{"id":10699,"date":"2020-03-31T16:25:50","date_gmt":"2020-03-31T20:25:50","guid":{"rendered":"http:\/\/pappp.net\/?guid=1fff299dac5359813bf56f1f4dfa2855"},"modified":"2020-03-31T16:25:50","modified_gmt":"2020-03-31T20:25:50","slug":"openwrt-code-execution-bug-puts-millions-of-devices-at-risk","status":"publish","type":"post","link":"https:\/\/pappp.net\/?p=10699","title":{"rendered":"OpenWRT code-execution bug puts millions of devices at risk"},"content":{"rendered":"<p class=\"syndicated-attribution\">Source: <a href=\"https:\/\/arstechnica.com\/?p=1664634\">Ars Technica<\/a><\/p>\n<div style=\"background-color : #fff7d5;\n\t\t\tborder-width : 1px; padding : 5px; border-style : dashed; border-color : #e7d796;margin-bottom : 1em; color : #9a8c59;\">Article note: Eeeh.  Not _that_ bad, it's a MITM on the package system because HTTP transport and Checksums was fine in past decades and grossly inadequate now.<\/div><div>\n<figure><img src=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2020\/03\/openwrt-800x547.png\" alt=\"Screenshot of OpenWrt.\" referrerpolicy=\"no-referrer\"\/><p><a href=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2020\/03\/openwrt.png\" rel=\"noopener noreferrer\">Enlarge<\/a> (credit: <a rel=\"noopener noreferrer\" href=\"https:\/\/openwrt.org\/\">OpenWRT<\/a>)<\/p>  <\/figure><div><a name=\"page-1\"><\/a><\/div>\n<p>For almost three years, OpenWRT&mdash;the open source operating system that powers home routers and other types of embedded systems&mdash;has been vulnerable to remote code-execution attacks because updates were delivered over an unencrypted channel and digital signature verifications are easy to bypass, a researcher said.<\/p>\n<p>OpenWRT has a loyal base of users who use the freely available package as an alternative to the firmware that comes installed on their devices. Besides routers, OpenWRT runs on smartphones, pocket computers and even laptops and desktop PCs. Users generally find OpenWRT to be a more secure choice because it offers advanced functions and its source code is easy to audit.<\/p>\n<p>Security researcher Guido Vranken, however, recently found that updates and installation files were delivered over unencrypted HTTPs connections, which are open to attacks that allow adversaries to completely replace legitimate updates with malicious ones. The researcher also found that it was trivial for attackers with moderate experience to bypass digital-signature checks that verify a downloaded update as the legitimate one offered by OpenWTR maintainers. The combination of those two lapses makes it possible to send a malicious update that vulnerable devices will automatically install.<\/p><\/div><p><a href=\"https:\/\/arstechnica.com\/?p=1664634#p3\" rel=\"noopener noreferrer\">Read 10 remaining paragraphs<\/a> | <a href=\"https:\/\/arstechnica.com\/?p=1664634&amp;comments=1\" rel=\"noopener noreferrer\">Comments<\/a><\/p><div>\n<a href=\"http:\/\/feeds.arstechnica.com\/~ff\/arstechnica\/index?a=pdlr4BzWXIQ:Lq3y2x4T7P4:V_sGLiPBpWU\" rel=\"noopener noreferrer\"><img src=\"http:\/\/feeds.feedburner.com\/~ff\/arstechnica\/index?i=pdlr4BzWXIQ:Lq3y2x4T7P4:V_sGLiPBpWU\" border=\"0\" referrerpolicy=\"no-referrer\"\/><\/a> <a href=\"http:\/\/feeds.arstechnica.com\/~ff\/arstechnica\/index?a=pdlr4BzWXIQ:Lq3y2x4T7P4:F7zBnMyn0Lo\" rel=\"noopener noreferrer\"><img src=\"http:\/\/feeds.feedburner.com\/~ff\/arstechnica\/index?i=pdlr4BzWXIQ:Lq3y2x4T7P4:F7zBnMyn0Lo\" border=\"0\" referrerpolicy=\"no-referrer\"\/><\/a> <a href=\"http:\/\/feeds.arstechnica.com\/~ff\/arstechnica\/index?a=pdlr4BzWXIQ:Lq3y2x4T7P4:qj6IDK7rITs\" rel=\"noopener noreferrer\"><img src=\"http:\/\/feeds.feedburner.com\/~ff\/arstechnica\/index?d=qj6IDK7rITs\" border=\"0\" referrerpolicy=\"no-referrer\"\/><\/a> <a href=\"http:\/\/feeds.arstechnica.com\/~ff\/arstechnica\/index?a=pdlr4BzWXIQ:Lq3y2x4T7P4:yIl2AUoC8zA\" rel=\"noopener noreferrer\"><img src=\"http:\/\/feeds.feedburner.com\/~ff\/arstechnica\/index?d=yIl2AUoC8zA\" border=\"0\" referrerpolicy=\"no-referrer\"\/><\/a>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>Enlarge (credit: OpenWRT)<br \/>\nFor almost three years, OpenWRT&mdash;the open source operating system&#8230;<\/p>\n<p> <a href=\"https:\/\/pappp.net\/?p=10699\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[226],"tags":[],"class_list":["post-10699","post","type-post","status-publish","format-standard","hentry","category-news-2"],"_links":{"self":[{"href":"https:\/\/pappp.net\/index.php?rest_route=\/wp\/v2\/posts\/10699","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/pappp.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/pappp.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/pappp.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/pappp.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=10699"}],"version-history":[{"count":0,"href":"https:\/\/pappp.net\/index.php?rest_route=\/wp\/v2\/posts\/10699\/revisions"}],"wp:attachment":[{"href":"https:\/\/pappp.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=10699"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/pappp.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=10699"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/pappp.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=10699"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}