www-commits
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

www/proprietary proprietary-back-doors.html pro...

From: rsiddharth
Subject: www/proprietary proprietary-back-doors.html pro...
Date: Fri, 18 Dec 2020 23:35:43 -0500 (EST) 
CVSROOT:        /web/www
Module name:    www
Changes by:     rsiddharth <rsd>        20/12/18 23:35:43

Modified files:
        proprietary    : proprietary-back-doors.html proprietary.html 
        proprietary/workshop: mal.rec 

Log message:
        [www-discuss 2020-12-06] Add back doors in wifi hubs

CVSWeb URLs:
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/proprietary-back-doors.html?cvsroot=www&r1=1.119&r2=1.120
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/proprietary.html?cvsroot=www&r1=1.262&r2=1.263
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/workshop/mal.rec?cvsroot=www&r1=1.261&r2=1.262

Patches:
Index: proprietary-back-doors.html
===================================================================
RCS file: /web/www/www/proprietary/proprietary-back-doors.html,v
retrieving revision 1.119
retrieving revision 1.120
diff -u -b -r1.119 -r1.120
--- proprietary-back-doors.html 24 Nov 2020 12:48:52 -0000      1.119
+++ proprietary-back-doors.html 19 Dec 2020 04:35:43 -0000      1.120
@@ -392,6 +392,27 @@
 <h3 id='universal'>Full control</h3>
 
 <ul class="blurbs">
+  <li id="M202012180">
+    <p>Some Wavelink and JetStream wifi routers have
+    universal back doors that enable unauthenticated
+    users to remotely control not only the routers, but
+    also any devices connected to the network. There is evidence that <a
+    
href="https://cybernews.com/security/walmart-exclusive-routers-others-made-in-china-contain-backdoors-to-control-devices/";>
+    this vulnerability is actively exploited</a>.</p>
+
+    <p>If you consider buying a router, we encourage you to get one
+    that <a href="https://ryf.fsf.org/categories/routers";>runs on free
+    software</a>. Any attempts at introducing malicious functionalities in
+    it (e.g., through a firmware update) will be detected by the community,
+    and soon corrected.</p>
+
+    <p>If unfortunately you own a router that runs on
+    proprietary software, don't panic! You may be able to
+    replace its firmware with a free operating system such as <a
+    href="https://librecmc.org";>libreCMC</a>. If you don't know how,
+    you can get help from a nearby GNU/Linux user group.</p>
+  </li>
+
   <li id="M202011060">
     <p>A new app published by Google <a
     
href="https://www.xda-developers.com/google-device-lock-controller-banks-payments/";>lets
@@ -738,7 +759,7 @@
 
 <p class="unprintable">Updated:
 <!-- timestamp start -->
-$Date: 2020/11/24 12:48:52 $
+$Date: 2020/12/19 04:35:43 $
 <!-- timestamp end -->
 </p>
 </div>

Index: proprietary.html
===================================================================
RCS file: /web/www/www/proprietary/proprietary.html,v
retrieving revision 1.262
retrieving revision 1.263
diff -u -b -r1.262 -r1.263
--- proprietary.html    17 Dec 2020 15:42:57 -0000      1.262
+++ proprietary.html    19 Dec 2020 04:35:43 -0000      1.263
@@ -89,8 +89,8 @@
 <hr class="thin" />
 </div>
 
-<p>As of November, 2020, the pages in this directory list around 450
-instances of malicious functionalities (with more than 550 references to
+<p>As of December, 2020, the pages in this directory list around 450
+instances of malicious functionalities (with more than 560 references to
 back them up), but there are surely thousands more we don't know about.</p>
 
