On Tue, Feb 18, 2014 at 5:13 PM, Dave Taht <dave.t...@gmail.com> wrote: > While we are at it. (wobbly wednesday) > > http://www.ioactive.com/news-events/IOActive_advisory_belkinwemo_2014.html > > Don't leave home with it on. > > At least they left the signing keys for the certificate in the > firmware, so that bad guys can exploit it, and good guys, improve it. > > > > On Tue, Feb 18, 2014 at 5:10 PM, Rich Brown <richb.hano...@gmail.com> wrote: >> More excitement... >> >> https://isc.sans.edu/forums/diary/Linksys+Worm+TheMoon+Summary+What+we+know+so+far/17633
I was incidentally quite surprised to see the original limited scope of the DNS changer worm. I didn't think we'd busted the folk involved in the scam soon enough, nor was I happy with the ensuing publicity, nor with how long it took for Paul to be able to turn off the the servers supplying the (4+m) busted routers with corrected data. The world has been ripe for the same attack or worse, across over half the home routers in the universe, as well as much CPE. This is in part why I'm so adamant about getting DNSSEC support "out there", adding sensors to cerowrt, improving security, doing bcp38 and source sensitive routing and the like. >> _______________________________________________ >> Cerowrt-devel mailing list >> Cerowrt-devel@lists.bufferbloat.net >> https://lists.bufferbloat.net/listinfo/cerowrt-devel > > > > -- > Dave Täht > > Fixing bufferbloat with cerowrt: > http://www.teklibre.com/cerowrt/subscribe.html -- Dave Täht Fixing bufferbloat with cerowrt: http://www.teklibre.com/cerowrt/subscribe.html _______________________________________________ Cerowrt-devel mailing list Cerowrt-devel@lists.bufferbloat.net https://lists.bufferbloat.net/listinfo/cerowrt-devel
