Feeds

back to article Huawei looking into critical router flaw claims

Chinese telecoms kit maker Huawei has said it is investigating claims by researchers that two of its router products contain serious vulnerabilities which could allow hackers to remotely take control of the devices. Felix Lindner and Gregor Kopf of Berlin-based Recurity Labs announced their findings at the Defcon hacking show at …

COMMENTS

This topic is closed for new posts.
Silver badge
FAIL

that's a new email address...

Or Huawei block the Googlebot, and the bingbot and the yahoobot and the dogpilebot (those are the only ones i checked.) The only site that showed in google results was The Register (this article.)

The email address that First.org has for them is different...imagine that.

And this is in the header of their PGP public key:

Version: PGP Desktop 9.0.4 (Build 4042) - not licensed for commercial use: www.pgp.com

This must be a fine, upstanding company.

4
0
Anonymous Coward

A flaw?

Nope, it was designed deliberately.

1
0
Silver badge

Flaw?

Huawei looking into critical router backdoor flaw claims.

Of course it's only a flaw.

2
1
PM.
Joke

PM

Bah, now this flaws will need a password to be accessed remotely ...

0
0
Anonymous Coward

Of course

Of course it's a 90s style vuln, it probably *is* 90s code written at 3Com, Ericcson or Lucent that somehow magically ended up in a Huawei product. Wouldn't likely be the first time either.

2
0
Silver badge
Mushroom

Re: Of course

Holy shit. That means that by perusing the CVS database, you could potentially break every Huawei installation in the world, right?

0
0
Joke

I guess Cisco haven't patched it yet...

No way can Huawei release a patch until Cisco do - they've got nowhere to steal it from until then!

1
1
FAIL

More worryingly, the PGP public key for them on FIRST's website differs from the one linked to on the press release page!

0
0
Silver badge

I didn't notice that

Is their (on their press release page link) PGP key still signed with a not-for-commercial-use package?

(after checking) Nope, it's signed by a 4 year old release of GnuPG running under MingW32...

0
0
Silver badge
FAIL

wow just wow

Who in their right mind would buy any kit from this outfit? Oh that right they leave the purchasing decisions to the retards (mgmt & accounting).

0
1
This topic is closed for new posts.