Backdoor Found In TP-Link Routers 197
New submitter NuclearCat writes "Polish security researchers have found a backdoor in TP-Link routers, allowing an attacker to not only gain root access to the local network, but also to knock down the router via a CSRF attack remotely. (Further information — Google translation of Russian original). According to the researchers, TP-Link hasn't yet responded to give an answer about issue. The good news: Users who replaced their TP-Link firmware with Open/DD-WRT firmware can sleep well."
Et tu, China? (Score:3, Insightful)
With every government in the world wanting their own backdoors to everything these days, designing firmware for modern routers must be akin to being a carpenter tasked with building a house to satisfy 300 different feuding owners.
Re: (Score:2)
Re:Et tu, China? (Score:5, Insightful)
Re:Et tu, China? (Score:5, Funny)
Re: (Score:2)
Re:Et tu, China? (Score:4, Insightful)
Re: (Score:2)
The parent was making a point that people around here tend to moderate on ideology rather than reality.
People do everything on perception, not reality. How is that newsworthy?
And just FYI, racism is when you are basing your claims on heredity, as opposed to nationality.
When heredity and nationality correlate strong enough, there is no functional difference. And in some cases, racism is affected by your first point. People racist against "arabs" are racist against Persians and such because they are "close enough." So, they aren't racist against Persians, but ideology of the racist guy doesn't differentiate.
Re: (Score:2)
Re: (Score:2)
Re: (Score:3, Funny)
Re: (Score:2)
Country of origin is irrelevant. If you still feel it is, remember, StuxNet came from the US government.
Yes, it did, which rather proves that state-sponsored cyber attacks are very, very real. Given that, the notion that routers manufactured in the PRC might come with back doors as standard equipment (we're looking at you, Huawei) is hardly a stretch.
Re: (Score:1)
If you feel fully justified in calling him a fucking idiot as response to his post, am I justified in calling you out as a reactive foul-mouth apologist for criminal (or criminally negligent) corporate behaviour?
I do not see how stevegee58 meets your criteria for 'fucking idiot' on the basis of your comment. I can only surmise that you have somehow failed to notice the common patterns in China's behaviour.
I wouldn't be so quick to sling insults around if I were you.
Re: (Score:2)
He's a fucking idiot because he is trying to equate chinese manufactured products to be virus ladened. Forgetting that, as others have pointed out, various government and corporate bodies, and even private individuals, have sent out tools and products.
Go read On Trusting Trust again. If Ken Thompson just kept quiet, most of your "appliance" devices would have a builtin backdoor as login.c and the compiler propagated.
Is Huawei's stuff backdoored? Damned if I know. However, they are willing to provide sou
Re: (Score:1)
He's a fucking idiot because he is trying to equate chinese manufactured products to be virus ladened. Forgetting that, as others have pointed out, various government and corporate bodies, and even private individuals, have sent out tools and products.
There wasn't much in the way of replies when I posted, although I may well have missed them.
That aside, I didn't read the GP's comment that got him moderated flamebait, but I think it's a reasonable assumption at this point in time that Chinese-designed equipment is likely to be compromised and/or a knockoff. If it makes me a racist to say so then I guess I am whatever the crowd says I am.
Go read On Trusting Trust again. If Ken Thompson just kept quiet, most of your "appliance" devices would have a builtin backdoor as login.c and the compiler propagated.
Is Huawei's stuff backdoored? Damned if I know. However, they are willing to provide source code. *IF* the customer can compile the source code, using the customer's own compiler, and install it, and the thing uses bog standard components, then is it *ANY MORE DANGEROUS* than a box from Cisco or an "American" company? Go read up on how stuxnet got into target.
I don't disagree with any of your points. Who said anything about trusting stuff built 'at home'? I'm talking specifical
Re: (Score:2)
He's a fucking idiot because he is trying to equate chinese manufactured products to be virus ladened. Forgetting that, as others have pointed out, various government and corporate bodies, and even private individuals, have sent out tools and products.
