From Newsgroup: sci.electronics.design
On 04/15/2026 08:12 AM, Don Y wrote:
On 4/15/2026 6:23 AM, joegwinn@comcast.net wrote:
.<https://www.cnet.com/home/internet/fbi-wi-fi-router-hacked-list-5-steps-to-keep-your-router-safe/>
TP-Link is the center of attention.
"Avoiding wires" comes at a cost.
<https://www.securityweek.com/new-airsnitch-attack-shows-wi-fi-client-isolation-could-be-a-false-sense-of-security/>
How often do you update/replace EVERY COTS device in your network
to ensure one doesn't end up a beachhead?
This is made more difficult when something like the Intel "AMT" or
other sorts of "digital management" technologies have built-in to
steal and secret packets from the NIC and to make silent installs
of hypervisors over virts the usual sort of account of boot medium.
It's like every PC should have instructions to connect to the device
and make sure the AMT password is something you set then as with
regards to all the disk or block devices and all the RAM to basically
exercise right of first refusal on the hardware.
Then "Power over Ethernet" and similarly about Wi-Fi, which is also
an Ethernet standard, and about things like Netboot and PXE, where
Netboot will happily point to any synthetic networking TFTP boot media
is finds, that being bad enough aboat breaking in to computers,
the usual idea that all the PC's are virted with "Zen" or "Xen" or
whatever it is, here is that "virted" is a bit more devious than "rooted".
Then those TP-Link routers were pretty simple, just running BusyBox
and an old way-slimmed down runtime of Linux over bare metal,
probably they don't play with the hackers who are un-entitled
snowflakes of the laugh-at-others-ignorance-while-stealing-from-them
variety.
These days the PC's and other sorts of devices, to make for more
of an "appliance" model of things, need to get their "digital
management" controlled, then for example an operating system that
more or less is resistant to meddling, then to write and audit
their own network stack, as with regards to being "a good actor on
the network", which is the general principle of how Internetworking
works, without being "a deaf-mute dupe on the damned device".
Here there's a perceived requirement to write a nice O.S. for
commodity hardware and architectures anyways, since the modern
architecture is as of a model of a distributed system instead
of the monolithic controller, as then that what goes on in the
digital management (a stow-away chip running Minix on the bus
making some RAM un-usable, usually) and about the UEFI and it's
notions of boot-time protocols, they're stow-aways and free-loaders.
If even _I've_ heard of this then it's not a secret, then that
matters of monoculture over hygiene have that according to
Murphy the chicken-farmer they just irrationally hope that
a crow with crow-vid never sneezes.
Then, about VPN, there are lots of different approaches to
VPN, and the one that just tunnels to a gateway through TLS,
has that any sort of synthetic networking and system trust store
breach are just a usual account after synthetic networking,
often enough "auto-proxy config" yet just built in to the
ARP and RARP and RIP and such.
--- Synchronet 3.21f-Linux NewsLink 1.2