On 10/28/13 11:56 -0800, John Gilmore wrote:
Many DSL modems contain a small switch, which if it's the only switch in a small home or office network, would make all packets among local nodes accessible to malware running in that DSL modem.
And most DSL modems are provided by your giant telco DSL provider -- such as AT&T -- which we already know has a long history of covertly sucking up to NSA. Besides their longstanding cooperation on domestic and foreign fiber taps, they also produced the first-and-only Clipper Chip subverted "telephone security device" for making voice calls that "nobody but NSA" could listen to. How hard would it be, really, for them to subvert all their DSL modems to wiretap your LAN?
Many DSL modems that I've evaluated are Linux based, and are subject to GPL requests. I've gotten my hands on a build tarball from a couple of different vendors which include a cross compiler, GPL source (for the portion of the code which is not proprietary), compiled Linux kernel (which contains proprietary drivers), and one or more proprietary binaries which, from what I can tell, are primarily used to maintain the local configuration. The result is a firmware which voids your warranty when uploaded, but works. Vendors often use the same firmware base, which is typically provided by the chipset vendor (e.g. Broadcom). There were several modems I could break root shell on with a shell escape sequence from the telnet/ssh menu. None of this may be available if you're using an xBell branded modem (or whoever your telco is). However, if you know a few details about your xDSL connection (vpi/vci etc.), you could likely purchase your own modem, using your own generated firmware. Granted, there are still proprietary software components involved.
And how would you know if they had done so? It's so convenient that all AT&T DSL modems have a high bandwidth upstream connection to AT&T's central office switches. And even better that consumers have no idea what packets are going up and down over that DSL signalling, because they have no equipment for monitoring raw 2-wire DSL lines (the way they could fairly easily detect inappropriate packets traveling on an Ethernet, with a little free software and a little replugging of Ethernet equipment).
Generally xDSL connections do not use a high amount of upstream bandwidth, unless you've got ADSL2+ Annex M or VDSL2 going on. Your modem, if you have access, will report the up and down sync rate, which is consistent with the rate reported by the DSLAM in my experience. To attempt to transmit data outside of the DSL layer, using frequencies outside of the sync rate is difficult, would involve cooperation from a lot of different vendors, and would be a poor used of resources. Compromise of your data would more likely be handled in software, at layer 3. Placing your modem in bridged mode, with an open source router behind is a very good idea (as you mentioned). -- Dan White BTC Broadband _______________________________________________ The cryptography mailing list cryptography@metzdowd.com http://www.metzdowd.com/mailman/listinfo/cryptography