NSA Warned Everyone to Reboot Their Routers
Comments
rayiner
hollow-moe
I made a separate wifi network for the smart trash, they can't see each other and aren't allowed any ingress or egress. I then add individual firewall rules on a needed basis.
nemosaltat
This is the way. Mine’s called Io(shi)T.
goolz
Similar vibes to a single, older, creepy gentleman telling a group of young school children at the park not to talk to strangers.
throawayonthe
links to this NSA press release dated April 7th https://www.nsa.gov/Press-Room/Press-Releases-Statements/Pre...
Surac
so NSA installed a backdoor to each router and now needs you to restart it to open the backdoor?
hulitu
No, the old one wasn't good tested and it hang the router. They will send a new one OTA on the next reboot.
cmehdy
TP-link routers. Entirely unsurprising.
nubinetwork
"Replace outdated routers" yeah good luck with that, they're all banned.
ohnei
What happens if an American orders a router from Aliexpress? In the past the US generally ignored low volume end user imports..
rcbdev
> "Replace outdated routers" yeah good luck with that, they're all banned.
Where on earth are routers banned?
neuronexmachina
New models of foreign-made routers (i.e. all of them) were recently banned by the US FCC: https://www.nytimes.com/wirecutter/reviews/foreign-made-wi-f...
ErroneousBosh
America. They're turning the country into a post-technological theocracy.
burnt-resistor
In this day and age, and we still lack formally-proven, FOSS/FOSHW, minimal consumer edge routers and WiFi APs.
unfitted2545
OpenWRT One? Not sure about AP's though.
burnt-resistor
There's no meaningful, usable formally-proven FOSS OS. Being FOSS isn't enough.
mindslight
Personally I just gave up trying to maintain OpenWRT/whatever on the embedded ARM dumpster fire, and went back to using a generic Linux distro (NixOS) on amd64 machines for both router and APs (with appropriate minipcie wifi cards).
burnt-resistor
An alternative is OPNsense, a minimal FreeBSD and Deciso supports an enterprise distribution-quality of it affordable by mere mortals.
hulitu
This is by design. Those who control the past (network traffic), control the future (network traffic).
Craighead
Reminder, HN, you all live in the real world. Chinese state sponsored cyber threat actors use orb networks that are primarily made via strung together off the shelf routers. The literal companies that build and maintain these ORB networks also resell this capability to Russian military intelligence and cyber threat actors.
rglover
Was unfamiliar with orb networks. This [1] is a damn clever attack vector.
[1] https://cloud.google.com/blog/topics/threat-intelligence/chi...
mindslight
They just made up a fancy term for the age old proxy... Basically lifting the longstanding criticism of their "attribution" into their realm of bespoke nouns as if it's something exceptional.
(I also found it extra annoying as my current working expansion of ORB is O-Ring Boss)
blitzar
I am interested in hearing more about the US state sponsored cyber threat actors
Craighead
Fast16, stuxnet, apt-c-40
I wonder what the prevalence of these IoT devices is doing to internet security. Your router firewall might prevent incoming connections, but these stupid devices are always dialing out to god knows where. Can that be used to compromise security?
I recently installed deep packet inspection in my firewall and it’s quite illuminating to see all of what’s going on. Why are devices in my home connecting to India?