Top
Best
New

Posted by miniBill 19 hours ago

Tenda firmware (multiple versions) contains hidden authentication backdoor(kb.cert.org)
330 points | 114 commentspage 3
zb3 7 hours ago|
Typical for Chinese companies. Of course US companies also provide backdoors, but more official and more secure..
seethishat 6 hours ago|
No backdoor is secure. Read the "Keys under Doormats" paper from 2015:

https://www.schneier.com/wp-content/uploads/2016/09/paper-ke...

tangsoupgallery 17 hours ago||
[flagged]
nttylock 16 hours ago||
[flagged]
dmpanch 11 hours ago||
[flagged]
eth0up 27 minutes ago||
[dead]
0xshaftoe 12 hours ago||
[dead]
RetroTechie 18 hours ago||
[flagged]
cwmoore 17 hours ago|
Are you referring to the concept of “prayer?”
vachina 17 hours ago||
[flagged]
matheusmoreira 14 hours ago||
I was deeply alarmed when I figured out ISPs had effortless remote access to the routers and consequently to my LAN. Now they just provide me an ONT which terminates their fiber and connects into my own hardened GL.iNet router running OpenWRT.
Terr_ 17 hours ago||
If you're accusing CERT of hypocrisy, what's an example of the second case?
murderfs 16 hours ago||
I'll do better than a second case, here's three:

Barracuda Networks: https://krebsonsecurity.com/2013/01/backdoors-found-in-barra...

Fortinet: https://community.spiceworks.com/t/hard-coded-password-backd...

Korenix: https://sec-consult.com/vulnerability-lab/advisory/backdoor-...

The fact that the password is "rzadmin" makes it a lot more likely that this is just run of the mill stupidity, and not something more nefarious: you'd want a backdoor that isn't blindingly obvious and usable by the CIA.

naturalmovement 16 hours ago||
[flagged]
SubiculumCode 17 hours ago|
Up and out the back door, any 'ol time.