There wasn't much in the way of replies when I posted, although I may well have missed them.
That aside, I didn't read the GP's comment that got him moderated flamebait, but I think it's a reasonable assumption at this point in time that Chinese-designed equipment is likely to be compromised and/or a knockoff. If it makes me a racist to say so then I guess I am whatever the crowd says I am.
I think they also know - the first time someone finds one of these is when everyone distrusts them so much that they would never gain it back. And unlike the USA, they don't have the goodwill behind them.
But then again, stupidity knows no bounds, so some low level idiot may feel that they have the power to coerce some companies to do that.
Go read On Trusting Trust again. If Ken Thompson just kept quiet, most of your "appliance" devices would have a builtin backdoor as login.c and the compiler propagated.
Is Huawei's stuff backdoored? Damned if I know. However, they are willing to provide source code. *IF* the customer can compile the source code, using the customer's own compiler, and install it, and the thing uses bog standard components, then is it *ANY MORE DANGEROUS* than a box from Cisco or an "American" company? Go read up on how stuxnet got into target.
I don't disagree with any of your points. Who said anything about trusting stuff built 'at home'? I'm talking specifically about distrusting Chinese gear but that is no dichotomy: I assume any new product is rubbish unless proven otherwise, regardless of where it is made.
When you only criticize one side, when the issue is much much larger than that one side, you make it appear that that is the only one worth criticizing.
If any new product
Re: (Score:1)
When you only criticize one side, when the issue is much much larger than that one side, you make it appear that that is the only one worth criticizing.
If any new product is rubbish, but you only make statements that "new chinese products are rubbish", you color yourself as one sided and cannot fault others for thinking you think that way.
Admittedly I didn't do a very good job of expressing myself so once again I can't fault your argument.
In all honesty I harbour fear and mistrust for China. I also harbour fear and mistrust for the United States, even though as a Kiwi our nation is considered an ally. I am however much more concerned about China because they seem to be determined to advance their cause regardless of the consequences, much much more so than the States. I'm left with the devil you know and all that.
That doesn't make me right
Re: (Score:1)
You accused me of abusing you as an AC, which I did not. You then began abusing me as an AC, in your usual style, whilst claiming not to be APK.
You accused me of sockpuppeting as an AC, which I did not. You then began sockpuppeting support for your posts, in your usual style, whilst claiming not to be APK.
You accused me of stalking unrelated comments and abusing you as an AC, which I did not. You then began abusing me as an AC - yes, in your style again - whilst claiming not to be APK.
What was that about hy
Re: (Score:2)
You and whoever the hell AC is, can both go have your own private little war somewhere else, kthanks.
Re: (Score:1)
You and whoever the hell AC is, can both go have your own private little war somewhere else, kthanks.
You're quite right and I apologise.
Re: (Score:1)
You call me a simpleton yet you cannot distinguish between a simple response thread and being stalked.
You then call me a hypocrite as you proceed to stalk my posts. Somehow the irony escapes you.
You are the most childish 50-year old man I've ever encountered.
Re: (Score:1)
Keep banging on, idiot. You've no more understanding of fact than you do of logic.
Re: (Score:1)
You have no understanding of statistics. Your argument is obvious and transparent false logic that any schoolkid could see through, yet you remain resolutely clueless as to why your list is laughable, irrelevant and pathetically childish.
You'll have to do better than that if you want to prove anything, apk.
Go on - post it again, please. Every time your idiot list comes up you merely confirm that you do not understand why it is irrelevant.
Re: (Score:1)
250++:1 against ya's better stats than you have
What is this? Is this even English?
Don't tell us you even begin to understand statistics since you lack a fundamentally crucial element they require in samplesets. Have you even taken them formally in an accredited collegiate academic environment? I doubt it since you don't realize that much. Keep on "eating your words" fool.
