> On Wed, Sep 4, 2013 at 7:33 PM, Robert Guerra <[email protected]> wrote: >> >> Curious on people's comments on types of routers, firewalls and other >> appliances that might be affected as > well as mitigation strategies. Would >> installing a pfsense and/or other open source firewall be helpful in >> anyway at a home net location?
So this might get me flamed out of libtech, but.... There's this commercial solution done by a couple of folks out of Columbia. They owned up some Cisco VOIP phones and then thought "How could we make it really hard to own embedded devices like this and routers?" and basically they wrote their own agent that they mutate (so every install is different) and then timeslice its execution in a RTOS by instrumenting a vendor firmware image. I've seen it work in demo devices, and they say they have it working pretty well on a lot of stuff. It looks super snake oily, and I can't claim to have any experience with it beyond their 30 minute talk and demo, but I was convinced it was worth investigating much more. Also, being academic backgrounded, they have research papers explaining a lot of it. http://www.redballoonsecurity.com/technology.html -tom -- Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at [email protected].
