On Thu, Sep 07, 2017 at 11:51:46PM +1000, Erik Christiansen wrote:
> On 07.09.17 13:32, Adam Borowski wrote:
> > On Thu, Sep 07, 2017 at 09:17:20PM +1000, Erik Christiansen wrote:
> > > If our hosts cannot be trusted not to phone home to folk wearing dark
> > > glasses, then would it not suffice to employ a simple embedded host with
> > > a small die, such as an ARM, e.g. Beaglebone Black, as a firewall?
> >
> > It's not hard to trigger a backdoor using a higher level protocol, from
> > Javascript, etc.
>
> But no-one who is awake would enable java or any of that stuff on a firewall.
> Back doors on the LAN can't phone home through a minimal-silicon RISC
> embedded firewall which is just too small to contain any secondary CPU.
> It just needs to run a minimal kernel with packet routing capability.
> Everything else is a door into vacuum.

You don't make a separate TCP connection, you put it into a stream the user
already has. And no firewall can distinguish a https connection from
another, other that the destination (the black glasses guys won't use a
.nsa.gov server) or perhaps some flow patterns if you tunnel certain
long-lived protocols inside the https connection -- which isn't possible
if they use anything that resembles a typical browsing session.

Meow!
-- 
⢀⣴⠾⠻⢶⣦⠀ 
⣾⠁⢰⠒⠀⣿⡁ Vat kind uf sufficiently advanced technology iz dis!?
⢿⡄⠘⠷⠚⠋⠀                                 -- Genghis Ht'rok'din
⠈⠳⣄⠀⠀⠀⠀