Perhaps then you can quote the section in the textbooks where it describes the correct use of cherry-picked data to back up an argument?
You clearly don't understand the most basic premise of the topic at hand or you wouldn't make such laughable claims.
Have you even taken them formally in an accredited collegiate academic environment?
Once again you demonstrate your fallacious logic. By your thinking you'd never know if your car had broken down unless you were a qualified mechanic. You'd never be able to tell if the kettle had boiled without being an exper
Re: (Score:1)
Math shows ya beaten by 250++:1 n' not a "cherry picked" set fool. Just 250 of your fellow /. forums members who liked apk's posts vs. your drivel here http://it.slashdot.org/comments.pl?sid=3406867&cid=42701491 [slashdot.org] You fail and had your big mouth slapped shut by your own peers on this forums.
So, you don't think your data is cherry-picked? My incompetent friend, your behaviour defines the term! What else do you think it refers to? Childishly denying the (blindingly obvious) truth is an apk hallmark it would seem.
There's really little point arguing with someone who is wilfully ignorant such as yourself. I guess it's not surprising that an arrogant, self-important fool like you is prepared to squirm and lie to any extent to 'save face'.
I know I've upset you because after accusing me of stalking yo
Re: (Score:2)
Right... just like Lotus Notes used to be 40 bits weaker when shipped overseas, much to the chagrin of the various European governments that used it prior to that little discovery.
And you obviously haven't been following the news about companies like HBGary and all these other defense contractors.
English news article (Score:5, Informative)
The H Security: Treacherous backdoor found in TP-Link routers [h-online.com]
I have to wonder why they bother... (Score:5, Interesting)
Given the relatively dismal reputation of vendor firmware on most routers, and the distinctly limited opportunities for software-differentiation in the 'well, it sits there and makes the internet wireless, right?' networking market, I honestly have to wonder why most vendor firmware isn't just thinly-skinned Open or DD WRT out of the box...
Re: (Score:2, Informative)
For a lot of routers the chipset manufacturers aren't as friendly towards open source as they could be (eg broadcom), which is largely the reason why many popular routers are unsupported or work-in-progress for openwrt/dd-wrt etc.
Re: (Score:1)
For a lot of routers the chipset manufacturers aren't as friendly towards open source as they could be (eg broadcom), which is largely the reason why many popular routers are unsupported or work-in-progress for openwrt/dd-wrt etc.
Open Source is not to friendly to Broadcom chipsets keeping their software interfaces secret to prevent clone vendors from leveraging the effort Broadcom put into writing the drivers for its chips by just making chips that could work with the Broadcom drivers.
Either you leave the Broadcom drivers out of Windows itself (disadvantaging Broadcom in the market place), or you include them, and if they use a documented interface, you disadvantage Broadcom in the marketplace, since they had to pay for the drivers
Re: (Score:2)
Bullshit.
Broadcom does not even need to pay to make drivers. Open source the documentation and let others make the drivers.
Broadcom is trying to avoid the fact that they make a commodity product. If they would acknowledge that they do, they could benefit from drivers that were compatible with multiple vendors chipsets.
Re: (Score:3)
"Broadcom does not even need to pay to make drivers. Open source the documentation and let others make the drivers."
Doesn't happen with complex devices AMD proved that. AMD has released the documentation for their GPUs and they OpenSource drivers lag the closed source and AMD has to pay programers to work on the OpenSource drivers same as Intel does for their GPUs. And the next statement will be that of course the closed source drivers are ahead of the FOSS drivers because they have had a head start and the
Re: (Score:2)
Wireless chips are not that complex.
AMD can't even make their own decent driver, not even the closed one, maybe the hardware just sucks.
Re: (Score:2)
Yeah, I am so anti-AMD that my current desktop is a 955 Black.
AMD video cards have both bad closed and open source drivers. If no one can make a good driver for the hardware, that hints at other problems.
