1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

[SECURITY ALERT] Yet another router vulnerability

Discussion in 'Bits & Bytes' started by Biker, Apr 16, 2018.

  1. Biker

    Biker Administrator Staff Member

    Allene and SixofNine like this.
  2. SixofNine

    SixofNine Jedi Sage Staff Member

    Ouch.

    Some big names on the list of affected routers: Asus, Belkin, D-Link, Netgear, Ubiquiti, ZyXel, and others.

    And I see that it's not just routers, There are cameras and printers on the list.
     
  3. Allene

    Allene Registered User

    I've got a Mikrotic router, which isn't on the list . . . yet.
     
  4. Biker

    Biker Administrator Staff Member

    What was troubling was seeing OpenWRT on the list. I have a Nighthawk X6 R8000 that I've been contemplating nuking and loading one of the open source OS's. That definitely isn't going to happen right now until I start seeing patches being pushed for this one.
     
  5. Susan Addams

    Susan Addams Unregistered User

    I went through my router settings multiple times and turned off every last ability for UPnP or any other similar thing, and have done the same for my NAS devices.

    Unfortunately it's not so easy with Alexa devices. They seem to access their mother sites all on their own, presumably on a polling basis, and as devices in your network they can contact the Internet if they want. In fact if you used your router to block their outbound connections they would cease working. Alexa (Dot, Show, etc.) won't work with the voice commands if it can't contact Amazon's mother ship. Siri on my cell/tablet gets noticeably stupid when out of Internet range, although I think minimal commands are still there.

    We might as well accept that the more we integrate into our lives and into our homes intelligent devices that communicate on the Internet we are going to be subject to a never ending series of exploits, just the same as that anybody who participates in the financial system is open to personal data breaches.

    Before you lecture me, I'll say it for you. Yes I think an Alexa breach is inevitable. It's like the "Big One" here in California, we know it's coming but we don't know when.

    I've joined LifeLock because my anxiety over my financial affairs being breached began to panic me. I doubt they will stop anything but at least their promise is to remediate my losses and that's the best I can do since we all know our personal details and our privacy are going to be breached repeatedly. The system has become so complex that it has gone out of control, there are so many companies that have our data that it's inevitable that one or the other will be breached. Even the US government data files on we citizens have been breached.

    The only thing we can do is to have a plan. One of my plans is to not get involved in new companies that may breach my privacy. At least I can minimize the number of points of exposure. That and LifeLock to help repair the damage.
     

Share This Page