Jump to content
Not connected, Your IP: 3.238.4.24
Sign in to follow this  
Guest

router backdoors

Recommended Posts

Guest

hi all,

 

i've been having problems with my internet connection and my ISP switched my router and other things. I was wondering, being that the firmware is not open source, is there any other way to check whether the router has a backdoor installed?

 

thanks

Share this post


Link to post

Only if you can attach a JTAG/serial interface to it, most routers have those pins on the board.

You will need a USB-TTL-UART adapter for it and 3 pins and attach it to the router board.

That is only half of the way, you will then have to check the file system and various proprietary init scripts.

Most routers that are provided by ISPs collect some sorts of data/telemetry, whether you call it a backdoor or not.

A good start can be found here:

https://wiki.openwrt.org/doc/devel/debugging

 

However it is not something you should do, and will most likely void your warranty and ISP agreement.

The best way to ensure that your device is safe is using FOSS firmware such as OpenWRT/LEDE, on your own device.


Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees.

Share this post


Link to post
Guest

thank you zhang888, thats a good starting point for me. i am concerned about state level players so for them to attach things to the router would not be an issue.

Share this post


Link to post

Since you want to avoid state level backdoors, remember that hardware itself has to be open sourced too. And perhaps consider a Turris Omnia as the most open sourced router ever made.

https://www.amazon.com/dp/B01MG47OY3/

(Staff, please delete the link if you think of this as spam.)


Debugging is at least twice as hard as writing the program in the first place.

So if you write your code as clever as you can possibly make it, then by definition you are not smart enough to debug it.

Share this post


Link to post
Guest

thanks OmniNegro. I never thought about open source hardware so will definitely look into this. Am I correct in thinking that using a VPN makes no difference if state entities install compromised firmware in a router?

Share this post


Link to post

Yes. Even with open sourced hardware, if the firmware makes it betray you, it has no choice but to do that. And if the hardware is backdoored, it hardly matters if the firmware is good. There are some models of commercial routers that are known to "call home" and report details that betray your privacy due to the hardware, even if they have open sourced firmware installed without any bugs or backdoors.

 

So it is an all or none thing. While the Turris Omnia is expensive, it is a resounding success because it is literally the last router you would ever need for the foreseeable future. It has a hardware crypto chip that takes the load off the dual core ARM CPU. So it can maintain a full speed connection to the VPN for your entire local network to have the VPN available without having to encrypt and decrypt anything.

 

But I am starting to sound like a sales pitch. So I will shut up now. Have a nice day everyone.


Debugging is at least twice as hard as writing the program in the first place.

So if you write your code as clever as you can possibly make it, then by definition you are not smart enough to debug it.

Share this post


Link to post
Guest

Vulnerabilities in circuit design (like the recent Intel embarrassments) are "discovered" when the United States can no longer be sure they're the only ones who know about it.

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image
Sign in to follow this  

×
×
  • Create New...