Re: (Score:2)
Bullshit; the b43 drivers were reverse-engineered by the community and are better than Broadcom's own drivers. Granted, WiFi drivers are a little more complex than a serial port driver, but they're nowhere near as hard as GPU drivers.
CS students no longer take economics classes? (Score:5, Informative)
Bullshit.
Broadcom does not even need to pay to make drivers. Open source the documentation and let others make the drivers.
Broadcom is trying to avoid the fact that they make a commodity product. If they would acknowledge that they do, they could benefit from drivers that were compatible with multiple vendors chipsets.
CS students no longer take economics classes?
Their product is NOT commodity; their functionality IS commodity. This is an INTENTIONAL line in the sand they are drawing to keep the products legal in the US, since you are not permitted to license an SDR in the US except as the aggregate of both the hardware for the SDR and the firmware which gets loaded into the hardware, and the driver which drives the hardware. This is an FCC regulation intended to keep people from easily eavesdropping or interfering with Military, Police, Fire, and other emergency services bands. It also makes it more difficult to turn a cheap SDR into a scanner by running it in receive-promiscuous mode, which would let you hear cell phone and other end-pointed transmissions, as well as allowing you to fake the IMEI for the device in order to clone other people's phones.
They DO NOT WANT an open source driver that documents their hardware interfaces so someone can clone their chip registers, since documenting the operation and order of operations on their chip registers represents disclosure of Trade Secret information not protectable by patents.
They would prefer that this never happen, since it means that if they have a large chunk of the market, they can keep other people from entering the market by making them work to get parity with their closed source drivers shipping in a third party OS, like Windows. Buy Windows? Broadcom just works, buy someone else's chips? Good luck, since you will have to fight to get your drivers signed, and fight Microsoft with getting them to ship your drivers with their OS so that your competing chipset also "just works".
It's an intentional non-monopoly anticompetitive practice (and therefore this side of the legal line) which raises costs for your competitors to the same levels as your costs, since you already have sunk costs that you need to recover. Making it so some clone factory can take advantage of all your sunk costs, and no matter what you do, they will undercut your pricing in the market.
This is EXACTLY the same reason the old Adaptec SCSI controllers went to the HIM architecture, and EXACTLY why the Diamond Viper video cards required a matched driver for the PAL coding matching the BIOS with the card, which made them a bitch to use without thunking down to INT 10. Both companies were preventing their cards being cheaply cloned and being used with the drivers they wrote. John Hamm, who made the decision on the HIM layer at Adaptec was later the CEO of one of the startups I worked at.
Note that the video driver stuff is not the same; the 3D engine uses patented processes in software, so they can't Open Source those without granting the license to use their patents, royalty free, so long as the code is licensed under similar terms.
Hardware accelerated decode for H.264 and MPEG would require licensing the Sorenson patents on a per chip basis. By pushing the cost of licensing off to the OS vendor as part of the licensing of the OS, they make it someone else's problem, which brings down the unit cost on the GPUs, so long as they are not used for that purpose, and you end up with bulk licensing applying across multiple GPUs when it comes from the OS vendor, which spreads the pain around to your competitors. So even though the decode could be fully done in hardware, there's always a software loopback part that requires the license, since the hardware won't do it on its own without the loopback.
Re: (Score:2)
Good luck, since you will have to fight to get your drivers signed
Lolwut? Your "fight", then, is as follows: Forking over around $250 for a certificate, downloading a cross certificate and running signtool on the driver files.
Wakeup call: you sign the drivers yourself. Having the drivers pass WHQL testing is another matter and fairly optional.
All it'd take to get rid of this problem in the civilized world would be to make the PCI and USB VID/PID combination subject to trademark law. A knockoff product couldn't use the same PID/VID as the brand name, and brand name driver
Re: (Score:2)
Open Source is not to friendly to Broadcom chipsets keeping their software interfaces secret to prevent clone vendors from leveraging the effort Broadcom put into writing the drivers for its chips by just making chips that could work with the Broadcom drivers.
