If I had the slightest confidence that this would actually involve a 'top to bottom' cleaning; I might be more optimistic(though with the caveat that 'top to bottom' purges have the unfortunate side effect of causing massive attrition among your skilled labor, even the stuff not in position to do anything more corrupt than take an extra long lunch break; which could be pretty brutal for an entity that is supposed to do rocket science). As it is, this sounds a lot more like some deck-chair shuffling.

If that is the case, our very own 'Department of Homeland Security' represents a reshuffling at least as large, absorbing as it did various departments under the vague theory that they hadn't been anti-terrorist enough. It...hasn't really been much to write home about.

I think that you could bodge together a proof of concept with basically any router and either a smartcard reader that supports CAC-style behavior, or any of the fobs that can do keypair auth(I know yubikeys can, I haven't done much poking around); but the one snag is that, to my knowledge, there's nothing (at least nothing remotely standard) that does both robust crypto token and just enough writeable storage for the little bit of configuration data that would allow a user without much technical aptitude to autoconfigure a VPN, or trust of a given certificate, or any other use case that requires both the transmission of a small amount of data and robust authentication.

For myself, I'm interested just because hardware crypto tokens are so strong compared to passwords of any remotely tractable-to-humans complexity, and less vulnerable to untrustworthy clients than doing keypair auth with a private key that lives on a relatively vulnerable computer, rather than never leaving dedicated hardware; but for it to be something useful outside geeks and IT-managed environments, the extra bit of configuration data capability seems like it would be necessary.

Maybe if I were feeling entrepreneurial...

I'll have to check again. It wasn't when I pulled it; but that may have changed, and it is still in my reserve drawer.

So, let me get this straight: your public-sector space program is a fucked-up labyrinth of corruption, fraud, and mismanagement.

You propose to replace it with a sole-source, crony capitalist, 'state corporation', to take advantage of the important synergies between the public sector's capabilities in corruption and mediocrity and the private sector's sophistication in financial and organizational malfeasance?

Christ, guys, if you keep this up I'll start feeling good about US mil/aero procurement practices by comparison...

You can argue about the relative virtues of public sector and private sector agents for various purposes; but there is no lower form of life than the crony capitalist entity when it comes to corruption.

Two-factor auth is so far ahead of the current situation that the risk of 'what if they try to configure the router from a compromised PC?' probably isn't on the radar.

What I would love to see, though, would be a router that uses some USB or NFC security fob for idiot-proof and robust VPN setups: just imagine: plug the fob into the router, or set it on the NFC pad, press the 'bless' button; and the router would perform the appropriate cryptographic handshaking with the fob, and provide the configuration information for setting up the VPN(url, VPN type, etc.).

Then you bring the fob over to a computer or mobile device, hit 'make it so', and the VPN client reads out the config data, makes the appropriate configuration changes, and the fob authenticates the connection. Quick, trivially easy, much more secure than a password or even a certificate file on a USB drive; and you are neatly tunneled back to your home network regardless of the hostile and untrusted networks you may encounter during the day.

Should you lose the fob; hit the 'unbless all' button and all fobs need to be re-blessed before they can be used(obviously, web or other interfaces to the router could allow more granular and advanced control; but having to re-bless a few fobs is likely to be easier than having to understand a more complex interface for many unsophisticated users, who probably only have a small number of active fobs anyway).

The fact that there are telnet services listening on WAN ports 15 years after OpenSSH became available makes me suspect that nothing short of a vigorous scourging with nuclear fire could solve the utterly lax approach to even rudimentary security in consumer electronics.

Well, that and DRM. Tell 'em that the pirates will steal their precious 'premium content' and suddenly they get real interested in security, albeit more in the 'building prisons' than 'building fortresses' sense of the word.

Cable modems are a bit of a special case, and not in a good way. By design, they do what is called "DOCSIS Provisioning". As you might imagine, given that the 'Data over Cable Service Interface Specification' is produced by CableLabs, an industry R&D and standards organization operated by cable companies; the process is designed for the convenience of the service provider, not for the user.

Most cable modems do have some sort of web interface, config settings to fiddle with, etc.; but when you connect one to a cable network, after performing the low-level analog black magic required to get a working digital channel up, the modem makes a DHCP request, which the operator CMTS responds to with an IP and a TFTP server address from which the modem downloads a configuration file. The modem then applies that config file, ignoring any manual configuration made, and operates accordingly.

If you fancy a look at the gory details, Here are some links; and there is a software package for playing with being the party doing the provisioning. Punchline is, though, that a successful cable modem connection more or less implies that the cable modem will be operating according to the provider's configuration for the duration of the connection. Depending on whether or not your ISP is a dick about it, you may or may not lose access to http status pages, SNMP, and any other features the modem possesses; but that's all their call. A disconnected cable modem isn't much use; but it will generally show you whatever its firmware has to offer.

