[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
www/proprietary proprietary-back-doors.html pro...
From: |
rsiddharth |
Subject: |
www/proprietary proprietary-back-doors.html pro... |
Date: |
Fri, 18 Dec 2020 23:35:43 -0500 (EST) |
CVSROOT: /web/www
Module name: www
Changes by: rsiddharth <rsd> 20/12/18 23:35:43
Modified files:
proprietary : proprietary-back-doors.html proprietary.html
proprietary/workshop: mal.rec
Log message:
[www-discuss 2020-12-06] Add back doors in wifi hubs
CVSWeb URLs:
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/proprietary-back-doors.html?cvsroot=www&r1=1.119&r2=1.120
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/proprietary.html?cvsroot=www&r1=1.262&r2=1.263
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/workshop/mal.rec?cvsroot=www&r1=1.261&r2=1.262
Patches:
Index: proprietary-back-doors.html
===================================================================
RCS file: /web/www/www/proprietary/proprietary-back-doors.html,v
retrieving revision 1.119
retrieving revision 1.120
diff -u -b -r1.119 -r1.120
--- proprietary-back-doors.html 24 Nov 2020 12:48:52 -0000 1.119
+++ proprietary-back-doors.html 19 Dec 2020 04:35:43 -0000 1.120
@@ -392,6 +392,27 @@
<h3 id='universal'>Full control</h3>
<ul class="blurbs">
+ <li id="M202012180">
+ <p>Some Wavelink and JetStream wifi routers have
+ universal back doors that enable unauthenticated
+ users to remotely control not only the routers, but
+ also any devices connected to the network. There is evidence that <a
+
href="https://cybernews.com/security/walmart-exclusive-routers-others-made-in-china-contain-backdoors-to-control-devices/">
+ this vulnerability is actively exploited</a>.</p>
+
+ <p>If you consider buying a router, we encourage you to get one
+ that <a href="https://ryf.fsf.org/categories/routers">runs on free
+ software</a>. Any attempts at introducing malicious functionalities in
+ it (e.g., through a firmware update) will be detected by the community,
+ and soon corrected.</p>
+
+ <p>If unfortunately you own a router that runs on
+ proprietary software, don't panic! You may be able to
+ replace its firmware with a free operating system such as <a
+ href="https://librecmc.org">libreCMC</a>. If you don't know how,
+ you can get help from a nearby GNU/Linux user group.</p>
+ </li>
+
<li id="M202011060">
<p>A new app published by Google <a
href="https://www.xda-developers.com/google-device-lock-controller-banks-payments/">lets
@@ -738,7 +759,7 @@
<p class="unprintable">Updated:
<!-- timestamp start -->
-$Date: 2020/11/24 12:48:52 $
+$Date: 2020/12/19 04:35:43 $
<!-- timestamp end -->
</p>
</div>
Index: proprietary.html
===================================================================
RCS file: /web/www/www/proprietary/proprietary.html,v
retrieving revision 1.262
retrieving revision 1.263
diff -u -b -r1.262 -r1.263
--- proprietary.html 17 Dec 2020 15:42:57 -0000 1.262
+++ proprietary.html 19 Dec 2020 04:35:43 -0000 1.263
@@ -89,8 +89,8 @@
<hr class="thin" />
</div>
-<p>As of November, 2020, the pages in this directory list around 450
-instances of malicious functionalities (with more than 550 references to
+<p>As of December, 2020, the pages in this directory list around 450
+instances of malicious functionalities (with more than 560 references to
back them up), but there are surely thousands more we don't know about.</p>
<table id="TOC">
@@ -174,6 +174,27 @@
<h3 id="latest">Latest additions</h3>
<ul class="blurbs">
+ <li id="M202012180">
+ <p>Some Wavelink and JetStream wifi routers have
+ universal back doors that enable unauthenticated
+ users to remotely control not only the routers, but
+ also any devices connected to the network. There is evidence that <a
+
href="https://cybernews.com/security/walmart-exclusive-routers-others-made-in-china-contain-backdoors-to-control-devices/">
+ this vulnerability is actively exploited</a>.</p>
+
+ <p>If you consider buying a router, we encourage you to get one
+ that <a href="https://ryf.fsf.org/categories/routers">runs on free
+ software</a>. Any attempts at introducing malicious functionalities in
+ it (e.g., through a firmware update) will be detected by the community,
+ and soon corrected.</p>
+
+ <p>If unfortunately you own a router that runs on
+ proprietary software, don't panic! You may be able to
+ replace its firmware with a free operating system such as <a
+ href="https://librecmc.org">libreCMC</a>. If you don't know how,
+ you can get help from a nearby GNU/Linux user group.</p>
+ </li>
+
<li id="M202012070">
<p>Baidu apps <a
href="https://www.cpomagazine.com/data-privacy/sensitive-data-leak-from-baidu-apps-allows-lifetime-user-tracking-according-to-researchers/">leaked
@@ -215,13 +236,6 @@
href="https://directory.fsf.org/wiki/Jitsi">Jitsi</a> or BigBlueButton,
better still if installed in a server controlled by the users.</p>
</li>
-
- <li id="M202004150">
- <p>Riot Gamesâ new anti-cheat is malware; <a
-
href="https://www.extremetech.com/gaming/309320-riot-games-new-anti-cheat-system-runs-at-system-boot-uses-kernel-driver">runs
- on system boot at kernel level</a> on Windows. It is insecure software
- that increases the attack surface of the operating system.</p>
- </li>
</ul>
</div>
@@ -284,7 +298,7 @@
<p class="unprintable">Updated:
<!-- timestamp start -->
-$Date: 2020/12/17 15:42:57 $
+$Date: 2020/12/19 04:35:43 $
<!-- timestamp end -->
</p>
</div>
Index: workshop/mal.rec
===================================================================
RCS file: /web/www/www/proprietary/workshop/mal.rec,v
retrieving revision 1.261
retrieving revision 1.262
diff -u -b -r1.261 -r1.262
--- workshop/mal.rec 17 Dec 2020 15:42:57 -0000 1.261
+++ workshop/mal.rec 19 Dec 2020 04:35:43 -0000 1.262
@@ -24,6 +24,31 @@
#### Please don't remove the blank line after this marker! ####
# ADD NEW BLURB HERE
+Added: 2020-12-18
+Id: 202012180
+RT: www-discuss (2020-12-06 back doors in wifi hubs)
+PubDate: 2020-11-23
+Target: proprietary-back-doors.html universal
+Keywords: routers jetstream wavelink
+Blurb: <p>Some Wavelink and JetStream wifi routers have
++ universal back doors that enable unauthenticated
++ users to remotely control not only the routers, but
++ also any devices connected to the network. There is evidence that <a
++
href="https://cybernews.com/security/walmart-exclusive-routers-others-made-in-china-contain-backdoors-to-control-devices/">
++ this vulnerability is actively exploited</a>.</p>
++
++ <p>If you consider buying a router, we encourage you to get one
++ that <a href="https://ryf.fsf.org/categories/routers">runs on free
++ software</a>. Any attempts at introducing malicious functionalities in
++ it (e.g., through a firmware update) will be detected by the community,
++ and soon corrected.</p>
++
++ <p>If unfortunately you own a router that runs on
++ proprietary software, don't panic! You may be able to
++ replace its firmware with a free operating system such as <a
++ href="https://librecmc.org">libreCMC</a>. If you don't know how,
++ you can get help from a nearby GNU/Linux user group.</p>
+
Added: 2020-12-17
Id: 202012070
RT: www-discuss 2020-12-10
- www/proprietary proprietary-back-doors.html pro...,
rsiddharth <=