Follow Slashdot blog updates by subscribing to our blog RSS feed

 


Forgot your password?
Close
typodupeerror
×

Comment Partial vulnerability list (Score 5, Informative) 236

by Zitchas (#46811329) Attached to: Intentional Backdoor In Consumer Routers Found

In the pdf of his presentation he mentions that there are 24 router models confirmed vulnerable spanning Cisco, Linksys, NetGear, and Diamond. I have yet to spot the actual list of vulnerable routers, though.

He also elaborates on how a technically skilled person can figure out if any particular router is vulnerable.

The link to the list of vulnerabilities is found in the pdf. Here's a copy/pasted list of the ones known so far.

BEGIN COPIED TEXT:

Backdoor LISTENING ON THE INTERNET confirmed in :

        Linksys WAG120N (@p_w999)
        Netgear DG834B V5.01.14 (@domainzero)
        Netgear DGN2000 1.1.1, 1.1.11.0, 1.3.10.0, 1.3.11.0, 1.3.12.0 (issue 44)
        Netgear WPNT834 (issue 79)
        OpenWAG200 maybe a little bit TOO open ;) (issue 49)

Backdoor confirmed in:

        Cisco RVS4000 fwv 2.0.3.2 (issue 57)
        Cisco WAP4410N (issue 11)
        Cisco WRVS4400N
        Cisco WRVS4400N (issue 36)
        Diamond DSL642WLG / SerComm IP806Gx v2 TI (https://news.ycombinator.com/item?id=6998682)
        LevelOne WBR3460B (http://www.securityfocus.com/archive/101/507219/30/0/threaded)
        Linksys RVS4000 Firmware V1.3.3.5 (issue 55)
        Linksys WAG120N (issue 58)
        Linksys WAG160n v1 and v2 (@xxchinasaurxx @saltspork)
        Linksys WAG200G
        Linksys WAG320N (http://zaufanatrzeciastrona.pl/post/smieszna-tylna-furtka-w-ruterach-linksysa-i-prawdopodobnie-netgeara/)
        Linksys WAG54G2 (@_xistence)
        Linksys WAG54GS (@henkka7)
        Linksys WRT350N v2 fw 2.00.19 (issue 39)
        Linksys WRT300N fw 2.00.17 (issue 34)
        Netgear DG834[â..., GB, N, PN, GT] version 5 (issue 19 & issue 25 & issue 62 & jd & Burn2 Dev)
        Netgear DGN1000 (don't know if there is a difference with the others N150 ones... issue 27)
        Netgear DGN1000[B] N150 (issue 3)
        Netgear DGN2000B (issue 26)
        Netgear DGN3500 (issue 13)
        Netgear DGND3300 (issue 56)
        Netgear DGND3300Bv2 fwv 2.1.00.53_1.00.53GR (issue 59)
        Netgear DM111Pv2 (@eguaj)
        Netgear JNR3210 (issue 37)

Backdoor may be present in:

        all SerComm manufactured devices (https://news.ycombinator.com/item?id=6998258)
        Linksys WAG160N (http://zaufanatrzeciastrona.pl/post/smieszna-tylna-furtka-w-ruterach-linksysa-i-prawdopodobnie-netgeara/)
        Netgear DG934 probability: probability: 99.99% (http://codeinsecurity.wordpress.com/category/reverse-engineering/)
        Netgear WG602, WGR614 (v3 doesn't work, maybe others...) (http://zaufanatrzeciastrona.pl/post/smieszna-tylna-furtka-w-ruterach-linksysa-i-prawdopodobnie-netgeara/) :END COPIED TEXT

Comment Re:Good for you. (Score 1) 641

by Zitchas (#46694907) Attached to: Meet the Diehards Who Refuse To Move On From Windows XP

I continue to think that about 95% of all computer users would be happy if their current OS locked the feature set exactly where it is now and henceforth do nothing except patch bugs.

