• Current Events & Politics
    Welcome Guest
    Please read before posting:
    Forum Guidelines Bluelight Rules
  • Current Events & Politics Moderators: deficiT | tryptakid | Foreigner

F.B.I.?s Urgent Request: Reboot Your Router

Ds

Ds

Bluelight Crew
Joined
Apr 26, 2006
Messages
31,970
Location
God's Country
F.B.I.?s Urgent Request: Reboot Your Router to Stop Russia-Linked Malware
Your mission, should you choose to accept it: Turn your router off, then turn it back on. That?s one of the things the FBI is asking people to do to help thwart a cyberattack it says agents of a foreign government are launching against U.S. citizens.
Last week, security researchers at Cisco's cyberintelligence unit Talos warned of the attack: Malicious software, dubbed VPNFilter, had infected an estimated 500,000 consumer routers in 54 countries and was targeting routers from Linksys, MikroTik, Netgear and TP-Link, and possibly others.
The FBI on Friday sent out a notice recommending that anyone with a small office or home office router reboot (turn on and off) their devices to stop the malware.
The scope of the attack is ?significant,? the FBI said. Once the malicious software is on a user?s equipment, it could stop the router from working, collect information from the systems that run through it and possibly block network traffic, according to the agency.
Click to expand...


So, just reboot your router, and you shoud be safe.

https://www.google.com/amp/s/amp.usatoday.com/amp/650867002
 
Last edited:
Gotta love how poorly engineered even some of the most ubiquitous technology is.

My favorite example is WPS. After the piece of shit that was WEP encrypted wifi, we switch to something effective, then introduce WPS and subsequently break it all again cause some dumbshit didn't realize that 2 4 digit codes isn't the same number of possibilities as 1 8 digit code.
 
JessFR said:
Gotta love how poorly engineered even some of the most ubiquitous technology is.
Click to expand...

its designed as cheap as possible and priced as high as possible to maximize profit margins, what do you expect? yay capitalism!

my first thought upon seeing this is "reboot your router, [because the backdoor updates we sent out require a reboot]". the enemy of my enemy is not my friend.
 
tathra said:
its designed as cheap as possible and priced as high as possible to maximize profit margins, what do you expect? yay capitalism!

my first thought upon seeing this is "reboot your router, [because the backdoor updates we sent out require a reboot]". the enemy of my enemy is not my friend.
Click to expand...

Not that that doesn't happen in many areas of business, but in this particular area it's not the case whatsoever. Almost all cryptography that winds up getting broken ends up broken because they paid to engineer it themselves instead of using an existing free open standard. And by doing so, it being broken is also pretty much a 100% certainty.

In this case it is absolutely 100% sheer incompetence. They make an incompetent decision in thinking building their own encryption would be better than using an open and vetted one, then pay extra money for the worse outcome, then pay or lose more money when it gets broken.
 
Last edited:
JessFR said:
My favorite example is WPS. After the piece of shit that was WEP encrypted wifi, we switch to something effective, then introduce WPS and subsequently break it all again cause some dumbshit didn't realize that 2 4 digit codes isn't the same number of possibilities as 1 8 digit code.
Click to expand...

That is basic (okay like a little past fractions) math! :p
I'm just assuming a computer engineer was on the team to do this and they should know math at that level! Crazy.
 
cduggles said:
That is basic (okay like a little past fractions) math! :p
I'm just assuming a computer engineer was on the team to do this and they should know math at that level! Crazy.
Click to expand...

It's actually even worse than it sounds, the final number of the 2nd 4 digit code is a checksum of all the digits that come before it, in other words, in practice it becomes a single 4 digit code as well as a 3 digit code, which brings it down to only 11,000 combinations.

They've somewhat mitigated the issue by adding delays and lockouts when too many attempts fail, but there's still a lot of wifi devices out there that let you try combinations as fast as you want.

And it gets even worse still when it was discovered that on many of those devices, turning wps off in the settings doesn't ACTUALLY turn wps off. It says it can be turned off but for some reason turning it off appears to do nothing.

It's really kinda hilarious how inept a lot of so called engineers are.
 
You must log in or register to reply here.
Top