600K Cable Modems Have ‘Backdoors In Backdoors’

• Nov 20, 2015

• #1

H

HardOCP News

[H] News

Joined

Dec 31, 1969

Messages

0

So many "Yo dawg! I heard you like backdoors in your backdoors" jokes to be had, so little time.

600,000 Arris cable modems could be affected by a “backdoor-within-a-backdoor”, according to a security researcher. Bernardo Rodrigues, a vulnerability tester with Brazil’s Globo TV network, posted that he discovered the undocumented library within three Arris cable modems. However, using the search engine for internet-connected devices, Shodan, this found that in fact, 600,000 modems were affected.

 

• Nov 20, 2015

• #2

S

sboucher

Gawd

Joined

Oct 7, 2004

Messages

550

So many backdoors, so little time...

 

• Nov 20, 2015

• #3

T

twonunpackmule

[H]ard|Gawd

Joined

Sep 27, 2005

Messages

1,700

I love it when you squeeze my lemon...

 

• Nov 20, 2015

• #4

S

Spidey329

[H]F Junkie

Joined

Dec 15, 2003

Messages

8,683

How can you have a backdoor in a backdoor? Is it like a human size door with a doggie door in it?

 

• Nov 20, 2015

• #5

viscountalpha

2[H]4U

Joined

Oct 16, 2011

Messages

2,618

Spidey329 said:

How can you have a backdoor in a backdoor? Is it like a human size door with a doggie door in it?

Click to expand...

Its a door with a secret hinge that lets you through without a key and then another
One right inside that one.

 

• Nov 20, 2015

• #6

M

Methadras

Supreme [H]ardness

Joined

Dec 19, 2000

Messages

6,132

So this is double backdoor? Hmmm... <looks both ways>

 

• Nov 20, 2015

• #7

CaptNumbNutz

Fully [H]

Joined

Apr 11, 2007

Messages

24,970

Backdoors in Backdoors eh? I guess you could say that anyone using backdoor access to one of these modems will be figuratively tearing them a new asshole.

 

• Nov 20, 2015

• #8

P

Parmenides

Supreme [H]ardness

Joined

Apr 25, 2006

Messages

6,578

Tiered access to the highest bidder. I wonder which governments get the double duty and which didn't.

 

• Nov 20, 2015

• #9

J

Jospeh

[H]ard|Gawd

Joined

Jul 29, 2008

Messages

1,885

Tiered access

Click to expand...

5 DOLLARS PER CLIENT TO WATCH THEM JERK OFF
10 DOLLARS PER CLIENT TO CONTROL WHAT THEY JERK OFF TOO

 

• Nov 20, 2015

• #10

P

-PK-

[H]ard|Gawd

Joined

Aug 6, 2004

Messages

1,798

If the first shell is a fake shell, that may have been to tighten the security against random 'internet noise' brute force attacks. Although, I see no reason to have a technician's shell in the first place, unless the programmer who put it there was planning corporate espionage or working for a foreign government.

 

• Nov 21, 2015

• #11

F

FrozenSteel

Limp Gawd

Joined

Oct 24, 2011

Messages

193

Jospeh said:

5 DOLLARS PER CLIENT TO WATCH THEM JERK OFF
10 DOLLARS PER CLIENT TO CONTROL WHAT THEY JERK OFF TOO

Click to expand...

This just made my evening

 

• Nov 21, 2015

• #12

rezerekted

2[H]4U

Joined

Apr 6, 2015

Messages

3,051

He should check them for hidden mics and/or cameras too.