Maybe do a "new version" if they really must, but only if it doesn't eliminate or forcefully change the current workflow, doesn't require any additional resources, and can demonstrably *IMPROVE* the user's experience with the OS. Which for most people, means that the time that they spend actually using the OS is decreased. After all, for 95% of users, the OS is simply the digital equivalent of their desk. Most people don't want to spend their time staring at their desk, no matter how "pretty" it is, but rather they would prefer to be doing stuff with whatever they put on it.

Side question: How many people would upgrade their desk if the new version of their desk had drawers that took twice as long to open but made a fancy "Wooosh" noise when they did it? Or where you had to push a couple buttons on the side of the desk before you could pick up a pen (or touch the keyboard)?

Comment Re:Good for you. (Score 1) 641

by Zitchas (#46694445) Attached to: Meet the Diehards Who Refuse To Move On From Windows XP

Exactly!

I've been saying this for years in regards to "new" operating systems. I don't need more "features", I don't need it to look "prettier", I don't need animations when I do something.

Pretty much all I need is something that will organize my files and provide the necessary APIs and backend support for running a predetermined set of programs. (a set that has remained pretty much unchanged for the past 2 years, and only a few additions in the past 5)

Comment Nice, but.... (Score 2) 353

by Zitchas (#46656095) Attached to: An SSD for Your Current Computer May Save the Cost of a New One (Video)

Well, I'm glad that someone's out there talking about it, but here on /. it really is preaching to the choir.

That being said, I'd love to see this video get sent out to the masses of people on some major news channels. Getting a couple million more people interested in upgrading and modding their own computer would do wonders for increasing the interest of computer parts manufacturers in catering to the upgrade/modding community.

Submission + - Astronaut Nearly Drowned During Space Walk

Submitted by Hugh Pickens DOT Com
Hugh Pickens DOT Com writes: Pete Spotts reports at the Christian Science Monitor that about 44 minutes into a 6.5-hour spacewalk last July, Italian astronaut Luca Parmitano noted that water was building up inside his helmet – the second consecutive spacewalk during which he reported the problem. As Parmitano worked his way back to the air lock, water covered his eyes, filled his ears, disrupted communications, and eventually began to enter his nose, making it difficult for him to breathe. "I know that if the water does overwhelm me I can always open the helmet," wrote Parmitano about making it to the airlock. "I’ll probably lose consciousness, but in any case that would be better than drowning inside the helmet." Later, when crew mates removed his helmet, they found that it contained at least 1.5 quarts of water. In a 122-page report released Wednesday, a mishap investigation board identified a range of causes for the near-tragedy, including organizational causes that carried echoes of accident reports that followed the loss of the shuttles Challenger and Columbia and their crews in 1986 and 2003. Engineers traced the leak to a fan-and-pump assembly that is part of a system that extracts moisture from the air inside the suit and returns it to the suit's water-based cooling system. Contaminants clogged holes that would have carried the water to the cooling system after it was extracted from the air. The water backed up and flowed into the suit's air-circulation system, which sent it into Parmitano's helmet (PDF). The specific cause of the contamination is still under investigation but investigators also identified deeper causes, one of which involved what some accident-investigation specialists have dubbed the "normalization of deviance" – small malfunctions that appear so often that eventually they are accepted as normal. In this case, small water leaks had been observed in space-suit helmets for years, despite the knowledge that the water could form a film on the inside of a helmet, fogging the visor or reacting with antifogging chemicals on the visor in ways that irritate eyes. NASA officials are not planning on resuming non-urgent spacewalks before addressing all 16 of the highest priority suggestions from the Mishap Investigation Board. "I think it's a tribute to the agency that we're not hiding this stuff, that we're actually out trying to describe these things, and to describe where we can get better," says William Gerstenmaier, associate administrator for NASA's Human Exploration and Operations Mission Directorate said today. "I think that's how we prevent Columbias and Challengers."

Submission + - Indian space agency prototypes its first crew capsule (electronicsweekly.com)

Submitted by sixsigma1978
sixsigma1978 writes: India is about to take one small step towards human space flight. Last week the country’s space agency unveiled a prototype of its first crew capsule, a 4-metre-high module designed to carry two people into low Earth orbit.

