Kitz ADSL Broadband Information
adsl spacer  
Support this site
Home Broadband ISPs Tech Routers Wiki Forum
 
     
   Compare ISP   Rate your ISP
   Glossary   Glossary
 
Please login or register.

Login with username, password and session length
Advanced search  

News:

Author Topic: New security article on home routers on zdnet  (Read 356 times)

broadstairs

  • Kitizen
  • ****
  • Posts: 3183
New security article on home routers on zdnet
« on: January 07, 2019, 07:35:28 AM »

Just seen this https://www.zdnet.com/article/most-home-routers-dont-take-advantage-of-linuxs-improved-security-features/. Think this shows a cavalier attitude to security by companies.

Stuart
Logged
ISP:TalkTalk Connection:FTTC Cab:ECI Router:Netgear D6220

CarlT

  • Kitizen
  • ****
  • Posts: 1121
  • Next generation network design and deployment
Re: New security article on home routers on zdnet
« Reply #1 on: January 07, 2019, 08:44:57 AM »

Not ideal however routers are embedded systems. They should only be running code either produced or approved by the manufacturer which you'd hope isn't going to be setting about stack smashing. Outside shell code really shouldn't be running on them.

If any of them present a shell that's able to execute arbitrary code, however, that's quite a fail. :angel:
Logged
-----
Deploying better networks, not just faster ones.

ejs

  • Kitizen
  • ****
  • Posts: 1959
Re: New security article on home routers on zdnet
« Reply #2 on: January 07, 2019, 06:20:11 PM »

Although if you want to monitor and record the DSL stats, that tends to require a shell that's able to execute arbitrary code.
Logged

Chrysalis

  • Content Team
  • Addicted Kitizen
  • *
  • Posts: 5742
Re: New security article on home routers on zdnet
« Reply #3 on: January 07, 2019, 07:01:10 PM »

Germany are actually introducing legislation to beef up security on home routers, a definite forward step for them, I am noticing the manufacturers are getting them watered down tho, e.g. they were going to be required to make options visible to disable TR069.  But now its watered down to that it can only be enabled by default if an isp is actually utilising TR069.

https://www.zdnet.com/article/germany-proposes-router-security-guidelines/

However they wont be required to allow you to install a supported open source solution which means end users still get trapped on abandonware, which most consumer routers are.
Logged
Sky Fiber Pro - Billion 8800NL bridge & PFSense BOX running PFSense 2.4 - ECI Cab - LINE STATISTICS CLICK HERE
 

anything