LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 06-05-2006, 02:28 PM   #1
jsmith6
Member
 
Registered: Feb 2006
Distribution: Slackware 13.1 / 13.37
Posts: 91

Rep: Reputation: 16
would you trust a closed-source firmware on your DSL modem-router?


There is a question that is becomming more and more important since I begun with Linux: would you trust a DSL modem-router with a closed-source firmware?

Is a modem with close-source firmware something similar to closed-source software? Or a closed-source modem can be compensated with an open-source OS?

The modem with the open-source firmware is Linksys WAG354G or WAG54G/GS. The modem with the cloded-source firmware will probably be Zyxel Prestige 660HW/61.

The only reason that I am even considering Zyxel is because I am reading that it has much better performance.

Last edited by jsmith6; 06-05-2006 at 02:30 PM.
 
Old 06-05-2006, 02:33 PM   #2
b0uncer
LQ Guru
 
Registered: Aug 2003
Distribution: CentOS, OS X
Posts: 5,131

Rep: Reputation: Disabled
Well..if so many people trust a Windows operating system, and pretty many of them don't even download too many security updates (because it takes time and gets you annoyed at the "Please reboot" -prompt), I'd say yes, I would trust a modem/router with closed-source software. Well if my neighbour told me he'd breached it just last night, maybe not, but hey - if you can't trust your router, can you trust your mom?
 
Old 06-07-2006, 11:58 AM   #3
jsmith6
Member
 
Registered: Feb 2006
Distribution: Slackware 13.1 / 13.37
Posts: 91

Original Poster
Rep: Reputation: 16
Quote:
Originally Posted by b0uncer
Well..if so many people trust a Windows operating system, and pretty many of them don't even download too many security updates (because it takes time and gets you annoyed at the "Please reboot" -prompt), I'd say yes, I would trust a modem/router with closed-source software.
Yes, a lot of people use Windows. So?

The point was not only security but sincerity.

Each time I search for something in my hard drive, the criteria and the results are sent back to Microsoft. It "phones home", how cute I am sure there are more examples like this, and it one of the reasons I am moving to Linux.

Quote:
Originally Posted by b0uncer
if you can't trust your router, can you trust your mom?
You lost me. What is the relation of the trust that I show to my router with the one that I show to my mother?
 
Old 06-07-2006, 12:17 PM   #4
nx5000
Senior Member
 
Registered: Sep 2005
Location: Out
Posts: 3,307

Rep: Reputation: 57
would you trust a closed-source firmware in your BIOS?
 
Old 06-07-2006, 02:30 PM   #5
jsmith6
Member
 
Registered: Feb 2006
Distribution: Slackware 13.1 / 13.37
Posts: 91

Original Poster
Rep: Reputation: 16
Arrow

Quote:
Originally Posted by nx5000
would you trust a closed-source firmware in your BIOS?
No. But I don't have a choice there. Yet. Apart from that, does BIOS participate that actively in networking?

The possibility that this paranoia of mine may be outside the limits of practicality is been smoothed by the fact that an open-sourced firmware can lead to future improovements. So features and performance are not out of the game. This is what happened with WRT54G. The only point is "when?".

It's like those early days when proprietary OSs had better hardware response than Linux (only because it was too early for Linux, and hardware vendors haven't noticed Linux yet). The proprietary router has better performance but the other one is open-sourced.

A modem/router "phoning home" is an exaggeration? Ahh, maybe I will just use the "coin methode" to decide
 
Old 06-07-2006, 09:49 PM   #6
randyding
Member
 
Registered: May 2004
Posts: 552

Rep: Reputation: 31
My 1.5 cents, I don't think it matters if you can trust the firmware in the dsl/cable modem or not. Trust stops at eth0 of your linux firewall. The modem is part of the internet as far as security is concerned.
I mean what is there to care about, dropping packets, sending copies to covert government agencies, what? Who cares what it does.
Data that matters is encrypted as it goes through the modem/internet, and data that is not encrypted... well who cares?
 
Old 06-07-2006, 09:59 PM   #7
haertig
Senior Member
 
Registered: Nov 2004
Distribution: Mint, MX, antiX, SystemRescue
Posts: 2,337

Rep: Reputation: 358Reputation: 358Reputation: 358Reputation: 358
Yes and no.

Yes - because I own and use one.

No - because I still use iptables, tcpwrappers, stop unneeded services, etc.

Rings of security.
 
Old 06-12-2006, 09:32 AM   #8
jsmith6
Member
 
Registered: Feb 2006
Distribution: Slackware 13.1 / 13.37
Posts: 91

Original Poster
Rep: Reputation: 16
Quote:
Originally Posted by randyding
Trust stops at eth0 of your linux firewall. The modem is part of the internet as far as security is concerned.
Thank you for this prespective. It helped me decide.

Quote:
Originally Posted by haertig
Yes - because I own and use one.
This resembles a Windows zombie PC or just filled with spyware. The owner may have the priviledge to turn the PC on and off, sell or destroy it, but it literally belongs to someone else.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
DSL Modem/Router silkmaze Linux - Newbie 1 10-24-2005 07:09 PM
Embedded Firmware - DSL Modem Sul Linux - Newbie 2 08-06-2004 07:51 PM
DSL modem and router blhack Linux - Networking 1 01-12-2004 08:53 PM
router instead of dlink/dsl modem? krome Linux - Hardware 1 10-23-2003 07:29 PM
dsl modem and linux router diveguy Linux - Networking 3 03-28-2002 12:15 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 03:01 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration