[Mesh] Fwd: Re: NSA and OpenWRT

[Charles N Wyble]

Would someone mind setting reply to list instead of sender?


-------- Original Message --------
From: Charles N Wyble <charles at thefnf.org>
Sent: Fri Dec 06 08:29:40 CST 2013
To: Mitar <mitar at tnode.com>
Subject: Re: [Mesh] NSA and OpenWRT

Calea doesn't need to mod the end modem to do interception. If you are transiting the modem, you are going through the CO, where they can tap. 

Tr069 is a really nice standard for mass configuration at scale. Open source bits exist, I've not been able to play with them yet. 

So the linked technologies aren't really in support of the articles main point. 

Now in the case of all in one residential gateways, internal traffic is very susceptible to intercept. 

My home network is setup like this

Cable modem -> pfsense edge router -> core switch (cisco 3550) -> core ap (wndr3800 running openwrt). 

I've also tapped the outside of the pfsense (modem Ethernet side) and seen very large amounts of neighborhood WAN traffic. So I don't even need to be the government or telco to spy. Just think, they only need to comp some modems per neighborhood to see everything. 

I run all my DNS lookups over a VPN connection to a non logging resolver in an on net facility. I've considered running all my traffic out the Colo and via tor, but I'm not that paranoid yet. He he. 

Interesting article for sure. Remember that openwrt can be comped as well and WiFi can be trivially tapped. 


Mitar <mitar at tnode.com> wrote:
>Hi!
>
>Maybe of interest to some:
>
>https://forum.openwrt.org/viewtopic.php?id=47703
>
>
>Mitar

-- 
Charles Wyble charles at thefnf.org 
818 280 7059
CTO / co founder thefnf.org and guifi.us 
-- 
Charles Wyble charles at thefnf.org 
818 280 7059
CTO / co founder thefnf.org and guifi.us