FBI to World+Dog: Please, try turning it off and turning it back on The FBI has reminded the world it wants us to reboot our routers to try and help it identify VPNFilter-affected routers. It first asked for reboots last Wednesday, May 23, in the Department of Justice VPNFilter media release, but on Friday added a stand-alone public service announcement emphasising its "IT Crowd" strategy. …
Probably not a bad idea, but I'm one of those people who looks at uptime and doesn't step on a crack. Not gonna happen. Besides I don't run proprietary code on my router and I have a feeling that the majority of those that do (barring professional installations) are not going to get this news nor care.
It depends on your set-up, particularly your ISP, but one side effect can be to change your IP address. I doubt it will hide whether or not you are in the EU, but I am not sure it's a good idea to be a fixed target.
I don't think the code in any router/modem is all that reliable, long-term. I don't think it's strictly a memory leak, but something accumulates on mine until performance slumps. And a reboot fixes it. We're talking several weeks of uptime, and there is a downside to frequent reboots, but my system reports over a week of uptime, yet the line has only been up for an hour. Something must have glitched at the ISP.
So I think you might be a little bit optimistic.
"something accumulates on mine until performance slumps. And a reboot fixes it. "
It sounds like you're using some crap software there. You might like to try something better. What you're describing is exactly the kind of thing which happens with proprietary software when they just want to push stuff out the door. Get something where the writers actually care.
And yes, I understand that only serious computer people like you and I will do that kind of thing. Hence my comment that I think that most people won't even hear about this and reboot their routers, let alone take some measure of control of their software.
So I think you might be a little bit optimistic.
Well I certainly don't think I'm immune to malware or attacks of any kind. Things are pretty tight here - but never say never. :)
It's by far the easiest way to get the kids off YouTube.
Tried setting up YouTube as a blocked site for my daughter's devices through our Linksys router. Their code is such shit it ends up blocking the entire connection and not just one site.
Need to seriously figure out the parental controls on the EdgeRouter Lite, so I can finally swap that in it's place.
Ancient kernel versions infested with binary blobs, uPNP enabled out of the box, web interface with glaring vulnerabilities accessible from the WAN, no SMB egress filtering, backdoors in stock firmware, "telemetry," insecure browsers running malicious js/vb/skiddie-language-du-jour, Windows 10 p2p patches distribution punching holes in the firewall and so on.
How many more vectors do you need? Consumer IT is one big maelstrom of beta testing, spyware and experiments in Darwinism - and these same TLAs are making it worse by keeping the tasty vulns to themselves for use in projects with twee uppercase names.
So no, Feds, nobody is buying your "caring" advice.
If the FBI now have the host,
They have the domain, not the host.
My guess is that infected routers will have cached the host address. A reboot effectively resets the DNS cache allowing the new A record to be used instead. Not a cure, but might provide a little bit of relief.
FBI Turn off the router and turn it back on again (Reboot the router).
"Netgear said users should install the latest firmware for their devices, change the default admin password, and turn off remote management;"
Two great bits of advice
But can we actually require manufacturers to not provide any password for routers.
but up instead pop up a Set-Up advisory to set the password before continuing. The worst that can happen is the password is forgotten and they have to reset the router via using a toothpick.
And do not set remote admin or at least insist on MAC numbers too, that would stop drive by and mass internet attacks.
In recent day I have visited websites that have bypassed my no java settings in My Firefox browser,
Ajax and java have run despite My setting java off using a number of config togglers and switches available.
Looking at the script it was written by bods from MIT, I could not see how it ran in the first instance as js was off, but it then undid/re enabled any settings I had disabled. just in order show a benign but interesting graphic in the browser.
Running java in my browser can give a hacker a leg up to my system and router.
As long as this can occur and our browser settings are slowly removed and the user's preference disabled we are going to exacerbate the hacker problem.
Was when the Vault 7 docs were released by Wikileaks. Among the material published were the details of exploits discovered or developed to compromise Mikrotik gear. The router manufacturer responded by releasing updates to counter those threats. Many customers applied those updates before the month was over. A year later, the press, acting as stenographer for the FBI "announces" the same vulnerability. Huh? Oh, that's right: the Vault 7 material was classified, and its release unauthorized, so no US government agency can acknowledge its content. As a result, we now have this independent revelation of these exploits.
I have a recent-model Linksys router. I have to reboot it every 2-3 days anyway, even *without* a malware attack. Then again, perhaps their code is almost malware anyway ("mal" as in "malady", which the code definitely suffers from). Crapware would probably be a better description.
Since this is potentially an issue of national security, they could just initiate a series of rolling blackouts from coast to coast, lasting only a few minutes--long enough to kill the power on every router that isn't plugged into a backup generator, or UPS.
Anyone that's got their network configured with redundant power, should be wise enough to figure out how to reboot them on their own.
Sure, it would be kinda weird--but there are too many lazy and/or idiots that don't know what the hell they're doing and forced compliance is clearly the easiest method to get everyone to fall in line.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
