On Fri, Apr 09, 2004 at 05:56:18PM -0400, sunder wrote: > I've not seen, nor played with any of these, *BUT*, heed this warning > which applies to all devices (and software?) that are 1) closed source and > 2) offer some useful service which you'd be tempted to place inside your > network, 3) are allowed to communicate with the outside world.
I cited those routers as instances of consumer-type cheap VoIP with encryption, which thwarts goverment-mandated tapping by ISPs. Exploiting built-in backdoors or remotely exploitable vulnerabilities is a different threat model. I definitely hope routers with DynDNS/VPN/VoIP and POTS jacks will become more widespread, and use opportunistic encryption as default. I personally am not going to buy the router, as it is lacking functionality and flexibility of a Linux-based firewall. I'm waiting for a passively cooled ~GHz VIA C3 motherboard with two NICs and external fanless power supply to ditch my current proprietary, rather braindead firewall. I've already verified IDE-cf adapters do very nicely, and there are dedicated distros like http://www.nycwireless.net/pebble/ which don't wear down the flash with r/w on /tmp and similiar. Should I stick with Linux (there's /dev/random and VPN support in current kernels for the C3 Padlock engine, right?) with SELinux or try OpenBSD for a firewall type machine with hardware crypto support? -- Eugen* Leitl <a href="http://leitl.org";>leitl</a> ______________________________________________________________ ICBM: 48.07078, 11.61144 http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net
pgp00000.pgp
Description: PGP signature
