BHU's 'Tiger Will Power' Wi-Fi Router May Be The Most Insecure Router Ever Made (softpedia.com) 62
An anonymous reader writes from a report via Softpedia: A Wi-Fi router manufactured and sold only in China can easily run for the title of "most insecure router ever made." The BHU router, whose name translates to "Tiger Will Power," has a long list of security problems that include: four authentication bypass flaws (one of which is just hilarious); a built-in backdoor root account that gets created on every boot-up sequence; the fact that it opens the SSH port for external connections after every boot (somebody has to use that root backdoor account right?); a built-in proxy server that re-routes all traffic; an ad injection system that adds adverts to all the sites you visit; and a backup JS file embedded in the router firmware if the ad script fails to load from its server. For techies, there's a long technical write-up, which gets funnier and scarier at the same time as you read through it. "An attacker authenticating on the router can use a hardcoded session ID (SID) value of 700000000000000 to gain admin privileges," reports Softpedia. "If he misspells the SID and drops a zero, that's no problem. The BHU router will accept any value and still grant the user admin rights."
Re: (Score:2)
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT
Re: (Score:2)
Why waste resources? /etc/init.d/iptables stop
They're just trying to be "user friendly" (Score:5, Funny)
They clearly went to a lot of trouble to make it easy to access this router.
I think we should give them credit for the "most user friendly router".
Really, think of all the times you have had to battle with passwords, IDs, etc. to get access to your router... what a drag.
Anybody can get into this thing.
Re: (Score:2)
Are you the same shining light who mistranslated the name of the "intelligent" [zhìnéng] router? How appropriate...
Re: (Score:1)
You're joking, but I've actually had marketing demand a website have unlimited user sessions; because if users have to bother entering their password again, they might just shop elsewhere.
Re: (Score:3)
There are six words that can put your mind at ease while at the same time removing such requests 9 out of 10 times from existence:
"Can I have that in writing?"
Re: (Score:2)
Yeah, yeah, everyone should have one, ha ha.
Re: (Score:1)
Re: (Score:2)
At one point, while working on a team which was developing a custom web interface to a telephone system, our manager *insisted* that an HTTP GET method be added called "override". If the user requesting the web page manually added "override=1" to the URL string... all authentication was bypassed, allowing full access to that phone tree. That company and all software is long gone now but the override=1 remains as a fun joke among the ex-team members.
They made it intentionally that way (Score:1)
Re: (Score:2)
Re: (Score:2)
Does that matter?
Of course you wouldn't want to buy stuff from a company that makes deliberately insecure products, but would it be any more trustworthy if a router manufacturer "only" got hacked?
Re:Linux (Score:5, Funny)
Let's see, ad injection, changing stuff back to default after you've changed it to something else, etc., etc. .... sounds like Windows 10 is already on there.
Re: (Score:2)
"Sold only in China" (Score:2)
Yeah, it's "sold only in China" until we find out some American company imported them by the boatload, slapped their own plastic case around them, and are selling them under another brand. It wouldn't be the first time.
Re: (Score:3)
And they'll sell like crazy at the Best Buy Black Friday for only $5.99 (quantities limited).
Mother of GOD!!!!!!! (Score:1)
This... is probably one of the worst product break-downs I've read in my entire short life as a software dev. Who coded this ****, a monkey?
The fact that it re-writes the root password and opens the SSH port means it's intentional 100%.
Re: (Score:1)
Who coded this ****, a monkey?
Come on now, you can say shit, promise. We're all fucking adults in here.
Re: (Score:2)
We're all fucking adults in here.
I imagine that like with any community of people, there are some that are fucking kids instead of adults, and as this is Slashdot, there are many of us that aren't even fucking at all.
Re: (Score:2)
Tyst! När man talar om trollen så står de i farstun!
Re: (Score:3)
No matter where you did that you'd be fucked.
In China, you'd get jailed for dissident behaviour.
In the US, you'd get fined, to the point where you wish it was jail time because then you could at least get food and shelter, for breaking the DMCA.
Re: (Score:2)
Sorry, but seriously I stopped following and caring about the US copyright system altogether. It's not possible to not break it anymore, so why bother trying?
Re: (Score:1)
Re: (Score:2)
I can't avoid it, I can't fight it, all I can do is simply treat them and their laws with the same attention they treat me: None at all.
They're safe! (Score:5, Funny)
Their safety comes from the fact that it's only sold in China, so they've already got a firewall.
Re: (Score:2)
Jokes aside, hacks from inside the firewall are the new hotness. I think the Australia Census DoS was inside the firewall. Perimeter defense is a fiction. Especially with the Internet of Never Updated Easily Pwn3d things.
Why all the articles (Score:2)
Try HN... (Score:2)
Try Hacker News at https://news.ycombinator.com/ [ycombinator.com] for better submissions - and also for much better discussions. I don't want to advertise it too much though, let the "funny" commenters and over-emotional downvoters who can't say anything technical about the subject(s) being discussed remain on all the other websites... :)
Re: (Score:2)
You missed Medium.
A little router (Score:2)
A little router
Such wow, closed never was
So much interest
Just like a phone system (Score:2)
Point Of Sale stuff sometimes has hardcoded passwords as well.
If made by China, we call this "insecure" (Score:2)
But if a US company had made it, it would be called "trusted".
Yes, but.. (Score:2)
... does it run DD-WRT (or variants)?
That's really all I ever want or expect from an off-the-shelf router. I assume that vendor-provided firmware is crap, untrustworthy, or inflexible.
Re: (Score:2)
Why would US government spies use a pringle can instead of buying a Yagi? Did someone cut their budget?
https://www.google.com/search?... [google.com]