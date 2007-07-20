from the keep-up-to-date-with-updates dept.
Millions Of Home Wi-Fi Routers Are Likely Vulnerable To Unpatched Linux Security Exploits
If you're reading this article from home, it's likely that you're connected to a consumer-grade Wi-Fi router, either wirelessly or via hard wired Ethernet. And if that's the case, you should probably take this time to upgrade your router's firmware ASAP. That is if an update is even available from the manufacturer.
We say this because the Fraunhofer Institute for Communication (FKIE) in Germany recently performed test of 127 home routers, to probe them for their resistance to security threats. Of the routers the researchers tested, 91 percent of them were found to be running some version of embedded Linux, which isn't surprising.
What was surprising, however, was that the researchers found that not a single router was free of security flaws. In fact, it was discovered that many of these routers were actually susceptible to hundreds of known security vulnerabilities.
Peter Weidenbach, Johannes vom Dorp. Home Router Security Report 2020 (pdf), FKIE
(Score: 1, Disagree) by Anonymous Coward on Tuesday July 07, @03:02PM (7 children)
Or you should install OpenWRT. If you can't install it on your router, then get a router it does work with. You will be immune to almost all vulnerabilities, and the ones you aren't immune to will probably have a patch available by the time you hear about the problem.
(Score: 2) by DannyB on Tuesday July 07, @03:04PM (5 children)
Maybe a much gooder idea would be to put the government in charge of router firmware and security updates. If you want the job done
(Score: 3, Funny) by choose another one on Tuesday July 07, @03:14PM (1 child)
Maybe let them finish with doing pandemic management right first...
(Score: 3, Informative) by DannyB on Tuesday July 07, @03:20PM
I thought they had finished that and the USA was Number One! MAGA!!!
I eagerly await the government to help us with our home technology issues. And everything. Like a benevolent older male sibling.
How To Free Up Port 53, Used By systemd-resolved [linuxuprising.com]
(systemd-resolved listening on port 53 by default. In case you want to run your own DNS server, you can't)
(Score: 2) by The Mighty Buzzard on Tuesday July 07, @03:28PM (1 child)
Shit, man, you owe me a new sarcasm detector.
(Score: 2) by DannyB on Tuesday July 07, @03:40PM
Older sarcasm detectors need to be upgraded. New sarcasm detectors must be manufactured to higher standards for today's modern sarcasm generators.
(Score: 2) by canopic jug on Tuesday July 07, @03:32PM
Maybe a much gooder idea would be to put the government in charge of router firmware and security updates. If you want the job done left right.
The government could, in principle, mandate conditions that require or favor OpenWRT [openwrt.org] by vendors, but that would tread on someone's toes and therefore cannot happen. Instead, politicians would just turn around and outsource to the biggest current campaign donor or their partner(s). I guess that would be Bill these days, especially if you count his "charity" foundation or all the donations from his business partners.
That said, I agree with the AC that OpenWRT is the way to go. Even though the intersection of supported hardware and what is available in the big box stores is quite small, upon checking there always does seem to be a models few at each store that would work. The problem comes in when you start dealing with ISP add-ons like IPTV and other crap.
The security problems with the routers are caused by the underlying problem which is that the vendors are allowed to treat their products as proprietary even though they are not proprietary. Legally, the licensing for the kernel and much of the user space upon which their products depend is GPL and thus Free Software. Although required to, the vendors never release their code, even when requested. The Linux Foundation is part of that problem these days. Despite the name it is about advancing the interests of its members within the kernel code base rather than promoting and advancing Linux among the members. As a result, the Linux Foundation treats its software as Open Source rather than Copyleft which the vendors in turn treat as plain old proprietary software. That helps absolutely no one, not even the vendor. Yes, they may feel like they're getting over on someone but the reality is that, as the article shows, they end up quickly with either maintaining their own fork / mini distro or else foisting abandonware on the customers. If the vendors could just get the zero sum gamers out of their companies, or at least under control, they could set set up with a win-win-win situation by adopting and contributing to OpenWRT. They could focus on the hardware. The software would stay up to date and not tarnish the brand through unpatched holes. The customers would get a more polished system because the return on effort with the software would be much higher.
Really in this day and age, software is a commodity and it only wastes everybody's time and money (including the vendors themselves) to pretend otherwise like is happening in the article.
(Score: 0) by Anonymous Coward on Tuesday July 07, @03:30PM
Hey, sometimes those vulnerabilities are what you need [github.com].