[Noisebridge-discuss] Security implications of plug computers
cantino at gmail.com
Mon Feb 28 21:45:05 UTC 2011
Good reply, thanks Dr. Jesus. There's also
On Mon, Feb 28, 2011 at 11:46 AM, Dr. Jesus <j at hug.gs> wrote:
> On Mon, Feb 28, 2011 at 9:41 AM, Andrew Cantino <cantino at gmail.com> wrote:
>> I just wrote an article about how plug computers are a big potential
>> security problem. What do you think? Have any of you played with a
>> SheevaPlug yet?
> At least you can get datasheets and source code for the firmware. Can
> you say the same for your phone's radio processor or SIM?
> A few points: the wireless parts being used in the plug computers are
> all hard MAC, so they don't do sniffing or injection out of the box.
> You can also load the OLPC thinfirm package on them to get raw
> injection/capture but it's just not stable. You're right that it's
> possible to add some USB wireless interfaces, but then it becomes much
> less inconspicuous.
> Sure, they're cheap platforms with lots of fast I/O options, but
> attackers continue to have access to options which involve $0 of
> hardware. I'm a lot more worried about those problems than I'm
> worried about someone being able to physically install hardware in a
> controlled area.
More information about the Noisebridge-discuss