[OpenWrt-Devel] [PATCH] base-files utils/busybox: Make requiring login in console default for easily accessed devices

Michael Richardson mcr at sandelman.ca
Sat Dec 26 00:00:03 EST 2015

Sami Olmari <sami at olmari.fi> wrote:
    >> at the moment the user *is* used to a key mismatch, because
    >> every box comes up with and another key.

    > No need to generate another weak point just because there can be another
    > similar one...

And, there is work at the IETF and the IEEE that could make this much less of
a problem, and IPv6 link-local addresses are not all

    > More general, should a bad guy have physical access to an device, be it
    > embedded router or full server, the game is mostly lost at that point
    > already... He can allways take out the hard disk and boot own linux and read
    > the contents etc...

True, but given wifi, the attacker doesn't have to have physical access to
the device.  Given that people want to put devices in all sort of places
where physical access may be easy...

    > So, to recap, bad guy + physical access = game over, no matter what you try
    > to do...


]               Never tell me the odds!                 | ipv6 mesh networks [
]   Michael Richardson, Sandelman Software Works        | network architect  [
]     mcr at sandelman.ca  http://www.sandelman.ca/        |   ruby on rails    [
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org

More information about the openwrt-devel mailing list