Contributors   |   Messages   |   Polls   |   Resources   |   Register for newsletter
Comments
Newest First | Oldest First | Threaded View
Alison Diana
Alison Diana
5/9/2018 4:08:46 PM
User Rank
Author
Re: UPDATE - FIX DEVELOPED
They were not the router manufacturer, which I gather was an OEM in Asia, but rather the security firm that located the vulnerability. The same firm that found the problem created a fix, something they did not have to do. I know they get attention when they do this which, in turn, can create corporate customers -- and certainly a lot of goodwill -- but it's a longshot way of doing it and I always imagine it's driven because they enjoy the challenge of fixing what somebody else "broke," so to speak, as coders.

50%
50%
afwriter
afwriter
5/9/2018 1:09:42 PM
User Rank
Gigamaster
Re: UPDATE - FIX DEVELOPED
It would have been better if the attack never happened and I know that this is a little PR, but at least the company was proactive about it and found a solution. 

50%
50%
Alison Diana
Alison Diana
5/9/2018 9:16:15 AM
User Rank
Author
UPDATE - FIX DEVELOPED
The company that found the vulnerability contacted me on Tuesday to say they worked all weekend to fix the flaw. Here's part of the email they sent:

 

"Since users are under attack, our research team worked throughout the entire weekend to try and create a patch for the routers. I'm proud to say they did it.

It is critical that users know about the patch and can use it to fix their routers. We created a tool that allows them to do this, even if they don't have a technical background.

https://www.vpnmentor.com/tools/gpon-router-antidote-patch/

Sarit"

50%
50%
DonBrowne
DonBrowne
5/9/2018 6:53:13 AM
User Rank
Gigamaster
Re: So many infected routers...
It's amazing and thought provoking to realize that it's estimated that "at least 1 million high-speed GPON routers are impacted," and whether Google and others may have a solution to circumventing the possbile problems with full fiber router vulnerabilities.

50%
50%
afwriter
afwriter
5/8/2018 1:30:44 PM
User Rank
Gigamaster
Re: So many infected routers...
I wonder if the vendors are afraid to do that because it would tie up too many resources, at least up front. Anecdotally, I have shown my mother-in-law how to use her ROKU a million times, and she still can't figure it out, I can't imagine having to explain to her how to change her router password. Still, I guess the headache would be worth it to prevent vulnerabilities. 

50%
50%
mhhf1ve
mhhf1ve
5/7/2018 5:20:11 PM
User Rank
Gigamaster
Re: So many infected routers...
I wonder how many manufacturers will take up Google on its ThingsOS platform -- where Google says it will handle all the security updates for the next three years.

50%
50%
Alison Diana
Alison Diana
5/7/2018 4:17:09 PM
User Rank
Author
Re: So many infected routers...
The simplest step router vendors - and all vendors of connected devices - could take would be to do away with the built-in, preset password. Once a device is installed, that preset password should expire after X number of uses, forcing a user or administrator to change the default to a (hopefully) more secure and private password. 

50%
50%
michelle
michelle
5/3/2018 11:18:50 PM
User Rank
Gigamaster
Re: So many infected routers...
I think about this a lot myself. I pay attention to alerts to upgrade firmware in my home router. I wonder how many people have no idea they need to do anything with the router after it's set up.

50%
50%
mhhf1ve
mhhf1ve
5/3/2018 10:28:01 PM
User Rank
Gigamaster
So many infected routers...
It's not just GPON routers. There are so many insecure router out there that it's scary to think what could happen.

50%
50%
Duh!
Duh!
5/3/2018 5:16:21 PM
User Rank
Author
Chicken Little says the sky is falling down
The vulnerability is not a GPON vulnerability, nor is it present in all GPON home gateway/routers. It apparently affects a vendor to Telmex, JSC in Kazakhstan and FPT in Vietnam. Other sources have named the vendor, but this is unverified.

The testing results on "random" GPON routers is puzzling.  I understand that the base software in a lot of the small vendors' ONTs is purchased from one developer. A defect in this webconfig server could affect all of these vendors.

