[Freedombox-discuss] freedombox & blackhats

Thomas Lord lord at emf.net
Mon Feb 28 18:47:48 UTC 2011 

I didn't mean to distract with a big long 
discussion of freedombox & blackhat.   Not
worth it.   Distracting.

My main point for the FreedomBox project remains:

1) Don't act so surprised if we experience
overt or covert resistance.

2) A vigorous market for countermeasures to our network
hardening and stealth communications features 
won't be surprising either.

What I really DON'T want to do here - aside from
distract from the mission - is have us all 
brainstorming attacks and countermeasures.   That
can get not just distracting but downright counter
to mission, quickly.  Thanks.


One last reply, from me, for fun, breaking my 
own brainstorming rule just this once:



On Mon, 2011-02-28 at 10:31 -0800, Matt Joyce wrote:
> Most large networks I've been to that care about security would notice
> a machine hardwired into their network that wasn't pre-approved based
> off the mac address of the ethernet interface alone.  They'd be able
> to locate it just by the wirepath.

You don't a mac address to sniff ethernet.  You do need
unusual hardware.   My point is that, having done that -- 
FreedomBox style robust / stealth comms software helps
your mission.  

Also it's not only network.  As the article mentions:
"Attach a camera or other sensor payload and use as
an over-the-internet video bug."  A (very slightly)
sophisticated MAC-less ethernet tap would be an 
example of a "sensor payload".

> Wireless is a different issue, but most internal wireless is
> configured to only allow vpn traffic to their own gateway... so again
> blocked.

As the article puts it:

"Most locations have multiple 3rd party networks overlapping
their physical space, which, if cracked, could be used as
back channels for the plug computer to phone home."

Of course, in spaces that don't have such 3rd party networks,
an ambitious party could create some at just barely enough
power and just barely the right locations to work while
hopefully being unnoticed by anyone sitting across the 
hall hunting for them.  

Again, the mesh features we're talking about are an example
of what really helps with that. 

I should emphasize that the emerging threat is not unique
to plugs or solely related to plugs.   There's a whole 
trend in building "smart buildings" and "environmental 
sensors" with lots of very low power, mesh-forming, very 
dumb devices.   It will be easy to hide stealthy IP 
connectivity and such in all that noise.

More information about the Freedombox-discuss mailing list