Jump to content


router backdoors

router backdoor

  • Please log in to reply
6 replies to this topic

#1

  • Guests

Posted 08 February 2018 - 05:05 PM

hi all,

 

i've been having problems with my internet connection and my ISP switched my router and other things. I was wondering, being that the firmware is not open source, is there any other way to check whether the router has a backdoor installed?

 

thanks



#2 zhang888

zhang888

    Donald Trump of IT/Security

  • Moderators
  • 2219 posts

Posted 08 February 2018 - 05:18 PM

Only if you can attach a JTAG/serial interface to it, most routers have those pins on the board.

You will need a USB-TTL-UART adapter for it and 3 pins and attach it to the router board.

That is only half of the way, you will then have to check the file system and various proprietary init scripts.

Most routers that are provided by ISPs collect some sorts of data/telemetry, whether you call it a backdoor or not.

A good start can be found here:

https://wiki.openwrt.org/doc/devel/debugging

 

However it is not something you should do, and will most likely void your warranty and ISP agreement.

The best way to ensure that your device is safe is using FOSS firmware such as OpenWRT/LEDE, on your own device.


  • Flx likes this

Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees.


#3

  • Guests

Posted 10 February 2018 - 11:02 AM

thank you zhang888, thats a good starting point for me. i am concerned about state level players so for them to attach things to the router would not be an issue.



#4 OmniNegro

OmniNegro

    Advanced Member

  • Members
  • PipPipPip
  • 278 posts
  • LocationThe Fiery Pits of Texas, USA.

Posted 10 February 2018 - 11:48 PM

Since you want to avoid state level backdoors, remember that hardware itself has to be open sourced too. And perhaps consider a Turris Omnia as the most open sourced router ever made.

https://www.amazon.com/dp/B01MG47OY3/

(Staff, please delete the link if you think of this as spam.)


Debugging is at least twice as hard as writing the program in the first place.

So if you write your code as clever as you can possibly make it, then by definition you are not smart enough to debug it.


#5

  • Guests

Posted 11 February 2018 - 03:55 PM

thanks OmniNegro. I never thought about open source hardware so will definitely look into this. Am I correct in thinking that using a VPN makes no difference if state entities install compromised firmware in a router?



#6 OmniNegro

OmniNegro

    Advanced Member

  • Members
  • PipPipPip
  • 278 posts
  • LocationThe Fiery Pits of Texas, USA.

Posted 12 February 2018 - 01:55 AM

Yes. Even with open sourced hardware, if the firmware makes it betray you, it has no choice but to do that. And if the hardware is backdoored, it hardly matters if the firmware is good. There are some models of commercial routers that are known to "call home" and report details that betray your privacy due to the hardware, even if they have open sourced firmware installed without any bugs or backdoors.

 

So it is an all or none thing. While the Turris Omnia is expensive, it is a resounding success because it is literally the last router you would ever need for the foreseeable future. It has a hardware crypto chip that takes the load off the dual core ARM CPU. So it can maintain a full speed connection to the VPN for your entire local network to have the VPN available without having to encrypt and decrypt anything.

 

But I am starting to sound like a sales pitch. So I will shut up now. Have a nice day everyone.


Debugging is at least twice as hard as writing the program in the first place.

So if you write your code as clever as you can possibly make it, then by definition you are not smart enough to debug it.


#7 wesolve4

wesolve4

    Member

  • Members
  • PipPip
  • 10 posts
  • LocationSan Fernando Valley

Posted 14 February 2018 - 12:15 AM

Vulnerabilities in circuit design (like the recent Intel embarrassments) are "discovered" when the United States can no longer be sure they're the only ones who know about it.







1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

Servers online. Online Sessions: 14247 - BW: 45954 Mbit/sYour IP: 3.80.177.176Guest Access.