Stories
Slash Boxes
Comments

SoylentNews is people

Three Months on, No Linksys Router Patches for Remote Holes

posted by Fnord666 on Tuesday April 25 2017, @10:24PM   Printer-friendly
from the no-consequences- dept.

MrPlow writes:

Submitted via IRC for TheMightyBuzzard

More than three months after being informed about remotely exploitable vulnerabilities in 25 router models, Linksys is[sic] yet to issue patches to remedy them.

Researchers at IOActive Labs wrote that they had informed Linksys of 10 flaws on 17 January, six of which could be remotely exploited by unauthenticated people.

But as of last week, all that Linksys had done was to notify users through a public post and suggest workarounds until patched firmware was ready.

Given Linksys' inactivity, the IOActive Labs researchers said they were holding off on providing the full technical details of the flaws until patched firmware was ready for download.

Shit, even we can manage a fix in six months...

Source: http://www.itwire.com/security/77772-three-months-on,-no-linksys-router-patches-for-remote-holes.html

Original Submission

 
This discussion has been archived. No new comments can be posted.
Three Months on, No Linksys Router Patches for Remote Holes | Log In/Create an Account | Top | 32 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 2) by Fnord666 on Wednesday April 26 2017, @04:08PM (1 child)

    by Fnord666 (652) on Wednesday April 26 2017, @04:08PM (#500125) Homepage

    Establish a law that put the manufacturer in 20 year update obligation unless full documentation or source is made available?

    Your $50 router now costs $2000. Manufacturers aren't going to foot the bill for such requirements, you and I are.

    Starting Score:    1  point
    Karma-Bonus Modifier   +1  
    Total Score:   2  

  • (Score: 3, Interesting) by jmorris on Wednesday April 26 2017, @09:00PM

    by jmorris (4844) on Wednesday April 26 2017, @09:00PM (#500356)

    You missed the or. The proposal would quickly solve itself to a PC like router standard and hardware makers would all make commodity 'compatible' gear varying in details like WiFi standard, number of antennas, USB ports, etc. but all capable of running any of several operating systems designed to run across the range of available gear. Like PC clones and Linux/BSD/Windows, the hardware maker would be responsible for warranty coverage of the hardware only, the preinstalled OS would be more of a 'for testing purposes only' intended to merely demonstrate the hardware works and enable loading the customer's preferred OS.