.os.linux.advocacy, misc.news.internet.discuss   
   From: sylvia@email.invalid   
      
   On 11-Oct-24 10:17 pm, Sn!pe wrote:   
   > My pet rock Gordon asserts that every networked device has a backdoor.   
   > Therefore, anything viewable in clear on that device is insecure and the   
   > quality of message encryption is moot.   
   >   
      
   An initial question is what exactly is meant by "backdoor". Any   
   networked device that is capable of remote update by the vendor can   
   presumably be updated by the vendor to do anything that any device on   
   your network can do. But this does not imply that anyone else can do   
   that. Of course it does mean that you security depends on the security   
   of the vendor, which is an unknown quantity. This is partly why the few   
   remotely updatable devices that I do own are fire-walled off from the   
   rest of my internal network.   
      
   Few networked devices accept incoming connections, for the simple reason   
   that they're unlikely to get past a gateway router. Most work by making   
   outgoing connections to the vendor's server. The better implementations   
   require an authenticated server certificate, which makes impersonation   
   of the vendor pretty much impossible. Without a certificate the   
   intending intruder may engage in something like a DNS cache poisoning   
   attack, but they have become more difficult over the years.   
      
   If one is to worry about back-doors, the main vulnerability is the   
   router itself, and this has indeed been a problem in the past,   
   especially where the ISP has the ability to update firmware or change   
   settings, because now one is dependent on the security of the ISP, which   
   is not always been up to the task.   
      
   Commercially supplied routers have a bad record of vulnerabilities. I   
   use a small single board computer as a gateway instead.   
      
   Sylvia.   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)   

[   << oldest   |   < older   |   list   |   newer >   |   newest >>   ]


(c) 1994,  bbs@darkrealms.ca