Researcher will enable hackers to take over millions of home routers
By Sean Hollister 
posted July 21st 2010 6:33AM
posted July 21st 2010 6:33AM
posted July 21st 2010 6:33AM
A look back on popular stories from today in a specific year.
Now that we've thrown 'em off the trail, use the form below to get in touch with the people at Engadget. Please fill in all of the required fields because they're required.
let 'er rip
@imtired
Hmmmm.... My password is "admin" is that ok? Maybe I should change it to "password"-
@boomer7638
Nah, change it to "password1"
@boomer7638 1234 is far more secure. Numbers aren't hackable.
@FauxNews
That's the kind of combination an idiot has on his luggage!
Oh noes, hackers are going to change my port forwarding settings!
Well, good luck to them, because I for one cannot figure out how the hell to do it.
@James T Kirk
I have 9876, no one will think of that
@imtired
I'm sorry, but this is just overhyped BS. Nothing but script kiddie noobsh1t techniques. Any fool can write a like to 192.168.1.1?dostuff.
Typical clueless journalism.
@James T Kirk
* Thinks about changing luggage combination *
@pankomputerek Changing the password won't help. Everyone knows the universal password to everything is Joshua.
@imtired mine is 000000
@imtired
so, the vulnerability is a default password?
thats the way this article makes this seem
@willwillywilson I thought the universal password was GodMode
So is there really anything I can do to protect my WRT54GL running DD-WRT v24-sp2?
@imtired
ALL YOUR ROUTER ARE BELONG TO US!
Ditto.
@imtired
What a boring achievement, this guy. In the amount of time he spent fooling around, he could have probably wrote a small program to sell and actually progress society while making a little money.
@imtired I personally set my passwords to "ifyoubruteforcedthisyoushouldreallyfindabetterwaytospendyourtime"
stupid ass i got norton
u cant do nothin
I, for one, welcome our new Hacker overlords.....NOT ;-(
@jhs
Hah, I have a WRT54G with DD-WRT. Too bad I know how to secure it properly! Muhahaha...
NOoooooooooooooooooooooooo
Good Luck, I'm Behind 7 Proxies!
@HotCollegeTeen Well our dear government in Iran not only censors half of the internet(facebook,tweeter,youtube,myspace,file sharing services,gizmodo(!),wmpoweruser(!),etc) but also with a very forward thinking security policies blocks half of the net protocols too, completely randomly, so since i can't connect to my own RDC host i don't think he have that much of chance to hack my port forwarding settings for online gaming. i feel safe.
@arash Another time that i felt safe from their forward thinking was when i heard KIN announcement cause i instantly found out we are protected from it, since if you power on a KIN here it will boot up with this message: ACCESS IS BLOCKED
@arash
lol.... atleast engadget is not blocked.
@ssguy Nah i think they like joshua's beard
@arash Our dear government in Cupertino also censors Gizmodo.
@arash
Oddly enough, when I was in Iran in May, out of all the websites I visit from home the only one that wasn't blocked was Engadget...
Looks like he didn't get payment from those companies.
My is already taken over..... *by me*
Good thing I've got a Belkin router.
@guitarkid ...From the briefings blurb listed on the black hat site:
http://www.blackhat.com/html/bh-us-10/bh-us-10-briefings.html
"Confirmed affected routers include models manufactured by Linksys, Belkin, ActionTec, Thompson, Asus and Dell, as well as those running third-party firmware such as OpenWRT, DD-WRT and PFSense."
@Blau awesome, netgear ftw
@Blau
I wonder if Tomato is in that list...
I would love to see this.
i have a router that looks just right that :D
but i don't even know my username and pass, it's a good thing Firefox remembers it. it's probably set to default anyway
Sean Hollister, please remove the comma after "days".
ahh the black hat conference the dirtiest conference in the world or one of many. Well it's a good thing where I live people don't even know what wifi is and wat does it do.
@acekilla Looks like they don't know how to spell "what" either.
This reeks of extortion to me, it seems pretty crazy that a researcher would do this, and compromise 'millions' of routers. He of course knows the only fix is a firmware update, and, let's face it; of those millions affected, how many millions even know how to update the firmware?
@Skizem That is exactly correct, very few is the answer! That person is acting very irresponsibly.
@Skizem
+1 Pretty much everyone I've ever done tech support for has absolutely no idea how to even log into their own router.
I dislike you, Craig Heffner.
Well this blows.
This is the end of the internet. THE END! OF THE INTERNET!
@whiskers :O !!! Yes this is reason for the 2012 end of mayan calendar Crap!,its not end of the world but its the end of internet!,and rebirth as a hack filled hellhole,where you turn your pc/router on and it filled with porn,hijackers,hacker geeks that laugh at your mp3,photo collections control your pc and steal all your money in your bank(also the people saying they are secure etc etc,yes you are for now,but this hack opens up whole new can of worms,and yes it taste yucky horrible and full of filth,be afraid people be very afraid.........
@whiskers Or the start of free internet
I trust that Craig isn't hoping to be receiving many Christmas cards this year from either Cisco or their customers. While I can fully appreciate the rationale behind this action, releasing this code (assuming it works) would be utter irresponsible because it effectively guarantees that hacks may occur in the wild rather than they potentially will.
@Kelmon sadly sometimes you can warn people and warn them and they do nothing so making it public is the only way.
Of course this exploit may already be in use by proper criminals so a bit of publicity might help close this door to them.
@LordBrian
Disagree. If Cisco hasn't fixed the problem despite warnings, there is no guarantee that this action will actually force them to fix it, plus you are then reliant upon them managing to get every impacted product in circulation updated. All this does is greatly increase the risk of a successful attack to customers and I fail to see how this can be a "good thing". As I said, I understand the rationale behind this but I do think this practice is fundamentally flawed, plus it sounds like a publicity stunt to boot.
Sorry, but I think this action is wrong. Security researchers are a fairly dubious bunch at the best of times (how many of them are ex-hackers?) and this one is definitely stepping beyond what is acceptable. It's almost hacking by proxy.