[GLLUG] WAS: Re: Am I over-reacting to this?

Christopher Hunter cehunter at gb-x.org
Mon Jan 20 21:36:06 UTC 2014

On 20/01/14 13:47, Dylan wrote:
> On 20/01/14 13:40, John Edwards wrote:
>> Hi
>> On Mon, Jan 20, 2014 at 01:27:08PM +0000, Jean van Wyngaardt wrote:
>>> In the news today..
>>> http://www.bbc.co.uk/news/technology-25809208#?utm_source=twitterfeed&utm_medium=twitter 
>> Technical details here:
>>     https://scotthelme.co.uk/ee-brightbox-router-hacked/
>> But the description of this problem is different to John Winters'.
>> This is the leakage of security information (including admin password
>> and WPA keys) through the HTTP web interface, but it seems to only be
>> available on the LAN side of the router by default.
> Surely, in order to "push" an upgrade (which is presumably a software 
> update) these routers must have some kind of WAN facing login as well?
> Dx

They mostly do.  I've only looked at a few routers - the Bebox, the 
Huawei TalkTalk effort and a couple of Thomson ones used by other ISPs, 
and they're all able to be "upgraded" remotely.  Typically, there's a 
high-numbered port that's left partially open!  Their default admin 
passwords are generally inane ("Talk1234" was a particularly memorable 
one!) and they often have an obvious secondary "root" user name too.

In every instance, I have replaced the supplied "free" router with my 
own.  In every instance, my router has far outperformed the crippled 
junk that ISPs supply!


More information about the GLLUG mailing list