 

50%
50%


Latest Articles
Findings from university researchers and The Wall Street Journal indicate that many US homes are overpaying for broadband.
As cable operators weigh construction costs, the potential for service disruptions, training needs and network maintenance, the decision on which path to take isn't so straightforward anymore.
In a one-on-one interview with Broadband World News, ADTRAN Chairman and CEO Tom Stanton speaks about the vendor's success with a new breed of broadband providers, today's competitive environment and, yes, Verizon and NG-PON2.
In a provocative new BBWN webinar, Broadband Success Partners' Jack Burton will delve into cable's next-gen HFC architecture plans and explain why going all-fiber may make more sense for operators right now.
Five years ago, NOS board member Manuel Ramalho Eanes helped steer the Portuguese service provider toward a future heavily reliant on smart homes and cities. It's a decision the provider is glad it made.
Broadband World Forum Perspectives
Five years ago, NOS board member Manuel Ramalho Eanes banked big on smart homes and smart cities.
Slovak Telekom and T-Mobile Czech Republic Chief Technology and Information Officer Branimir Maric is using his more than two decades' experience in telco, including 15 years in various ...
Operators cannot protect networks -- their own or their customers -- by building a hard shell around the infrastructure, given the sensitive data dwelling and being sent to and from edge ...
Communications service providers have long talked about improving the day-to-day experience of their customers, but have not always backed up their words with actions and resources.
All Broadband World Forum Perspectives
Information Resources
All resources
Partner Perspectives - from our sponsors
Radio Shows
In this insightful Light Reading radio show, Kurt Raaflaub, Head of Strategic Solutions Marketing, will outline the key service provider challenges, deployment considerations, next-gen Gigabit technologies, and service models to win market share in the rapidly growing MDU market.
Sponsored Video
Ronan Kelly, ADTRAN CTO, EMEA & APC, shares his thoughts on industry operators leveraging virtualization, disaggregation and open SDN control, ...
Network slicing promises to be a panacea, but the biggest hurdles are not technological. The grand ambition of enabling intelligent, adaptive, ...
F-Secure has been providing security for endpoints for 30 years, and using AI and machine learning algorithms, for example in the labs to automate ...
Fahri Diner, CEO and Co-founder of Plume, unveiled a new open source initiative, OpenSync, at Broadband World Forum 2018. Announced together with ...
Talking to Light Reading's Iain Morris, Sebastian Richter from devolo explains why operators have to think beyond delivering high bandwidth and ...
All Videos
Flash Poll
Webinars
Tuesday, September 10, 2019
12:00 p.m. New York / 5:00 p.m. London

Wi-Fi is the foundation of the connected home for consumers; yet, it’s often a source of frustration. With the imminent release of the new Wi-Fi 6 standard – combined with a strong Managed Wi-Fi offer – service providers can reverse subscriber frustration while tapping into new revenue streams.

Key topics include:

  • What’s different about Wi-Fi 6 and why it matters to your subscribers
  • The importance of offering Managed Wi-Fi and its connection to Wi-Fi 6
  • How you can elevate your brand and gain a strong foothold in the home network.

Video
Alternative UK fixed-broadband network operator Community Fibre is deploying ADTRAN gear to take 10 Gbit/s to London users at aggressive prices.
At Broadband World Forum 2018 there's a lot of chat about the shift towards software-defined access networks, but how tough and how expensive ...
What are the hot talking points in the fixed broadband sector right now? Gigabit over copper as well as fiber, software-defined access and more, ...
Light Reading's pro-European, Berlin-lovin' editors Ray Le Maistre and Iain Morris discuss some of the hot topics from BBWF 2017, including Gfast ...
The UBB2020 community has had a great first four months thanks to a market that's on the up!
All Videos
Broadband World News
About Us     Advertise With Us     Contact Us     Help     Register     Twitter     Facebook     RSS
Copyright © 2019 Light Reading, part of Informa Tech,
a division of Informa PLC. Privacy Policy | Cookie Policy | Terms of Use
in partnership with