I wonder what the prevalence of these IoT devices is doing to internet security. Your router firewall might prevent incoming connections, but these stupid devices are always dialing out to god knows where. Can that be used to compromise security?
I recently installed deep packet inspection in my firewall and it’s quite illuminating to see all of what’s going on. Why are devices in my home connecting to India?
I made a separate wifi network for the smart trash, they can't see each other and aren't allowed any ingress or egress. I then add individual firewall rules on a needed basis.
Personally I just gave up trying to maintain OpenWRT/whatever on the embedded ARM dumpster fire, and went back to using a generic Linux distro (NixOS) on amd64 machines for both router and APs (with appropriate minipcie wifi cards).
Reminder, HN, you all live in the real world. Chinese state sponsored cyber threat actors use orb networks that are primarily made via strung together off the shelf routers. The literal companies that build and maintain these ORB networks also resell this capability to Russian military intelligence and cyber threat actors.
They just made up a fancy term for the age old proxy... Basically lifting the longstanding criticism of their "attribution" into their realm of bespoke nouns as if it's something exceptional.
(I also found it extra annoying as my current working expansion of ORB is O-Ring Boss)
I wonder what the prevalence of these IoT devices is doing to internet security. Your router firewall might prevent incoming connections, but these stupid devices are always dialing out to god knows where. Can that be used to compromise security?
I recently installed deep packet inspection in my firewall and it’s quite illuminating to see all of what’s going on. Why are devices in my home connecting to India?
I made a separate wifi network for the smart trash, they can't see each other and aren't allowed any ingress or egress. I then add individual firewall rules on a needed basis.
This is the way. Mine’s called Io(shi)T.
Similar vibes to a single, older, creepy gentleman telling a group of young school children at the park not to talk to strangers.
links to this NSA press release dated April 7th https://www.nsa.gov/Press-Room/Press-Releases-Statements/Pre...
so NSA installed a backdoor to each router and now needs you to restart it to open the backdoor?
No, the old one wasn't good tested and it hang the router. They will send a new one OTA on the next reboot.
TP-link routers. Entirely unsurprising.
"Replace outdated routers" yeah good luck with that, they're all banned.
What happens if an American orders a router from Aliexpress? In the past the US generally ignored low volume end user imports..
> "Replace outdated routers" yeah good luck with that, they're all banned.
Where on earth are routers banned?
New models of foreign-made routers (i.e. all of them) were recently banned by the US FCC: https://www.nytimes.com/wirecutter/reviews/foreign-made-wi-f...
America. They're turning the country into a post-technological theocracy.
In this day and age, and we still lack formally-proven, FOSS/FOSHW, minimal consumer edge routers and WiFi APs.
OpenWRT One? Not sure about AP's though.
Personally I just gave up trying to maintain OpenWRT/whatever on the embedded ARM dumpster fire, and went back to using a generic Linux distro (NixOS) on amd64 machines for both router and APs (with appropriate minipcie wifi cards).
This is by design. Those who control the past (network traffic), control the future (network traffic).
Reminder, HN, you all live in the real world. Chinese state sponsored cyber threat actors use orb networks that are primarily made via strung together off the shelf routers. The literal companies that build and maintain these ORB networks also resell this capability to Russian military intelligence and cyber threat actors.
Was unfamiliar with orb networks. This [1] is a damn clever attack vector.
[1] https://cloud.google.com/blog/topics/threat-intelligence/chi...
They just made up a fancy term for the age old proxy... Basically lifting the longstanding criticism of their "attribution" into their realm of bespoke nouns as if it's something exceptional.
(I also found it extra annoying as my current working expansion of ORB is O-Ring Boss)
I am interested in hearing more about the US state sponsored cyber threat actors
Fast16, stuxnet, apt-c-40