When we began to look at the security issues with home routers, we ran right into a protocol called TR-069, also known as CWMP (customer-premises equipment wide area network management protocol). This protocol allows ISPs to remotely manage home networking devices that they provide to their subscribers. This means that they can to do things […]
SOHOpelessly Broken, the contest that tested router security and was run as part of the DEFCON hacker conference has announced the winner. The winner: Craig Young of security firm TripWire uncovered 11 of the 15 vulnerabilities that were found as a part of the contest. The real winners: hopefully all of us as the contest […]
Dan Geer, the chief information security officer for In-Q-Tel, which invests in technology on behalf of the Central Intelligence Agency, gave a very sobering keynote address to the audience at the Black Hat hacker conference in Las Vegas. In his speech he discussed computer security, public policy, and the directions that he believes the industry […]
DefCon 22 is set to open today in Las Vegas, and that can only mean one thing: the contest for hacking routers, also known as SOHOpelessly Broken is set to begin. This contest, co-sponsored by the Electronic Frontier Foundation and Independent Security Evaluators is set to pit the world’s greatest router hackers against each other […]
The Electronic Frontier Foundation (EFF) released the first version of their open wireless router firmware today that supports the work of the Open Wireless Movement. Called a “hacker alpha version”, this software aims to deal with many of the issues of security and privacy that plague most traditional router vendors today. It was announced today […]
We’re 4 days in from Cisco’s announcement of security vulnerabilities in some of their home networking products, and Rogers still has done nothing about it. Let’s Recap: On July 16, 2014, Cisco made an announcement saying that 9 of their home networking products had severe problems related to their security. This security problem will allow […]
I’ve been asked by some people what they should do if they also have the Cisco DPC3825 modem/router issue from Rogers. Here’s what I’d suggest: 1. Determine if you have the problem Look at your modem and see if it’s made by Cisco. I know that Rogers also uses modems from Hitron and Scientific Atlanta, […]
Yesterday I began to try to fix an issue I’m having with my home gateway – a Cisco DPC3825 that has recently been identified as one of the nine Cisco home networking products that has a major security vulnerability. My attempts were thwarted by some pretty poor customer service from my internet provider, Rogers who suggested […]
Yesterday, Cisco announced that nine of their home networking products had a critical security vulnerability that needs to be fixed. The problem stems from a buffer overflow that allows incorrect validation of HTTP requests, and will allow a hacker to run arbitrary code on your device. This new Cisco vulnerability was officially disclosed by Cisco as well […]
WiFi connected Internet of Things (IoT) devices are always a good target for hackers to try to compromise and attack. Another device has been recently compromised – the LIFX internet connnected light bulb. LIFX was a project that began back in 2012 as a Kickstarter project. It’s now become a victim in the quest of […]