Corrupt firmware

Shrek · Jun 6, 2021

Got a nice Wi-Fi router cheap today, only to find it had been abandoned due to corrupt firmware. While I was able to bring it back with TFTP it did get me thinking about a malicious party issuing firmware/BIOS with the intent of destroying hardware. I suspect each country has such ability to be used in time of conflict; what easier way to disrupt an adversary.

Solaris17 · Jun 6, 2021

Andy Shiekh said:
I suspect each country has such ability to be used in time of conflict; what easier way to disrupt an adversary.

yeah this method has already been weaponized.

even virus' have been able to do this on computers and specialty machines with writable roms. I think the first instance was CIH.

Bill_Bright · Jun 6, 2021

Each country? Nah! But for sure, Russia, China, Iran, Iraq, N. Korea, the US, UK, Aus, and a few others have that capability. More significant are the criminal organizations operating in some of those countries, often with a blind eye, a wink wink, or even total sponsorship from the governments. I won't mention names, but Putin for example.

But I believe the threat is WAY WAY overblown by fearmongers, parrots and the uninformed - at least for the vast majority of us home users.

No router is hack-proof. Period. And if a determined professional hacker (especially one with deep pockets and backing) is out to get you personally, you might as well disconnect from the Internet, destroy all your smart devices, and move to a deserted island that is totally off the grid.

We really need to ask ourselves, "What do I have that is so valuable, a hacker is after me?" Odds are, we are not as important as many of us think we are. This is why the vast majority of hacks these days are against companies, local governments, organizations and their networks, and not individual users.

Most bad guys are lazy opportunists. They go for the easy pickings. If not easy, they quickly move on.

So to make our own local networks extremely hacker "resistant" is actually pretty easy.

At a minimum, do the following:

1. Use a newer router that supports at least WPA2, preferably WPA3.

2. Disable remote admin capability with the router and WAP (wireless access point)

3. Change the default admin password for the router and passphrase for wireless access.

4. Use strong passwords and passphrases that have zero similarly to your dog's or kid's names, address, important dates, etc. "Hard to remember is hard to guess".

5. Disabling SSID broadcasting is not necessary but I recommend changing the name to something not associated with you.

6. Keep router firmware current.

7. Keep all connected devices and their security current.

8. Don't be "click-happy" on unsolicited links.

There certainly are other steps you can take, but again, bad guys are lazy opportunists. Doing the above removes the low hanging fruit. Do the above and the bad guys will quickly move on to easier pickings - unless he or she is out to get you personally and then, you have bigger problems (like the personal safety of you and your family

) to deal with.

All I am saying is be aware, but there's no need to be paranoid about it - at not for the vast majority of us.

R-T-B · Jun 7, 2021

You are asking if routers have government backdoors? Answer is generally no, but the security of some makers is so bad it might as well be yes in some cases.

It's why for years, I've been using open router firmware of some variety. But for a novice user, the easy answer is replace EOL'd equipment and you probably won't matter enough for this to be an issue.

System Name	HP Compaq 8000 Elite CMT
Processor	Intel Core 2 Quad Q9550
Motherboard	Hewlett-Packard 3647h
Memory	16GB DDR3
Video Card(s)	Asus NVIDIA GeForce GT 1030 2GB GDDR5 (fan-less)
Storage	2TB Micron SATA SSD; 2TB Seagate Firecuda 3.5" HDD
Display(s)	Dell P2416D (2560 x 1440)
Power Supply	12V HP proprietary
Software	Windows 10 Pro 64-bit

System Name	Rocinante
Processor	I9 14900KS
Motherboard	EVGA z690 Dark KINGPIN (modded BIOS)
Cooling	EK-AIO Elite 360 D-RGB
Memory	64GB Gskill Trident Z5 DDR5 6000 @6400
Video Card(s)	MSI SUPRIM Liquid X 4090
Storage	1x 500GB 980 Pro \| 1x 1TB 980 Pro \| 1x 8TB Corsair MP400
Display(s)	Odyssey OLED G9 G95SC
Case	Lian Li o11 Evo Dynamic White
Audio Device(s)	Moondrop S8's on Schiit Hel 2e
Power Supply	Bequiet! Power Pro 12 1500w
Mouse	Lamzu Atlantis mini (White)
Keyboard	Monsgeek M3 Lavender, Akko Crystal Blues
VR HMD	Quest 3
Software	Windows 11
Benchmark Scores	I dont have time for that.

System Name	Brightworks Systems BWS-6 E-IV
Processor	Intel Core i5-6600 @ 3.9GHz
Motherboard	Gigabyte GA-Z170-HD3 Rev 1.0
Cooling	Quality case, 2 x Fractal Design 140mm fans, stock CPU HSF
Memory	32GB (4 x 8GB) DDR4 3000 Corsair Vengeance
Video Card(s)	EVGA GEForce GTX 1050Ti 4Gb GDDR5
Storage	Samsung 850 Pro 256GB SSD, Samsung 860 Evo 500GB SSD
Display(s)	Samsung S24E650BW LED x 2
Case	Fractal Design Define R4
Power Supply	EVGA Supernova 550W G2 Gold
Mouse	Logitech M190
Keyboard	Microsoft Wireless Comfort 5050
Software	W10 Pro 64-bit

System Name	Pioneer
Processor	Ryzen R9 7950X
Motherboard	GIGABYTE Aorus Elite X670 AX
Cooling	Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory	64GB (4x 16GB) G.Skill Flare X5 @ DDR5-6000 CL30
Video Card(s)	XFX RX 7900 XTX Speedster Merc 310
Storage	2x Crucial P5 Plus 2TB PCIe 4.0 NVMe SSDs
Display(s)	55" LG 55" B9 OLED 4K Display
Case	Thermaltake Core X31
Audio Device(s)	TOSLINK->Schiit Modi MB->Asgard 2 DAC Amp->AKG Pro K712 Headphones or HDMI->B9 OLED
Power Supply	FSP Hydro Ti Pro 850W
Mouse	Logitech G305 Lightspeed Wireless
Keyboard	WASD Code v3 with Cherry Green keyswitches + PBT DS keycaps
Software	Gentoo Linux x64

Corrupt firmware

Shrek

Solaris17

Super Dainty Moderator

Bill_Bright

R-T-B