[Cerowrt-devel] Friends don't let friends run factory firmware
dave.taht at gmail.com
Tue Feb 18 17:21:01 EST 2014
On Tue, Feb 18, 2014 at 5:13 PM, Dave Taht <dave.taht at gmail.com> wrote:
> While we are at it. (wobbly wednesday)
> Don't leave home with it on.
> At least they left the signing keys for the certificate in the
> firmware, so that bad guys can exploit it, and good guys, improve it.
> On Tue, Feb 18, 2014 at 5:10 PM, Rich Brown <richb.hanover at gmail.com> wrote:
>> More excitement...
I was incidentally quite surprised to see the original limited scope
of the DNS changer worm. I didn't think we'd busted the folk involved
in the scam soon enough, nor was I happy with the ensuing publicity,
nor with how long it took for Paul to be able to turn off the the
servers supplying the (4+m) busted routers with corrected data.
The world has been ripe for the same attack or worse, across over half
the home routers in the universe, as
well as much CPE.
This is in part why I'm so adamant about getting DNSSEC support "out
there", adding sensors to cerowrt,
improving security, doing bcp38 and source sensitive routing and the like.
>> Cerowrt-devel mailing list
>> Cerowrt-devel at lists.bufferbloat.net
> Dave Täht
> Fixing bufferbloat with cerowrt: http://www.teklibre.com/cerowrt/subscribe.html
Fixing bufferbloat with cerowrt: http://www.teklibre.com/cerowrt/subscribe.html
More information about the Cerowrt-devel