FBI says to reboot your router ASAP to avoid Russia malware VPNFilter

Originally published at: https://boingboing.net/2018/05/30/fbi-says-to-reboot-your-router.html

3 Likes

My ISP controls the firmware update schedule on my router even though I bought it from them instead of renting

Why don’t they reboot it ?

3 Likes

I was thinking, it would be great if routers and home hardware were treated more like managed infrastructure. I’m sure some people can manage them on their own, but given the negative externalities it would be better for them to be centrally managed.

Alternately owners or vendors could be held responsible if their routers are rogue.

Our unmanaged hardware are becoming rabid, but we can’t see it.

Increasing numbers of routers and IoT devices are centrally managed.

Unfortunately, this ‘central management’ is mostly done by B0tn3tCh13f at cardz4sale dot ru, but I guess we can’t have everything.

10 Likes

This sounds like a great idea, except that our infrastructure providers (read: ISPs) are extremely bad at offering timely bugfixes for equipment that isn’t a security risk. Go to any cable modem forum to see what a nightmare most ISP-provided devices are to get firmware updates, even when provided by the vendor. It’s a repeat of the Android firmware mess caused by telcos who could care less about your year-old phone.

Most SOHO router companies offer auto-updates now, at least, though these, too, are susceptible to intrusion by bad actors.

I’m not sure what the solution is, but I can say with some confidence that it isn’t any one magic bullet of a thing, even though I wish it were otherwise.

4 Likes

I always switch mine off when I’m not using it (which is quite often).

2 Likes

I sort of think that what is needed is laws to keep individuals or companies responsible. Start ticketing people who own compromised bots for being a public puissance, or ISPs that don’t patch within x days. That should drive responsibility quickly. I don’t think the ISPs are very well aligned towards doing anything but milking their monopolies.

1 Like

I think the law of unintended consequences gets involved in a lot of these cases. If your ISP is responsible for the security of your access point, then surely they will argue that they, and only they, can decide what make/model, and firmware, you can run on said access point - for the good of everyone. So choice likely suffers as a result.

A better route might be to create a “accessOS” that’s hardware-agnostic and can be deployed across a wide swath of devices, with a plugin architecture that manufacturers can use, but that has a core update mechanism that’s universal, and up to date. It’s a huge undertaking, and Android has already shown us how not to do it, but it would probably be a giant first step to solving these sorts of issues.

4 Likes

Agreed, I’d like to think that if the responsibility was personal then the owner could opt out and own the risk. For owners that didn’t want to own that the ISP could offer to manage the devices for them. In practice that may not work out - and could see other ways this could go sideways. But I do fundamentally think that having swarms of poorly managed devices is a big negative for the world.

1 Like

No wonder I get so many calls from “Windows Security”! /s

4 Likes

In other words, mandatory open source firmware.

2 Likes

Times like this I’m really glad I’ve been using a linux machine for a home router for the better part of 20 years.

It stays updated, does not have upnp or protocols I’m unaware of.

1 Like
1 Like

Because, at best, your ISP could cause a “warm boot” which is simply a restart and may not completely clear the devices memory. Only you can do a “cold boot,” which means to completely cut the power.

1 Like

If I’m ever on life support I want my loved ones to pull the plug.

And then plug it back in to see if that works.

5 Likes

You can also perform a router reset and then cycle the power. This will kick the router back to factory defaults and most routers would then require you to log in through ethernet (Make sure you know the admin credentials to log back in once the reset has occurred). But once you do that you can update and change any of the firmware, settings and passwords you want.

Have them perform a reset and you’ll be just like new at the factory.

Since when does turning off and back on something get rid of software? I’m pretty sure persistence was a problem tackled many, many years ago. Something about saving the text files or something like that.

It gets rid of new code (ie, viruses/malware) that is residing in the router’s non-permanent memory.

1 Like

It doesn’t take much knowledge to manage a home router better than the engineering staff of a typical large ISP.

Sadly, in fact, I would say a blind, retarded penguin would be only slightly less qualified than the engineering staff of any large ISP. This based on my decades of interaction with them.

There’s very little financial or legal incentive for large corporations to have well provisioned and managed customer-facing networks.