It doesn't help that more than a few router firmwares, whether out of malice or incompetence, simply ignore configuration changes made through their configuration interface. The checkbox may even be there, and may even stay checked or unchecked correctly across reboots; but the actual status of the device just doesn't change.

I had to retire a POS Netgear unit(WNDR3400, in case anyone cares); because it simply ignored the 'Enable Wireless Protected Setup' option. I chose 'hell no'; because WPS is known faulty; it merrily continued offering WPS. Various other models, from more or less all the major home brands, have had instances of this with assorted potentially dangerous features(remote admin ports, uPNP, WPS, default credentials that can't be changed, etc.). Sometimes there simply isn't anything in the UI for controlling a given feature, sometimes the settings are ignored.

Unless the device is supported by a good 3rd party firmware, or you exploit the vulnerability to go in yourself and do some surgery, even 'doing the right thing' can sometimes be purely ceremonial.

It's news not because of OS(I don't know if they bothered; but exploits at the 'just use the default password against the external telnet interface' level would work against basically any OS, and the only real obstacle to executing a payload with the functions described would be that some of the really nasty VXworks-based devices are so RAM-starved that they can barely do their job, much less run malware at the same time); but because the security of nearly all 'consumer', and a disturbing number of more expensive, embedded devices is still utter shit.

It is bad enough that such plastic-box devices typically are shipping software well behind the curve(2.6X kernels, http servers with vulnerabilities that were closed upstream months before the device in question was released, that sort of thing); but 'default configuration leaves telnet listening on the WAN port, with weak credentials for root login' goes well beyond 'bug' and right into 'We Just Don't Care' territory. Even better, the same damn story has been true for at least the past decade, probably longer(though its importance has increased as the cost has fallen and number of little embedded boxes lurking around has skyrocketed).

At least on the desktop and server, some of the worst insecure-by-default atrocities have been ironed out, so attackers are now moderately likely to need to use vaguely clever vulnerabilities(even if they can often get away with ones that were patched months ago) or social engineering; but embedded crap hasn't even reached that level of security.

The fact that telnet is even there(outside of 'recovery' scenarios, where the emergency nature of the situation and availability of only the most limited resources make super-simple protocols like telnet and TFTP valuable) when OpenSSH has been available for the last 15 years, and less liberally licensed versions a bit longer, is disgusting in itself. Having it on the WAN, much less by default, is just depraved.

Unfortunately, the procedure for data recovery is effectively impossible with that particular vendor. You probably need clearances you don't have to even get a straight answer about why your request is being refused.

"Everything important to you should roam across the products you already own"; by which we mean "please, do us the favor of selecting the consumer data most worth collecting about you and sending it to us".

Hopefully the treatment will be amenable to some sort of relatively 'hands off' dispersal method. Veterinary care as all well and good(and, certainly, if it doesn't work in that environment, it probably doesn't work, so it's an obvious place to do R&D); but cave conditions are difficult enough that you won't make a dent in mortality unless you can 'dust' a cave, or set up aerosol dispersal at a cave entrance, or some other wholesale distribution mechanism. Even something that you have to spray directly on affected animals would be pretty tricky in a lot of these roosting environments.

Value judgements have their place; but leaping to them tends to involve jumping over a host of important factors.

The point isn't about who you blame, it's the fact that the capability has gotten a whole lot easier and cheaper.

Unfortunately, despite not being iBeagle, you will find your beagle's battery...difficult to user service...when depleted. Also problematic to restore from backup.

While they are admittedly a staple of low-budget action shlock; it seems that the 'celebrities, politicians, and high level business executives'(none of those midlevel guys, do you know what a kidnapping costs, per kilogram of hostage?) would be the least relevant targets for this flavor of attack.

Fancy prominent people are valuable, strategically relevant, or have deranged and dangerous fans. Such people have merited considerable human effort on the part of assorted attackers more or less since the invention of enough society to be hierarchical.

A cheap, ubiquitous, trivial-to-implement; and quite possibly also legal (no reasonable expectation of privacy, yadda yadda) tracking mechanism doesn't change the game for them, it changes the game for every last Joe and Jane Nobody with some RF widget. As cellphones have demonstrated, enough bluetooth to track nearby bluetooth radios, and enough cellular hardware to report back to the mothership is smaller than a deck of cards, especially if installed somewhere with access to power. It's also cheap, potentially vanishingly so compared to things like billboard/signage space in well traveled areas, or other plausible deployment points.

"The CEO of SomethingDyne Corp has been kidnapped! Can you backtrace his bluetooth?" makes a better B movie; but this tracking technique is far more promising as a cheap, ubiquitous, mass observation mechanism(probably for some bullshit 'audience engagement metrics' thing, not even a proper authoritarian dystopia) than it is for picking off some dude in an armored limo with a couple of those ear-radio guys flanking him.