[OpenWrt-Devel] [PATCH] base-files utils/busybox: Make requiring login in console default for easily accessed devices

Michael Richardson mcr at sandelman.ca
Sat Dec 26 00:00:03 EST 2015


Sami Olmari <sami at olmari.fi> wrote:
    >> at the moment the user *is* used to a key mismatch, because
    >> every box comes up with 192.168.1.1 and another key.

    > No need to generate another weak point just because there can be another
    > similar one...

And, there is work at the IETF and the IEEE that could make this much less of
a problem, and IPv6 link-local addresses are not all 192.168.1.1.

    > More general, should a bad guy have physical access to an device, be it
    > embedded router or full server, the game is mostly lost at that point
    > already... He can allways take out the hard disk and boot own linux and read
    > the contents etc...

True, but given wifi, the attacker doesn't have to have physical access to
the device.  Given that people want to put devices in all sort of places
where physical access may be easy...

    > So, to recap, bad guy + physical access = game over, no matter what you try
    > to do...

probably.

--
]               Never tell me the odds!                 | ipv6 mesh networks [
]   Michael Richardson, Sandelman Software Works        | network architect  [
]     mcr at sandelman.ca  http://www.sandelman.ca/        |   ruby on rails    [
_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel



More information about the openwrt-devel mailing list