Any vendor, Broadcom or competitor, that wants free drivers can just publish specs and the community will build the drivers. There's no competetive disadvantage if everyone gets free drivers.
Re: (Score:2)
Apparently there is, or nVidia, Broadcom, and a whole host of others would be doing just that.
Re: (Score:2)
Only if you assume businesses make rational decisions. In reality, they are as driven by fear as the people that comprise them.
Re: (Score:2)
That's utter and complete crap. The fact is, most chips with similar function have a similar INTERFACE anyway. Knowing the details reveals little about the all-important internal implementation. A clone maker will happily shave the package off and find out every last detail of the chip using an electron microscope anyway.
That's not to say that management paranoia coupled with the delusion that their product is totally unique and revolutionary doesn't convince them of that utter and complete crap.
In some cas
Re: (Score:3)
Not as big if an issue as you would think for the manufactures. The drivers would just be loadable and not statically linked to the kernel. The reason for not using Open-DRT is that the UI is terrible Luci is not great but the standard out of box UI is just a command line. Oh yes I use a TP-Link TR-3220 as a media extender. It is really cool that they have it and I will probably get a few more TP-Link routers for other projects but Open-DRT is not friendly at all.
DD and Tomato do not work on as many devices
Re: (Score:2)
Not as big if an issue as you would think for the manufactures. The drivers would just be loadable and not statically linked to the kernel. The reason for not using Open-DRT is that the UI is terrible Luci is not great but the standard out of box UI is just a command line. Oh yes I use a TP-Link TR-3220 as a media extender. It is really cool that they have it and I will probably get a few more TP-Link routers for other projects but Open-DRT is not friendly at all.
DD and Tomato do not work on as many devices so I have not had a chance to play with them.
I have a TD8816 ADSL 2+ router running in modem mode (plain PPPoE stream that's terminated on a separate machine). I was initially impressed at the fairly extensive featureset, given that it was dirt cheap. Unfortunately, that's where my impressedness ended: when running in ADSL2+ mode it syncs to a nice high speed during the day... then at night the SNR on the line drops. Unfortunately, the modem doesn't ever bother to resync as the SNR gets worse - eventually *all* the packets are arriving as CRC error
Re: (Score:2)
The great majority of these routers are running Linux.
It seems to be a dirty little secret of the router world: they're all running Linux (GPLv2), many have ADSL chips and support PPPoE and PPPoA.
Yet the mainline kernel has practically zero support for ADSL chips - none of the drivers have been open-sourced. The documentation for the chips themselves is released to the router manufacturers under NDA, and quite often the manufacturers also get a reference driver (a Linux kernel module).
This means the router
Re:I have to wonder why they bother... (Score:5, Informative)
As far as I know, that's more or less what Asus does. I have an RT-N66U and it's an absolute dream box. It's based on one of the open source firmwares (I can't remember which one though, DD-WRT, OpenWRT or Tomato), Asus releases the source code to the firmware and you don't have to do anything fancy to install a custom variant of it, just upgrade your firmware manually like you would on any other router except pick the custom firmware file.
Re: (Score:2)
Re: (Score:2)
That's great, but the OP was asking about why most vendors don't do this. He wasn't talking about people in china.
Re: (Score:1)
Re: (Score:2)
From some googling, this seems to be an issue specific to the RT-N53, lots of people having issues even on the stock firmware. Some have had success, though - http://www.thedartboard.net/forum/showthread.php?t=957 [thedartboard.net]
I'm not really sure where the blame lies for this, though. Is it Asus? Their own firmware seems fine. Is it the 3rd party firmwares? They're the ones with the issue but then again is it due to what they have to work with?
I can't speak for the 53, but my own 66 has had no issues at all and there's m
Re: (Score:2)
Re: (Score:2)
ummm... You do realize that a lot of the routers already run Linux just with a different skin.
