Sun, 24 Nov 2013
Listening In

I've never been happy with relying on a cheap ADSL router/modem for firewall security on my home network, but this is what I've been doing for a long time now. How secure is its firmware, does it get updates? Control and configuration is often poor.

Basically, a little "white" box running [1] who knows what.

[1] Usually some version of Linux, often old and perhaps with "patches". Security updates either non-existent or hard to find.

So I bought a cheap but much superior solution from LinITX: an Alix based device running the pfsense firewall.

This runs FreeBSD wrapped up in a very nice web-based GUI to manage a pretty sophisticated firewall/router. A little red box running a known quantity.

What this means in the first instance is I've had to familiarise myself with firewall rules and logs again, something I've not done for a long time (when I used to run one or two Linux firewalls). I've set the box up to be a perimeter device and also plugged in my WIFI as its optional interface. Staring at logs and trying to tweak rules to minimise logs, in some cases scratching my head over odd packets, or hard to hide logs ...

As a slightly paranoid system administrator, the easy availability of firewall logs and rules can keep me up a bit later than usual now.

Intersecting this interest was a report I saw about a test Channel 4 TV are doing just now called Data Baby. They are monitoring the information mobile phones are sending out, which turns out to be a lot, even when they're doing "nothing".

As the phone sat, apparently silent, contacts were in fact being made with 76 different servers around the world, in countries from the US to Europe to China and Singapore.

Mr Miller said: "the interesting thing is, and (it) might be surprising to a lot of people is, that (the) phone is always active. It always has an internet connection, and so the applications, if they choose to, can continue communicating after you've put it down."

My Nexus7 Android tablet sits in my kitchen and I sometimes use it for streaming radio (Tune In), Skype or browsing. It's idle for most of the time, but there is constant traffic to Google's servers, and even the BBC. I haven't captured the traffic to look at it in detail, no doubt it's all quite innocent and normal. But now we all carry these little networked multimedia computers in our pockets, do we need to have some assurance on what information it sends out? What is your phone doing? What permissions do you give an application when you install it?

Not only the phone. Recent reports detail how LG televisions might be logging information about files you are using and sending data back to the manufacturer. Spying basically. Not the sort of thing people would expect of a TV, but all of a piece when consumer electronics converge to be multimedia networked devices. Time to get the wire sniffer out ...