D-Link Back Door Discovered

GasBandit

Staff member
I've read somewhere else this only becomes an issue if you have remote administration on and/or wifi enabled with no security. So I've turned those things off on our router here at work. It'll be a short term inconvenience, however, until I'm either allowed to replace it or D-Link does a firmware patch (which is supposed to happen at the end of October, they say)
 
I can think of a better idea for doing what they needed to do in FIVE MINUTES! Supposedly it is so other binaries on the router can do "admin" stuff easily. OK then. So to satisfy that: Generate an administrative user/password with randomly generated name AND password as soon as the router gets connected to the internet, and do it based on the current time along with an auto-assigned DNS name and/or router name if it gets one. (If you do it otherwise, it may all be 100% the same, factory time, which has the same problem). Then write that username/password to the internal storage. Then read that file from said "other binaries" and use THAT in the requests to the webserver. Done. Another option MAY be to just check which interface connections are coming from. If they're from the loopback interface (ie: from on the same machine) then just let them through. Not sure if that's secure, but if it is, then you CAN'T spoof that.

Either way, idiocy. And idiocy not having it out until end of the month too.
 
Be nice. If they were just taking the backdoor out then it would've been a week long job, but after all they had to build in a new NSA backdoor, and keep the old one active until the new one was ready.

These things just take longer.
 
I wonder how much the NSA would have to pay a tech company to insert a back door, then pretend it was the company's fault once it was discovered.
 
It's on the same order of unbelievable as when the news interviews some guy down at the police station, and right behind him on the wall is a Post-It with the SSID and password of the station wifi, or something.

--Patrick
 
Top