Re:I have to wonder why they bother... (Score:4, Interesting)
Because said vendors are the one that have to provide post sales support. I suppose they could fork Open or DDWRT (if even possible, I haven't checked) and go their own way. It's basically the same argument for why you don't see Linux desktops on the show room floor at your local B&M store.
That's actually the weird thing: If you wanted to extend the router analogy to PCs, you would see Linux desktops on the show floor at the local store; but they would all be running deeply dysfunctional bespoke distros, mostly out of date and broken in various ways, some built from scratch, some based off an elderly version of Redhat, along with the low end machines all running FreeDOS with a bundled program designed to resemble a KDE desktop. You would be justified in asking 'Why the hell didn't they just install debian?'
I'm not imagining that retail routers would be running open-wrt-SVN-Bleeding-edge-UNSTABLE, or ship without some drool-proof web interface that the support guys have a manual for. I just don't understand why(in the presence of free, solid, easily available 3rd party firmware) vendors keep spending on developing in-house or licenced firmware that has all kinds of nasty personality issues, time after time.
Re: (Score:2)
My guess? Cause most managers don't have a real firm grasp on software development, and the smart software developers convince their managers to keep development in-house (job security).
Re: (Score:2)
I honestly have to wonder why most vendor firmware isn't just thinly-skinned Open or DD WRT out of the box
They think:
1) we can save a nickel on RAM if we don't use linux
2) we sell tens of millions of devices
3) that's millions of dollars of savings
and if they contract out the firmware to the lowest bidder and don't actually provide any support, maybe they're right. What I find surprising is that the linux-based routers didn't take over years ago at a $10 premium for their good reputation. Then again, I've
Cutest name (Score:2, Funny)
TP-Link is the cutest name. Toilet Paper Link... It wipes the competition, literally.
Re:Cutest name (Score:5, Funny)
Re: (Score:2)
TP-Link is the cutest name. Toilet Paper Link... It wipes the competition, literally.
Link.. TP.. Legend of Zelda Toilet Paper... I like where this is going.
Only worked from LAN side (Score:2)
Re: (Score:3)
Can you trust your visitors?
Including uninviteted, secretive visitors?
I'm sure a determined attacker will just social-engineer their way in, and after the visit there is a second backdoor but now one that's accessible from the outside as well.
Re: (Score:2)
Re: (Score:2)
OK, those uninvited notwithstanding, it is normal for companies to have visitors.
People coming for business discussions, people coming to do building maintenance (various contractors), etc. Getting through the door is pretty easy. Getting on their LAN (wireless) is pretty easy (may not even have to get through the door for that). Getting on their LAN (wired) is a little harder - but a little social engineering and say pretending to be a network maintenance guy will usually get you really far, especially in
Re: (Score:2)
Re: (Score:2)
Of course. But then there are policies, and then there is the real world.
"Don't leave your visitor unattended!"
"But I'm just fetching him a cup of coffee..."
And when said "network maintenance" guy is there, even if someone is keeping a watchful eye on him, that someone likely doesn't know what the network maintenance guy is doing (or they could have done it by themselves).
TP (Score:3)
Re: (Score:3)
Looks like the firmware upgrade (Score:1)
LAN side only, seems to be the firmware upgrade app since it requires the sending computer to be on the LAN, and providing a TFTP connection.
"Update2: to works on WAN port if http admin is open WAN"
Well there's a gaping hole, most of the routers I've owned, you can enable the admin on the LAN or the LAN+WIFI, I've never seen one you can open the admin page to the WAN.
Still, not quite the hyperbole in the Slashdot summary though!
Re:Looks like the firmware upgrade (Score:5, Informative)
Should be fixed, yes. Critical to your network security? Not really.
It requires someone to convince a local user to click a link which not only executes an HTTP request against the router but also somehow starts up a TFTP service on the machine that executes that request, with some crafted files served from it to compromise the router when it asks for them.
