ASUS RT-AC87U serial console is wide open!

[mecasull]

My home network is also vulnerable to someone disconnecting my router, and replacing it with one of their own.

 

[netware5]

My home network is also vulnerable to someone disconnecting my router, and replacing it with one of their own.

Yes-s-s! I really do not understand why the vendors neglect this huge vulnerability!

 

[W4RH34D]

Yes-s-s! I really do not understand why the vendors neglect this huge vulnerability!

Get a smart switch!

 

[sfx2000]

Well I mean, common sense - randomly flipping these features on willy nilly is signing up for a bad time.

Bugs on the other hand, that's when I'm all ears because it's something that is "not supposed" to happen. Now that can end up being something cool, or downright catastrophic.

Actually, flipping the bits, reduced our support calls - most folks that saw the pads and tried it gave up.

If we knew they were a developer, they knew that the pins were flipped, and they had the correct cables/fixtures to do what they needed to do.

yeah, we also signed the bootloader as well - does that make me evil?

 

[W4RH34D]

Actually, flipping the bits, reduced our support calls - most folks that saw the pads and tried it gave up.

If we knew they were a developer, they knew that the pins were flipped, and they had the correct cables/fixtures to do what they needed to do.

yeah, we also signed the bootloader as well - does that make me evil?

Well I mean turning on services that a person knows nothing about could prove to be problematic.

 

[sfx2000]

Actually, flipping the bits, reduced our support calls - most folks that saw the pads and tried it gave up.

If we knew they were a developer, they knew that the pins were flipped, and they had the correct cables/fixtures to do what they needed to do.

yeah, we also signed the bootloader as well - does that make me evil?

To make things even more fun for casual spectators - we booted into L4, and then kicked a signed NetBSD environment - we had upstream firmware that wasn't GPL, hence no linux - and L4 let us work our stuff, along with third parties in a separate and secure environment. Our developers and QA teams, along with Field Engineers all had the right codes/tools, and we shared what we needed for Customer QA teams and third party developers.

Going into 2015 and the FCC restrictions on firmware, one might see a similar approach - it's about establishing privileges on what code can and cannot be changed - done right, and it can be a good thing for all.

embedded firmware is fun

sfx

 

[sfx2000]

in other words - security is baked in the design... not added on.

Most SOHO routers - it's not a concern for them, it's mostly an end-user problem...

 

[W4RH34D]

in other words - security is baked in the design... not added on.

Most SOHO routers - it's not a concern for them, it's mostly an end-user problem...

I always day dreamed about a router that when it reboots has to reinstall itself off a cdrom. So like, you'd bake up the current settings for the router, all hard coded, burn it to disk, and it runs off that until you make a change. Read only all the way to the physical location of the data.