back to article WikiLeaks emits CIA's Wi-Fi pwnage tool docs

Hundreds of commercial Wi-Fi routers are, or were, easily hackable by the CIA, according to classified files published today by WikiLeaks. The confidential US government documents describe the Cherry Blossom project, which is the framework by which CIA operatives can subvert wireless routers; install software that harvests …

  1. NiteDragon

    Honest question; anyone who did wireless networking back in the early days even slightly surprised by this?

    1. Anonymous Coward
      Anonymous Coward

      and in other news . . .

      the BBC confirms today that *really* only North Korea has hackers

    2. Mark 65

      Yet another reason to buy an open-wrt/dd-wrt/gargoyle/tomato compatible router and flash the firmware.

      1. Anonymous Coward
        Anonymous Coward

        Or if security is your thing use create_ap on a Linux box only when you need wifi. Why broadcast all the time and deploy a product that introduces loads of features you dont need?

  2. FireBurn

    Fedora 9?

    Are you sure it's Fedora 9? It was released in 2008, would have thought they'd use RHEL or similar

  3. Sebastian A

    Are there any people in the NSA who've had the epiphany "Wait, are we the bad guys?!?" yet?

    1. Quinch

      I suspect a routine psych eval would weed those out. Can't have people thinking the ends don't justify the means.

    2. DrXym

      All democracies have intelligence services that do shady shit to get a clear picture and the upper hand on their adversaries. This should not be a surprise to be anybody, nor the consequences when some of their methods are made public.

    3. Kane
      Joke

      "Are there any people in the NSA who've had the epiphany "Wait, are we the bad guys?!?" yet?"

      Obligatory Mitchell & Webb sketch.

  4. Stuart Elliott
    Facepalm

    Oh FFS

    Yay. More routers getting hacked and malware site injecting DNS changes incoming.

  5. John Smith 19 Gold badge
    WTF?

    Curious use of the word "commercial"

    How many people actually make their own routers?

    And if you are a business WTF would you allow over the air changes?

    This looks like an industry wide fail .

    1. eldowon

      Re: Curious use of the word "commercial"

      I imagine that it's to differentiate between those that use pfsense, DDWRT, Smoothwall, or even those who roll their own iptables or pf based *nix based solutions directly off of the bare packages from their chosen distros.

      I used to maintain installations where a shoestring budget would be an upgrade, and know I'm not the only one.

  6. Anonymous Coward
    Anonymous Coward

    Slight waste of time

    I'd say that's a waste of time, given that some organisations are rigged to route all traffic via the US.

    In Belgium, for instance, one of the biggest telcos routes anything that isn't destined for Belgium itself via a US backbone which saves the NSA from having to tap into data streams on foreign grounds.

    You can enable Autonomous System reporting on traceroute - just run each first and last occurrence of a new AS through geo location and you'll see what I mean.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like