It's a home router (and "routers" in the headline is accurate but misleading - precisely two are listed as vulnerable), so to be honest, I'm not at all surprised that this is possible. Hell, UPnP is more a security threat than this backdoor and that's enabled by default in a lot of places.
However, if TP-Link (whose products I quite like, especially their wireless repeaters) had just issued an update that stopped this happening, I'd not have even cared about it one jot and it would disappear into the void of things that have been patched already. It's the non-response that gets me. Someone at TP-Link couldn't even be bothered to say "We're looking into it"?
It is kinda sloppy of them (Score:1)
Sloppy to hard code the request. But then again, suppose they forced you to enter the password for the router, you wouldn't be able to reconfigure it if you've forgotten the password. That 'easysetup app' of theirs would be worth anything.
"I'd not have even cared about it one jot and it would disappear into the void of things that have been patched already. It's the non-response that gets me"
I bet the TPLINK guy didn't even know why they would do that. He'll just be a PR guy who doesn't know squat and doesn
Re: (Score:2)
"Update2: to works on WAN port if http admin is open WAN"
Well there's a gaping hole, most of the routers I've owned, you can enable the admin on the LAN or the LAN+WIFI, I've never seen one you can open the admin page to the WAN.
Still, not quite the hyperbole in the Slashdot summary though!
I have seen many, here is 2 examples
TP-LINK:
54M Wireless Router
Model No. TL-WR340G/TL-WR340GD
D-LINK:
Product Page: DIR-615
Hardware Version: E3 Firmware Version: 5.10
TFTP (Score:2)
This reminds me of the vonage PAP2 case where you could unlock the PAP2 device by intercepting the tftp connection the device made to vonage the first time it got plugged in after you bought it from the store. You would redirect the connection to your own tftp server and basically tell the device to unlock itself.
The device was worth 70$ and vonage sold it for 10$ locked.
Some devices can easily be told to reconfigure themselves by simply telling them to download a configuration file through tftp, All you
Re: (Score:2)
This reminds me of the vonage PAP2 case where you could unlock the PAP2 device by intercepting the tftp connection the device made to vonage the first time it got plugged in after you bought it from the store. You would redirect the connection to your own tftp server and basically tell the device to unlock itself.
Amusingly (to me) I'm working on that now. I'm currently stuck because I got the downgrade firmware on there but it's not requesting the XML file. It's getting an address via DHCP and then just sitting there like a turd.
"sleep well"? Really? (Score:2)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
If I keep hearing Linux is no more inherently secure than OSX or Windows, then why should one presume that there's some reason that OpenDD or OpenWRT should inherently be any more secure than standard router firmware?
I don't know how the comparison to Mac/Win makes applies here, but anyway, here's my theory... OpenWRT is developed by a larger, open community which also wants to offer long-term support for older devices. A manufacturer stock firmware of a router (even if Linux-based) can be slapped together quite sloppily and the manufacturer moves on to next projects, leaving security holes and router-crashing bugs behind.
Re: (Score:2)
TP-link deliberately introduced a backdoor. you can do that on OSX or Windows, too, and it's no harder.
the real issue here is that if TP-link shipped Open-WRT with a TP-link skin and some kind of mostly-automatic updating, they'd be far better off. vendors don't seem to understand that open-source isn't just a shortcut, but a better way to support their systems.
I got my first TP-Link Router last night (Score:2)
Re: (Score:1)
It is when they (Frontier) require you to rent their modem/router combo device.
Re: (Score:2)
Configuring a router is not dependent on the ISP
I can configure the router, and I don't need the help of the ISP to do it. What happened was I followed the existing instructions on how to configure that particular router to be in bridge mode, and then I lost my internet connection. I called up the ISP and asked for help on how to fix it and the support person said that they don't support customers with routers in bridge mode. So the "suggested" way to use my new router, would be to have it be a client of the ISP supported router; which defeats the purpos
"root access to the local network" (Score:3)
That's really troubling too, because after I read this, I went to change my network's root password and I couldn't find where to do that!
