| | Back door found in D-Link routers |  |
|
|
| Author | Message |
|---|
richard09
Posts : 4261
Join date : 2013-01-16
| | Subject: Back door found in D-Link routers Sun Oct 13, 2013 11:09 pm | |
| |
|
| | |
NoCoPilot
Posts : 20330
Join date : 2013-01-16
Age : 70
Location : Seattle
| | Subject: Re: Back door found in D-Link routers Mon Oct 14, 2013 4:11 am | |
| So the vulnerability is what? If somebody physically attaches to your router with an Ethernet cable, or is within the 100' radius of your wi-fi, they can steal your bandwidth? See the devices on your network? Do unauthorized printing? I'm not seeing the big panic here. - Quote :
- Worth noting, this only works if you're already on the network. So, basically to exploit this you have to be in one of the following situations:
1) Physical access to the ports on the route
2) Un-authed wireless network
3) Have an existing wireless password
This is another way of saying it's not remotely exploitable via the internet at large, or that the potential for mass, automated damage is pretty low.
Considering most of this hardware is consumer grade, this really isn't a big deal. It's a good story and is obviously really shitty on the part of D-Link, but the real reason this is getting attention is how clumsy it is.
As for the catching terrorists/kiddie porn, this is almost definitely your standard corporate level incompetence, not government fiddling. The most interesting scenario is that D-Link's source repo has been compromised and this was inserted without their knowledge, but that's pretty unlikely.
posted by yeahwhatever at 12:54 PM on October 13 [1 favorite] Source
|
|
| | |
_Howard
Admin
Posts : 8734
Join date : 2013-01-16
Age : 79
Location : California
| | Subject: Re: Back door found in D-Link routers Tue Oct 15, 2013 4:55 pm | |
| - NoCoPilot wrote:
- I'm not seeing the big panic here.
Not so much a panic as the disturbing fact that a major producer of consumer networking hardware has left a potentially-damaging backdoor in the firmware. That should never happen. |
|
| | |
NoCoPilot
Posts : 20330
Join date : 2013-01-16
Age : 70
Location : Seattle
| | Subject: Re: Back door found in D-Link routers Tue Oct 15, 2013 5:46 pm | |
| - _Howard wrote:
- That should never happen.
Bill Gates might disagree. |
|
| | |
_Howard
Admin
Posts : 8734
Join date : 2013-01-16
Age : 79
Location : California
| | Subject: Re: Back door found in D-Link routers Tue Oct 15, 2013 5:50 pm | |
| - NoCoPilot wrote:
- Bill Gates might disagree.
Like I care. Bill Gates can kiss my wrinkled white ass. |
|
| | |
NoCoPilot
Posts : 20330
Join date : 2013-01-16
Age : 70
Location : Seattle
| | Subject: Re: Back door found in D-Link routers Tue Oct 15, 2013 5:53 pm | |
| Don't hold your breath. Undocumented back doors are a staple of most software programs, especially Microsoft's. |
|
| | |
_Howard
Admin
Posts : 8734
Join date : 2013-01-16
Age : 79
Location : California
| | Subject: Re: Back door found in D-Link routers Tue Oct 15, 2013 6:05 pm | |
| I spent a lot of years designing and producing commercial software. Last job was with the world's third-largest software company. No back doors. Not once. Never.
Today, the large companies are being forced into providing back doors for the govt. If they did it before that, and it got into a release verwsion, it was an internal fuckup. It's standard practice to have this type of access for testing purposes, but all such access is removed before release. Ensuring that these holes have been removed is a standard part of the QA process. If it's not done, it's because the software company is shit. |
|
| | |
NoCoPilot
Posts : 20330
Join date : 2013-01-16
Age : 70
Location : Seattle
| | Subject: Re: Back door found in D-Link routers Tue Oct 15, 2013 6:34 pm | |
| - _Howard wrote:
- If it's not done, it's because the software company is shit.
Like I said, it's SOP at Microsoft. |
|
| | |
Sponsored content
| | Subject: Re: Back door found in D-Link routers | |
| |
|
| | |
| | Back door found in D-Link routers | |
|
