![]() ![]() There’s even a bone for you die-hard hardware hackers out there who think that all of this software security stuff is silly. This both shielded him from the potential initial heat and puts a bit of additional pressure on the ISPs to fix the vulnerability - when the story hits the front page, they would really like to be ahead of the problem. Instead of going to them directly and potentially landing himself in jail, he instead went to the press, and let his contacts at the press talk to the ISPs. Oh dear.Ī very interesting point in the talk is the way that chose to go about informing the cable ISPs. As for the other? “They’d better hurry up.” He also mentions that, although he’s not sure, he suspects that similar vulnerabilities are present in other countries. While was very careful to point out that he’d disclosed all of these vulnerabilities to the two German cable ISPs that were affected, he notably praised one of them for its speedy response in patching up the holes. ![]() The vulnerability was very serious, resulting in remote root terminals on essentially any affected cable modem, and the causes were trivial: unencrypted passwords in files that are sent over TFTP or Telnet to the modems, for instance. Gave an absolutely hilarious talk at 32C3 about the security flaws he found in cable modems from two large German ISPs.
0 Comments
Leave a Reply. |