Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[Howlingwolf]

I've now flashed my second HG612 with the B030SP06_unlocked firmware, and it's looking good. I'm using it now (on TT ADSL2+), and the connection speed when it started up was the highest I've had for many months. Everything else appears to be working normally, and DSLstats is plotting all its data as it should.

I feel slightly uncomfortable without a GUI interface, but that aside, this looks like the best firmware yet, and a first class job by HW, for which, many thanks.

That's excellent news.

I'm unable to 'line test' them myself because I only have the one spare modem which I'm using to flash and test new builds. However the real 'killer' is that except for the one incident a few weeks ago, my line is and always has been a rock solid 80/20. There is simply nothing for me to compare between the different builds.

I've got the gui working. It turned out to be really simple, just a matter of copying the files across and re-inserting the start cmd into /etc/bootfile.txt.

Which is just as well, the new blob segfaults in the B028SP10 firmware. To be honest, I didn't think it would work when I saw the kernel had been rebuilt.

At the moment I'm trying to test as many of the gui options as I can while watching for errors on the serial console. It's rather slow going 

[Howlingwolf]

will the fixed firmware be labeled differently on the site to download?

Sorry. Perhaps I could have made that clearer.

It's already done. The 'new' version has the same filename with a later upload time (2013-10-24 17:40).

I didn't want to have multiple versions of the same firmware hanging around, (xxx_unlocked, xxx_unlocked-fixed, xxx_unlocked-003). Particularly as there may be a new... new version soon. It could get confusing 

[kitz]

Well done HW - Excellent work.
This is fantastic news  :clap2:

[kitz]

A heads up that Im going to be editing a few posts in a minute.

I totally agree that I see no point in what they have done - the previous situation harmed no-one least of all BT :/ 
But we dont want to make things easy for the other side & give them hints what to do next for future releases.   
They come up with enough of their own ideas

Im not taking any content away from HWs excellent work or what he has done. 
Just something else I noticed by other posters (which included quoted posts) that may prompt them to up the ante in future.

[kitz]

if looking at the numbers so 28 is the major version and SP06 as the subversion then I would put the order of old to new like this.

I will concur with your suggestion, Chrys. 

Yep from me too

B28SP06
B28SP10
B30SP06

B probably = Build and SP = Service Pack?

[roseway]

One thing I've seen with the B030SP06_unlocked firmware - the BTAgent processes are still running, so you do need to kill them if you don't want to be subject to future remote upgrades.

Code: [Select]

# ps
  PID  Uid        VSZ Stat Command
    1 0           336 S   init               
    2 0               SWN [ksoftirqd/0]
    3 0               SW< [events/0]
    4 0               SW< [khelper]
    5 0               SW< [kthread]
   19 0               SW< [kblockd/0]
   32 0               SW  [pdflush]
   33 0               SW  [pdflush]
   34 0               SWN [kswapd0]
   35 0               SW< [aio/0]
   49 0               SW  [mtdblockd]
   59 0           400 S   -/bin/sh
  101 0               SW  [dsl0]
  116 0               SW  [eth0]
  127 0           504 S   mc
  128 0           284 S   console
  129 0           504 S   mc
  130 0           504 S   mc
  131 0           380 S   /bin/msg msg
  132 0           584 S   /bin/log
  133 0           464 S   /bin/klog
  134 0           584 S   /bin/log
  135 0           584 S   /bin/log
  136 0          1120 S   /bin/dbase
  137 0           992 S   /bin/cli
  138 0           992 S   /bin/cli
  139 0           992 S   /bin/cli
  140 0           992 S   /bin/cli
  141 0           992 S   /bin/cli
  142 0           992 S   /bin/cli
  143 0          1624 S   /bin/cms
  144 0          1148 S   /bin/cwmp
  145 0          1624 S   /bin/cms
  162 0           284 S   console
  163 0           284 S   console
  164 0           284 S   console
  202 0           336 S   zebra -f /var/zebra/zebra.conf
  204 0           336 S   ripd -f /var/zebra/ripd.conf
  283 0          1624 S   /bin/cms
  284 0          1624 S   /bin/cms
  316 0           656 S   dhcps
  318 0           240 S   ipcheck
  528 0           488 S   pppc -I ppp256
  534 0           504 S   monitor
  535 0           504 S   monitor
  536 0           504 S   monitor
  552 0           380 S   dnsmasq --conf-file=/var/dnsmasq.conf
  632 0           444 S   sntp
  642 0           292 S   sshd -E
  645 0           232 S   mcast -l /var/upg.bin -d -f 10 -P 37123 239.10.0.100
  664 0               SWN [jffs2_gcd_mtd1]
  666 0          1132 S   MidServer
  670 0           380 S   /bin/sh /BTAgent/ro/start
  673 0           840 S   ./btagent
  674 0           840 S   ./btagent
  675 0           840 S   ./btagent
  676 0           840 S   ./btagent
 5071 0           992 S   /bin/cli
 5072 0           992 S   /bin/cli
 5073 0           404 S   /bin/sh -si
 5074 0           400 S   /bin/sh -si
 5079 0           324 R   ps
#


