You are viewing a single thread.
View all comments View context
1 point
*

as close as possible [to fully open source to the metal]

Last I checked the only fully open stuff is one manufacturer’s IBM power 9 workstation and several Chromebooks

Is it better in embedded stuff? Last openWRT device I ran needed a closed binary for network

permalink
report
parent
reply
1 point

There’s still some various binaries. E.g. the expressif sdk generated code. However, it’s far harder to sneak something nasty into it.

Codespace is at an extreme premium on microcontrollers. Kb, and even bytes matter. A big, complex bit of malware would take significant space, likely enough to be noticed quickly.

As for smaller, simpler malware, this is a possibility. However, due to their nature, microcontrollers get a lot more scrutiny of their outputs. Random data dumps to an unexpected external address would be caught VERY quickly.

This is compounded by the fact that it’s not uncommon, at least in larger installs, to segregate IoT devices from the main network. It stops them cluttering it up, and slowing it down. This makes it easy to firewall off the network from the Internet. They can talk to each other, and the central coordinator, but only the coordinator can see the internet, unless explicitly allowed.

If my network were compromised via my smarthome setup, my first suspects would be the debian PC running home assistant, or my ubiquiti router. I’ve at least reduced my target area to business grade networking kit and a single Linux server. I’m not an impossible target, but far from a soft one.

permalink
report
parent
reply

People Twitter

!whitepeopletwitter@sh.itjust.works

Create post

People tweeting stuff. We allow tweets from anyone.

RULES:

  1. Mark NSFW content.
  2. No doxxing people.
  3. Must be a tweet or similar
  4. No bullying or international politcs
  5. Be excellent to each other.

Community stats

  • 9.9K

    Monthly active users

  • 732

    Posts

  • 17K

    Comments