The Indian Space Research Organisation (ISRO) is planning a test flight for later this year – even though it still awaits government approval and funding for a human space-flight programme. The unpiloted capsule will fly on the maiden launch of a new type of rocket that would otherwise have carried a dummy payload.

Submission + - Tor is building an anonymous instant messenger

Submitted by Anonymous Coward
An anonymous reader writes: "Forget the $16 billion romance between Facebook and WhatsApp. There's a new messaging tool worth watching.

Tor, the team behind the world's leading online anonymity service, is developing a new anonymous instant messenger client, according to documents produced at the Tor 2014 Winter Developers Meeting in Reykjavik, Iceland."

Comment Re:Faster internet will help regardless. (Score 1) 259

by Zitchas (#46309215) Attached to: Is Google Making the Digital Divide Worse?

Probably the amusing part is that this all assumes that increased internet speeds actually *help* people. Being able to load funny cat videos 100x faster isn't really a significant benefit, really. And lets be honest: Most people getting these gigabit connections are not going to be spending their time exclusively doing research and watching online courses. If they did, maybe it will help the rich more than the poor, but chances are they won't.

And I fail to see how any online service could start to default to 4k video anytime in the near future. 4k screens aren't exactly common. There isn't even enough market saturation of high bandwidth connection (and big screens) for 1080p to the the default size on youtube. (I think it's generally defaulting to 480p or maybe 720p).

Comment Faster internet will help regardless. (Score 1) 259

by Zitchas (#46305939) Attached to: Is Google Making the Digital Divide Worse?

Having widespread gigabit internet should, in theory, continue to benefit the entire society, not just those capable of affording it. Even if the lower segment of society can not afford it, they should still benefit from it. After all, libraries and other public access points should be able to afford it, especially given that encouraging education is part of their mandate.

That being said, I disagree with the logic that one needs to have access to top-tier internet in order to advance one's education. Most of that bandwidth, in private use instances, is going to be taken up in streaming netflix, videogames, and torrents. (and related services) Very little is going to be used for educational purposes. If one is actually intent on learning, a tiny fraction of a gigabit connection is all that is needed, so long as one focuses on that and not trying to multitask.

Submission + - Copyright Troll Ordered to Pay $119,000

Submitted by
Hugh Pickens writes
Hugh Pickens writes writes: "Steve Green reports that newspaper copyright infringement lawsuit filer Righthaven of Las Vegas has been hit with an order to pay $119,488 in attorney's fees and costs in its failed lawsuit against former federal prosecutor Thomas DiBiase who was sued over allegations he posted a story without authorization on a murder case by the Las Vegas Review-Journal. US District Judge Roger Hunt dismissed Righthaven's suit against DiBiase this summer because Righthaven lacked standing to sue him under its flawed lawsuit contract with R-J owner Stephens Media. The DiBiase case was noteworthy because his attorneys at the EFF said DiBiase's nonprofit website, "No Body Murder Cases," performed a public service assisting law enforcement officials in bringing justice to crime victims — and that his post was protected by the fair use concept of copyright law. Case law created by the Righthaven lawsuits suggests DiBiase’s use of the story would be protected by fair use as it was noncommercial and judges have found there can be no market harm to Righthaven for such uses since there is no market for copyrights Righthaven obtains for lawsuit purposes. Although this was by far the largest fee award against Righthaven, it will likely will be dwarfed by an upcoming award in Righthaven's failed suit against the Democratic Underground."
Power

Submission + - Re-programming the thermostat (watoday.com.au)

Submitted by OzPeter
OzPeter writes: As reported in WA Today, Tony Fadell of iPod fame has been using Nest Labs to design and build a thermostat that learns how you live in your house by following how you manually change the temperature. Once you have taught it how to behave (How the Nest learning Thermostat learns), it then can schedule temperature changes that suit your lifestyle, and help you cut down on energy costs.

Slashdot Top Deals

"Protozoa are small, and bacteria are small, but viruses are smaller than the both put together."

Close