back to article NSA-busting secure, open, router seeks cash and code from crowd

Australian embedded systems designer Redfish is hoping to attract funding from the crowd to market a secure routing platform that open-sources both the hardware and software to protect users from unwanted snooping. Speaking to The Register ahead of the launch, Redfish managing director Justin Clacherty said the project is …

COMMENTS

This topic is closed for new posts.

Modular

Was pondering purchasing some kit from http://routerboard.com/; pity there doesn't seem to be many/any ADSL options for the miniPCI slots.

If they make this thing modular; say PCI-104 or some-such then I'd probably buy

It would be nice to be able to pick & choose say base + adsl + wifi or base + extra switch ports

1
1
Bronze badge

screw the tor side

With those specs, it could be a rather good successor to the ageing WRT54G router, at least provided it had wireless n or ac.

0
0
Silver badge

Re: screw the tor side

Yeah, an embedded SIM option would be nice too

0
0
Silver badge

Custom linux distribution - no thanks

Do it with openwrt and I am happy to throw some pennies in that can you are rattling.

Another custom linux distribution? Forget it.

In any case, by today's standards 1GBps is not something to shout about. There is plenty of hardware from that can do this using "stock" openwrt checkout from trunk. Most of them are mips based though. Having a ppc for variety would be nice.

2
2
Gold badge
Meh

Not sure how "open sorce" the hardware is.

Anything that ships out of the US above the VHDL level must be viewed as suspect.

And where's the "encryption engine" coming from?

If you're going to be serious about privacy lets do it right.

Why pay more for the illusion of security when you can buy cheap and know you have none (and plan accordingly) ?

Given what Snowden has shown about NSA willingness to compromise US hardware and software companies this is not paranoid, it's merely realistic.

8
0
Anonymous Coward

Re: Not sure how "open sorce" the hardware is.

"Anything that ships out of the US above the VHDL level must be viewed as suspect."

I'm not clear on exactly what you are getting at here.

First, this is an Australian project. If you are referring to the sourcing of components themselves; it is possible they are designed in the U.S., yes, but most physical components ship from countries like China. Even for non-U.S. chip designers; who's to say the hardware hasn't been compromised at the manufacturing level? It's no secret that China is deeply into espionage, and that the government there has very close ties with corporations. And how can you say that any other country's government is not doing the same thing as the NSA, but just hasn't been outed? Perhaps other countries are simply better at keeping quiet than the US.

As for using open-source cores at the VHDL/Verilog level; if the secret to cracking encryption might involve something like making random numbers a little less random, who's to say that someone messing with the VHDL code might not introduce a subtle "bug"? Or that your FPGA manufacturer isn't going to inject something? I doubt there is a huge population of non-government VHDL experts (who are also encryption experts) with the time to pour over the code for open-source cores. Even if there were, a "bug" could still be subtle enough to elude even the most observant.

And when do we know for sure that a self-professed "good guy" is really on your side? Where do you think the most intelligent folks in the world are working?

In reality, complete computer security is *always* going to be an illusion, regardless of how "safe" you think you are. Security is all about probability. In the world economy, you've got to trust someone, somewhere. If not, you may as well go back to using smoke signals.

1
0
Anonymous Coward

err

Purpose please?

Encrypting traffic internally then broadcasting the traffic back onto the Internet TCP/IP {clear text protocol} ?

Seriously if are going to do things right lets revisit the entire Internet protocol

Long before the Internet first started there was two choices ipx/spx & tcp/ip - the latter was selected due to it being clear text.

0
1
Bronze badge

Re: err

You might want to go read the OSI model again: http://en.wikipedia.org/wiki/OSI_model

TCP is the transport layer, ie it's responsible for moving data between computers. That data can be encrypted, depending on what it is. The rest of the TCP packet can't really be encrypted, because it's necessary for getting the data to where it's supposed to go, for example the address has to be readable. Otherwise it would be the equivalent of enciphering the address of a letter, it would make it impossible for the postman to deliver. However, you could still encrypt the *content* of your letter to keep it safe from prying eyes.

TCPIP was invented for Arpanet, the forerunner of the internet. IPX was developed by Novell in the 80s and is more designed for LANs as it doesn't scale well to internet sizes. It is also in plain text.

1
0
Anonymous Coward

But how long until TOR is made illegal?

Judging by the <front page?> article in the Times yesterday, the media is now more aware of TOR than ever and I can see a campaign (probably by the mail) to get it made illegal as 'people can use it for bad reasons'.

Personally, on the assumption TOR can remain in use, I would like somebody to develop either a physical or virtual TOR adapter, so TOR can be used more widely at the OS level (rather than relying on a TOR proxy or torify for example). Perhaps this already exists - dunno.

Having this functionality at the netwrok perimiter is still a good idea though, as it would cover all devices on the LAN.

1
0
Bronze badge

Re: But how long until TOR is made illegal?

A more interesting question is how long until someone running a Tor router is prosecuted for distributing $BANNED for something passing through their hardware?

0
0
Anonymous Coward

Why the hardware?

Just write some efficient code (anyone know how to do that these days?) for an existing hardware design.

0
0
Bronze badge

Make the NSA illegal

As an American, I would like to appologize to the world for my governement. And by my government, I mean the puppet that they are for the Rotschild world bank that runs them.

1
2
Bronze badge

Re: Make the NSA illegal

But the who's going to protect the US president and stop people counterfeiting dollars? (OK, so they may have strayed somewhat from their original remit).

0
2
Bronze badge

If it was also wireless, couldn't it be auto-meshing with its neighbours?

I think it would be missing a trick without that. A true auto-meshing darknet that was incapable of being turned off would surely be the biggest guarantee of privacy?

0
0
Anonymous Coward

Agreed

An auto-meshing Darknet would be great, especially if it had encryption from the start.

But why stop there? How about an auto-meshing TOR-esque system? An auto-meshing networks (defined 'internal' and 'external' networks with the 'external' links meshing) that can talk to other units of the same type over a further-encrypted Internet link and where each node is a 'node' in a TOR-style arrangement. TOR has only 4,000ish actual exit points, this could really help improve on that.

As an additional feature, a torrent-like structure could be used to request different parts of the same file from multiple endpoints. In a Cloud-y world with data replicated and shared globally this would then pull the data from multiple datacentres- potentially speeding up your downloads but also helping obfuscate what data is being requested and by who so the metadata searches become that much more complex.

0
0
Anonymous Coward

"And where's the "encryption engine" coming from?"

Too right! If it's supplied by a third-party there's a possibility the RNG is nobbled.

I agree that the "TOR = TCP for peedos" (nicked from here) premise will gather momentum

0
0
This topic is closed for new posts.

Forums