Slashdot is powered by your submissions, so send in your scoop


Forgot your password?
For the out-of-band Slashdot experience (mostly headlines), follow us on Twitter, or Facebook. ×
Networking Security

Backdoor Found In TP-Link Routers 197 197

New submitter NuclearCat writes "Polish security researchers have found a backdoor in TP-Link routers, allowing an attacker to not only gain root access to the local network, but also to knock down the router via a CSRF attack remotely. (Further informationGoogle translation of Russian original). According to the researchers, TP-Link hasn't yet responded to give an answer about issue. The good news: Users who replaced their TP-Link firmware with Open/DD-WRT firmware can sleep well."
This discussion has been archived. No new comments can be posted.

Backdoor Found In TP-Link Routers

Comments Filter:
  • by fuzzyfuzzyfungus (1223518) on Friday March 15, 2013 @08:55AM (#43181509) Journal

    Given the relatively dismal reputation of vendor firmware on most routers, and the distinctly limited opportunities for software-differentiation in the 'well, it sits there and makes the internet wireless, right?' networking market, I honestly have to wonder why most vendor firmware isn't just thinly-skinned Open or DD WRT out of the box...

  • by fuzzyfuzzyfungus (1223518) on Friday March 15, 2013 @09:54AM (#43181987) Journal

    Because said vendors are the one that have to provide post sales support. I suppose they could fork Open or DDWRT (if even possible, I haven't checked) and go their own way. It's basically the same argument for why you don't see Linux desktops on the show room floor at your local B&M store.

    That's actually the weird thing: If you wanted to extend the router analogy to PCs, you would see Linux desktops on the show floor at the local store; but they would all be running deeply dysfunctional bespoke distros, mostly out of date and broken in various ways, some built from scratch, some based off an elderly version of Redhat, along with the low end machines all running FreeDOS with a bundled program designed to resemble a KDE desktop. You would be justified in asking 'Why the hell didn't they just install debian?'

    I'm not imagining that retail routers would be running open-wrt-SVN-Bleeding-edge-UNSTABLE, or ship without some drool-proof web interface that the support guys have a manual for. I just don't understand why(in the presence of free, solid, easily available 3rd party firmware) vendors keep spending on developing in-house or licenced firmware that has all kinds of nasty personality issues, time after time.

At these prices, I lose money -- but I make it up in volume. -- Peter G. Alaquon