[Greybeard33]

A heads up that Im going to be editing a few posts in a minute.

I totally agree that I see no point in what they have done - the previous situation harmed no-one least of all BT :/ 
But we dont want to make things easy for the other side & give them ideas.

Im not taking any content away from HWs excellent work or what he has done.  Just something else I noticed by other posters (which included quoted posts) that may prompt them to up the ante in future.

Sorry about that post Kitz - I take your point.

However, a thought that has since occurred to me is that perhaps the reason for the changes might be nothing to do with the small number of users who have harmlessly unlocked their own modem to access the stats. Maybe, just maybe, BTOR is concerned about the possible risk of an unknown security vulnerability in the modem firewall, which, if exploited, might enable an malicious attacker to access the web and telnet interfaces of the locked firmware from the internet. I believe such vulnerabilities have been discovered in other modems/routers in the past. Given the large installed base of HG612s, public disclosure of such an attack vector could clearly cause havoc. So it might make sense, as a preemptive second tier of defence, for the update to remove the GUI and change the telnet password.

Pure speculation though.

[les-70]

Great work. It would be really nice to have web interface with the B30SP06 version.  I can only report further adsl2 tests on TTB but with annex m.  Annex m could not be enabled on the original unlocked firmware but does work on the "new blob" 035 and  this latest blob 038.  Below are quick results for an HG622, and an HG612 with 035 and 038.  No significant difference in this simple test.  Would be good to see FTTC results as, since it is only two years after the first expected date, one day that may reach me. 

HG622   
            Downstream   Upstream                  
Attenuation (dB):          25.0      9.6
Connection speed (kbps):   15603      1719
SNR margin (dB):           6.1      6.0

HG612 035
            Downstream   Upstream
Attenuation (dB):          25.0      8.9
Connection speed (kbps):   15473      1615
SNR margin (dB):           6.3      6.5
       

HG612 038
            Downstream   Upstream
Attenuation (dB):          25.0      8.9
Connection speed (kbps):   15509      1727
SNR margin (dB):           6.3      7.0

back to HG622
Attenuation (dB):          25.5      9.3
Connection speed (kbps):   15659      1671
SNR margin (dB):           6.1      6.5

[Howlingwolf]

A heads up that Im going to be editing a few posts in a minute.

I totally agree that I see no point in what they have done - the previous situation harmed no-one least of all BT :/ 
But we dont want to make things easy for the other side & give them hints what to do next for future releases.   
They come up with enough of their own ideas

Im not taking any content away from HWs excellent work or what he has done. 
Just something else I noticed by other posters (which included quoted posts) that may prompt them to up the ante in future.

Um... Yes... Good point 

We know for a fact that BT's security bods monitor this forum as they've 'reached out' (as Zack would put it  ) in the past.

[Howlingwolf]

One thing I've seen with the B030SP06_unlocked firmware - the BTAgent processes are still running, so you do need to kill them if you don't want to be subject to future remote upgrades.

I started off in the same way as Asbokid with his original unlock - on which all of my work is based of course. Just the minimum number of changes necessary to restore telnet access and no more.

[kitz]

Sorry about that post Kitz - I take your point.

nps GB, just erring on the side of caution.   

However, a thought that has since occurred to me is that perhaps the reason for the changes might be nothing to do with the small number of users who have harmlessly unlocked their own modem to access the stats. Maybe, just maybe, BTOR is concerned about the possible risk of an unknown security vulnerability in the modem firewall, which, if exploited, might enable an malicious attacker to access the web and telnet interfaces of the locked firmware from the internet. I believe such vulnerabilities have been discovered in other modems/routers in the past. Given the large installed base of HG612s, public disclosure of such an attack vector could clearly cause havoc. So it might make sense, as a preemptive second tier of defence, for the update to remove the GUI and change the telnet password.

