NSA Reportedly Adds Backdoors To US-Made Routers

Network Computing Dark Reading

Advertise

About Us

Newest First | Oldest First | Threaded View

[close this box]

50%

Camp,
User Rank: Apprentice
5/19/2014 | 1:50:22 PM

Heading overseas?

I think there are quite a few of those 'tampered with' routers sitting in equipment racks in the US and on bookshelves/entertainment centers in our homes. Who are they kidding? (and with that comment, I assume the back door in my device was just activated!)

Reply | Post Message | Messages List | Start a Board

50%

anon9930759556,
User Rank: Apprentice
5/14/2014 | 1:55:30 PM

Re: Somewhere...

http://arstechnica.com/security/2014/01/backdoor-in-wireless-dsl-routers-lets-attacker-reset-router-get-admin/

Reply | Post Message | Messages List | Start a Board

50%

cumulonimbus,
User Rank: Apprentice
5/14/2014 | 6:47:21 AM

Re: Stealng for freedom?

Good point, the end does not justify the means; credibility and trust cannot be discounted. It seems in the world's second oldest profession anything goes. However they have cover. Not to get too convoluted here, but isn't there also the possibility that the documents being released are fake since Snowden is now being manipulated by the Kremlin?

I am sure there is the IT equivalent of an arms race right now, because the first viable quantum computer is likely to be able to crack all the encryption protocols, notwithstanding the fact that quantum encryption itself is uncrackable; the uhderlying data disappearing in a puff of logic. Ah, the beauty!

Reply | Post Message | Messages List | Start a Board

50%

Charlie Babcock,
User Rank: Ninja
5/13/2014 | 6:26:48 PM

Stealng for freedom?

Based on the last statement in the story by Michael Hayden, ex-CIA director, "We steal for freedom, they don't," I would say it would be wise to base the preservation of freedom on something other than stealing.

Reply | Post Message | Messages List | Start a Board

50%

Drew Conry-Murray,
User Rank: Ninja
5/13/2014 | 4:50:53 PM

Re: Somewhere...

Is any network equipment still made and assembled in the U.S.? I thought it had all gone overseas already.

Reply | Post Message | Messages List | Start a Board

50%

Thomas Claburn,
User Rank: Ninja
5/13/2014 | 4:28:50 PM

Somewhere...

...someone at Huawei is smiling.

Reply | Post Message | Messages List | Start a Board

Hot Topics

Editors' Choice

California Man Arrested for Politically Motivated DDoS

Dark Reading Staff 2/21/2020

Cybersecurity Industry: It's Time to Stop the Victim Blame Game

Jessica Smith, Senior Vice President, The Crypsis Group, 2/25/2020

5 Ways to Up Your Threat Management Game

Wayne Reynolds, Advisory CISO, Kudelski Security, 2/26/2020

Live Events

Webinars

March 16-19, 2020: Data Center World Registration is open! Join Us

Data Center World: The leading conference & expo for Data Center and IT Infrastructure Professionals. Register Today!

Get Insights: Cisco vs Microsoft & More at EC20 Orlando

More Informa Tech Live Events

White Papers

IT Careers: Tech Drives Constant Change

Data Protection: Verify Anything and Everything

6 Emerging Cyber Threats That Enterprises Face in 2020

Research Report: Rethinking Security for Digital Transformation

ESG Whitepaper: Assessing Network Traffic Analysis (NTA) Requirements

More White Papers

Video

All Videos

Cartoon

Latest Comment: .....I'm going to have to pay the cyber guy how much????

Cartoon Archive

Current Issue

6 Emerging Cyber Threats That Enterprises Face in 2020

This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

State of Cybersecurity Incident Response

Data breaches and regulations have forced organizations to pay closer attention to the security incident response function. However, security leaders may be overestimating their ability to detect and respond to security incidents. Read this report to find out more.

Download Now!

How Enterprises Are Developing and Maintaining Secure Applications

0 comments

How Enterprises are Attacking the Cybersecurity Problem

0 comments

How Data Breaches affect the Enterprise

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2020-9447
PUBLISHED: 2020-02-28

The file-upload feature in GwtUpload 1.0.3 allows XSS via a crafted filename.

CVE-2019-10064
PUBLISHED: 2020-02-28

hostapd before 2.6, in EAP mode, makes calls to the rand() and random() standard library functions without any preceding srand() or srandom() call, which results in inappropriate use of deterministic values. This was fixed in conjunction with CVE-2016-10743.

CVE-2019-8741
PUBLISHED: 2020-02-28

A denial of service issue was addressed with improved input validation.

CVE-2020-9399
PUBLISHED: 2020-02-28

The Avast AV parsing engine allows virus-detection bypass via a crafted ZIP archive. This affects versions before 12 definitions 200114-0 of Antivirus Pro, Antivirus Pro Plus, and Antivirus for Linux.

CVE-2020-9442
PUBLISHED: 2020-02-28

OpenVPN Connect 3.1.0.361 on Windows has Insecure Permissions for %PROGRAMDATA%\OpenVPN Connect\drivers\tap\amd64\win10, which allows local users to gain privileges by copying a malicious drvstore.dll there.

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]