 <table id="TOC">
@@ -174,6 +174,27 @@
 <h3 id="latest">Latest additions</h3>
 
 <ul class="blurbs">
+  <li id="M202012180">
+    <p>Some Wavelink and JetStream wifi routers have
+    universal back doors that enable unauthenticated
+    users to remotely control not only the routers, but
+    also any devices connected to the network. There is evidence that <a
+    
href="https://cybernews.com/security/walmart-exclusive-routers-others-made-in-china-contain-backdoors-to-control-devices/";>
+    this vulnerability is actively exploited</a>.</p>
+
+    <p>If you consider buying a router, we encourage you to get one
+    that <a href="https://ryf.fsf.org/categories/routers";>runs on free
+    software</a>. Any attempts at introducing malicious functionalities in
+    it (e.g., through a firmware update) will be detected by the community,
+    and soon corrected.</p>
+
+    <p>If unfortunately you own a router that runs on
+    proprietary software, don't panic! You may be able to
+    replace its firmware with a free operating system such as <a
+    href="https://librecmc.org";>libreCMC</a>. If you don't know how,
+    you can get help from a nearby GNU/Linux user group.</p>
+  </li>
+
   <li id="M202012070">
     <p>Baidu apps <a
     
href="https://www.cpomagazine.com/data-privacy/sensitive-data-leak-from-baidu-apps-allows-lifetime-user-tracking-according-to-researchers/";>leaked
@@ -215,13 +236,6 @@
     href="https://directory.fsf.org/wiki/Jitsi";>Jitsi</a> or BigBlueButton,
     better still if installed in a server controlled by the users.</p>
   </li>
-
-  <li id="M202004150">
-    <p>Riot Games’ new anti-cheat is malware; <a
-    
href="https://www.extremetech.com/gaming/309320-riot-games-new-anti-cheat-system-runs-at-system-boot-uses-kernel-driver";>runs
-    on system boot at kernel level</a> on Windows. It is insecure software
-    that increases the attack surface of the operating system.</p>
-  </li>
 </ul>
 
 </div>
@@ -284,7 +298,7 @@
 
 <p class="unprintable">Updated:
 <!-- timestamp start -->
-$Date: 2020/12/17 15:42:57 $
+$Date: 2020/12/19 04:35:43 $
 <!-- timestamp end -->
 </p>
 </div>

Index: workshop/mal.rec
===================================================================
RCS file: /web/www/www/proprietary/workshop/mal.rec,v
retrieving revision 1.261
retrieving revision 1.262
diff -u -b -r1.261 -r1.262
--- workshop/mal.rec    17 Dec 2020 15:42:57 -0000      1.261
+++ workshop/mal.rec    19 Dec 2020 04:35:43 -0000      1.262
@@ -24,6 +24,31 @@
 ####    Please don't remove the blank line after this marker!    ####
 # ADD NEW BLURB HERE
 
+Added: 2020-12-18
+Id: 202012180
+RT: www-discuss (2020-12-06 back doors in wifi hubs)
+PubDate: 2020-11-23
+Target: proprietary-back-doors.html universal
+Keywords: routers jetstream wavelink
+Blurb: <p>Some Wavelink and JetStream wifi routers have
++   universal back doors that enable unauthenticated
++   users to remotely control not only the routers, but
++   also any devices connected to the network. There is evidence that <a
++   
href="https://cybernews.com/security/walmart-exclusive-routers-others-made-in-china-contain-backdoors-to-control-devices/";>
++   this vulnerability is actively exploited</a>.</p>
++
++   <p>If you consider buying a router, we encourage you to get one
++   that <a href="https://ryf.fsf.org/categories/routers";>runs on free
++   software</a>. Any attempts at introducing malicious functionalities in
++   it (e.g., through a firmware update) will be detected by the community,
++   and soon corrected.</p>
++
++   <p>If unfortunately you own a router that runs on
++   proprietary software, don't panic! You may be able to
++   replace its firmware with a free operating system such as <a
++   href="https://librecmc.org";>libreCMC</a>. If you don't know how,
++   you can get help from a nearby GNU/Linux user group.</p>
+
 Added: 2020-12-17
 Id: 202012070
 RT: www-discuss 2020-12-10
reply via email to
[Prev in Thread] Current Thread [Next in Thread]