Signs of dark and shady politics around network security

By | April 22, 2014
What bothers me is not that someone found, or even rediscovered, a backdoor to a DSL router. What bothers me is that the backdoor, after being found, seems to be intentionally left open. Now, I don't want to call conspiracy theory unnecessarily, but I'd guess there's quite a bit of network politics behind the decision to intentionally leave the backdoor open.

As to the consequences of owning a product with this backdoor? Well, to make it very simple, put it this way: an attacker could take over your wireless internet, do anything they want with it (even locking you out of your own internet connection), all without your password. On a few conditions: the attacker is smart enough to run a shell script, and either has access to your ISP or is in the vincity of your WLAN network. Sure, that may be better than leaving the backdoor wide open, but… is it really necessary to leave the backdoor open just a peep?

/via +Kristian Köhntopp 

Easter egg: DSL router patch merely hides backdoor instead of closing it
Researcher finds secret “knock” opens admin for some Linksys, Netgear routers.

3 thoughts on “Signs of dark and shady politics around network security

  1. T. Pascal

    Hiding the backdoor (while I don't support it) means that automated systems will spend more time finding it. That usually translates to lower exposure.

    Reply
  2. Dirk Reul

    This shows that a lot of the systems used by us every day, are flawed. In order to allow providers to update settings, perform maintenance etc, many devices are open and vulnerable. Telecommunication providers can easily change all kinds of settings in your SIM card, now if you consider that you can set up your own cell with commercially available hardware and phones always pick the strongest cell… intercepting phone communication is way too easy for any interested party. 

    I highly recommend watching a few of the videos from the latest CCC congress: http://media.ccc.de/browse/congress/2013/  or the last camp http://media.ccc.de/browse/conferences/sigint13/ some of these were truly eye opening and scary. 

    Reply

Leave a Reply

Your email address will not be published.