A year after it was first discovered, a backdoor in industrial networking kit from Canadian RuggedCom is to be fixed – sometime soon. The company, a Siemens subsidiary via acquisition in March, has announced that it will release new firmware disabling backdoor access to devices running its ROS operating systems. These include …
That's a woops moment right there.
A whoops moment?
More like a whoops year or so...
Instead of being too helpful, manufacturers really need to train customers to expect to have to reset and start again if they forget their passwords.
In this case engineering support is not a good selling point.
ofcourse, there are backdoors
I work for a manufacturer of big router equipment, and I can ensure that all routers have backdoors built in to them. You need them to help the customer when the admin password has been lost. Or to enable various internal features that are useful for debugging. But the rule is very strict : we can tell the customer that the backdoor exists (in fact, most customers demand it), but we can never give the customer the password. It's not a login password by the way, you need physical access by default (console, a compact flash card or if all fails a reset button), although you can open it up for remote access. Obviously, there's a default password for the customer itself, but the router won't function properly until you change it.
Most customers use terminal servers to allow their routers to be configured remotely. Some use ssh ports or (heaven forbid) telnet ports on an internal network. And yes, some of them have made the mistake to have these ports (and thus the entire router) accessible to the internet. At least 1 customer has done it on purpose, as it saved the expense of a separate maintenance network.
Which reminds me : I once heard of a telecom network for the police in Beijing, that consists of a public phone with a data access port at the bottom. The phone was to be used by policemen (they didn't have walkies or gsm), the data port by the officers (voip and data). But there is no firewall installed on that data network. The Chinese just didn't want to pay for it. We couldn't understand why, but they claimed that no one will touch that network for 2 reasons : first, there's always a policeman standing next to it, and he will shoot you. Second, even if there's no police man next to it, you will be executed anyway. So, they didn't need to expense of a firewall. Real story (the phones still exists).
Re: ofcourse, there are backdoors
Actually most routers do not. They have ways that given physical access you can reset the password or in many cases the whole configuration.
My dlink wifi router has a reset button, as do many others.
Resetting the password on ruggedcom's routers required serial console access to the boot loader. They have no backdoor. Of course they are also more likely to be connected to a public network than a switch would be.
- Leaked screenshots show next Windows kernel to be a perfect 10
- Product round-up Coming clean: Ten cordless vacuum cleaners
- Something for the Weekend, Sir? I need a password to BRAKE? What? No! STOP! Aaaargh!
- Episode 13 BOFH: WHERE did this 'fax-enabled' printer UPGRADE come from?
- Vulture at the Wheel Ford's B-Max: Fiesta-based runaround that goes THUNK