Pure speculation though.

Yes that would be it - cough-...  now its sorted...  go away BT and find something more useful to do.

If need be, make things read only so plebs dont accidentally edit what they dont need to...if thats what it takes.  But please don't take away the ability to monitor what our lines are doing, from those who are competent to do things and not go whining to BT if something breaks.
Over the years the ability to monitor line stats in conjunction with tools such as RS/DSLstats/Modem Stats  & forums like this must have saved BT an absolute fortune in diagnostics.  Not to mention how many people have been helped on forums such as this saving time and trouble and expense to ISP help desks.    Its totally counter-productive.

[roseway]

I started off in the same way as Asbokid with his original unlock - on which all of my work is based of course. Just the minimum number of changes necessary to restore telnet access and no more.

Yes, I guessed that was the case, and no criticism was intended. Your work has already been of productive benefit to me.

[bbnovice]

However, a thought that has since occurred to me is that perhaps the reason for the changes might be nothing to do with the small number of users who have harmlessly unlocked their own modem to access the stats. Maybe, just maybe, BTOR is concerned about the possible risk of an unknown security vulnerability in the modem firewall, which, if exploited, might enable an malicious attacker to access the web and telnet interfaces of the locked firmware from the internet. I believe such vulnerabilities have been discovered in other modems/routers in the past. Given the large installed base of HG612s, public disclosure of such an attack vector could clearly cause havoc. So it might make sense, as a preemptive second tier of defence, for the update to remove the GUI and change the telnet password.

Pure speculation though.

I was thinking along the same sort of lines but then it struck me that even if the HG612 firewall were to be compromised, the router firewall would still continue to provide a second line of defence. Or is that technically incorrect?

I'm of the opinion that the modem update is possible a precursor to another, more important, change. But what?     

[Howlingwolf]

If need be, make things read only so plebs dont accidentally edit what they dont need to...if thats what it takes.  But please don't take away the ability to monitor what our lines are doing, from those who are competent to do things and not go whining to BT if something breaks.
Over the years the ability to monitor line stats in conjunction with tools such as RS/DSLstats/Modem Stats  & forums like this must have saved BT an absolute fortune in diagnostics.  Not to mention how many people have been helped on forums such as this saving time and trouble and expense to ISP help desks.    Its totally counter-productive.

Yes, indeed. It would be nice to have some sort of mechanism by which we could request access to restricted information and/or functions even if we had to demonstrate a degree of technical competence first.

But as I think it was Black Sheep who pointed out somewhere here. There needs to be a clear business case when you have umpteen million customers, most of whom are thick as two short planks. And not always solely in respect to technical matters 

[Howlingwolf]

However, a thought that has since occurred to me is that perhaps the reason for the changes might be nothing to do with the small number of users who have harmlessly unlocked their own modem to access the stats. Maybe, just maybe, BTOR is concerned about the possible risk of an unknown security vulnerability in the modem firewall, which, if exploited, might enable an malicious attacker to access the web and telnet interfaces of the locked firmware from the internet. I believe such vulnerabilities have been discovered in other modems/routers in the past. Given the large installed base of HG612s, public disclosure of such an attack vector could clearly cause havoc. So it might make sense, as a preemptive second tier of defence, for the update to remove the GUI and change the telnet password.

Pure speculation though.

I was thinking along the same sort of lines but then it struck me that even if the HG612 firewall were to be compromised, the router firewall would still continue to provide a second line of defence. Or is that technically incorrect?

I'm of the opinion that the modem update is possible a precursor to another, more important, change. But what?   

As far as I can tell the modem O/S can only be accessed via the ptm1.301 vlan, and LAN2 on an unlocked device, while it's operating in bridged mode. There are also iptables rules which prevent ptm1.301 and br0 (LAN2) communicating, including one which logs 'Intrusion' (sic) attempts originating from the vlan.

LAN2 itself is on the wrong side of the router firewall, but to get to it from the internet 'they' would need to compromise your router first and get access to the local network.

There are no guarantees of course but Openreach seem to have done a fairly decent job.