After RTFA it's clear they mean root access to that router, which is the same thing that anyone would have inferred from the mere mention of "back door" anyway. So why add the confusing phrase about the network?
The world is already stupid enough. There's no need to go to extra trouble to make it stupider. That's wasted effort.
update (Score:1)
Today, we got some feedback from TP-Link Poland:
1) Apologies for their earlier lack of contact
2) Confirmation of the vulnerability on WAN site (ie. if you have your web admin put on WAN - you are affected).
3) Info about imminent press release
4) Offer to have some other models of the TP-Link devices - for security tests
-- ms, sekurak.pl team
Who uses that? (Score:3)
Re: (Score:2)
No way. The D-Link DOR-632 sells for $35 from Amazon.com (free shipping) right now. It's trivial to upgrade it to DD-WRT. Once you do that, it can act as a wireless bridge, wireless repeater, WDS, AP, etc. Hell, it can act as 10 different APs, if you want... make your own guest WiFi DMZ.
Hardware-wise, it has a maximum-legal power 20dB radio. 8 ethernet switch ports. And a built-in USB port, which can be connecte
Re: (Score:1)
Fuck that noise. 172.16.0.0/12 baby.
Use DD-WRT (Score:1)
Defense Distributed (Score:1)
Yeah, where are these guys? Why aren't they printing out secure routers and other hardware? In fact, why isn't anybody? That will really scare the tyrants...
What is "root access to a network?" (Score:2)
I'm having trouble wrapping my feeble mind around that one.
openwrt? dd-wrt? More secure?! (Score:2)
Users who replaced their TP-Link firmware with Open/DD-WRT firmware can sleep well.
On what basis?
On the basis of the security updates that occur, every single time a kernel or userland vulnerability is discovered?
I have yet to see a security release for DD-WRT. I see updates, randomly, which have nothing to do with security issues. Certainly the stable branches of both projects releases rarely.
Note, I'm not faulting these guys -- these are nice firmwares. However, to think that they are somehow more secure, when they fall prey to the same problem -- THAT IS, NO UPDATES DUE TO SECURITY
Vulnerable even if no admin access on WAN side (Score:1)
I've got a TP Link router, and if I try to visit the backdoor URL, the router shuts off its wireless. An attacking webpage would just need to put that URL in an img tag for example to trigger my browser to open it.
I'm currently in Shanghai and the router is a unique chinese model, so I have no idea if it's compatible with OpenWRT / DD-WRT.
No surprise (Score:2)
TP-Link Routers are rubbish (Score:1)
I've had a customer that used a TP-Link router, and their software required MSSQL port to be forwarded from the internet to their desktop (for motel software - updating reservations, etc).
I wanted to firewall the Windows machine to only allow a subnet in from their supplier, who agreed all other incoming traffic on mssql port should be blocked. Unfortunately when I port forwarded it from the TP-Link router, the router also SNAT the traffic coming in so all requests on the mssql port were coming from the rou
Re: (Score:2)
I suspect you had the wrong product for your customer. These are cheap home grade devices - I've seen a few in people's homes. I would never use them in a business.
Re: (Score:2, Informative)
From the summary:
The good news: Users who replaced their TP-Link firmware with Open/DD-WRT firmware can sleep well."
(emphasis mine)
Re: (Score:1)
Re: (Score:2)
Re: (Score:2)
You can't.
Re: (Score:2)
You are off to a good start by using the <tt> tag. Now post this question on every article for a week and your submission will go away.
Re: (Score:2)
Yes, then TP-Link sends a Chinese hacker/technician to your house to exploit this LAN-only security problem.
Re: (Score:2)
I have TP-Link - I wondered why the laundry man kept turning up...
Re: (Score:2)
192.168.xxx.xxx is LAN-only.
Re: (Score:2)
Man, it would be so refreshing if more often the case was "${company_name} responded immediately and is working on a security fix"...
Where's the pride behind the products?