Feeds

back to article Huawei USB modems vulnerable

Huawei has been accused of poor security practice by Russian researcher Nikita Tarakanov, who told Black Hat Europe last week that the vendor's 3G and 4G devices are vulnerable and its update server is a massive attack vector. The update server in the Netherlands that Tarakanov tested probably isn't the only one used by Huawei, …

COMMENTS

This topic is closed for new posts.
Anonymous Coward

It does make you wonder if Chinese tech firms are living in a bubble of ignorance? does the great firewall of China stop them reading sites about best practice?

1
3
Bronze badge

As one who was one of the sparse few who repelled the PRC cyber attack against the US DoD in 2008, I have to ponder, is it lousy practice in place?

Or is it leaving a potential back door, with plausible deniability?

Not accusing, but honestly wondering.

1
0
Silver badge

You get what you pay for

0
3
Bronze badge

Hmm, which device?

Sorry I'm tired, but which "/usr/local"? The one on the modem or the users computer? If it is the computer, doesn't that point to a problem with the computer's kernel? If it is the modem, then why wouldn't it have access?

It's hard to tell if Huawei is really that much of a "bad guy" here.

1
2
Silver badge
Boffin

Re: Hmm, which device?

How is it an OS problem?

The installer will generally ask for administrative privileges so that it can install device drivers. Nothing unusual there. However, having gained administrative privileges, it has all the power to be able to `chmod /usr/local 777`.

Even if there was some restriction on the chmod syscall to prevent this; we're dealing with a piece of driver code that effectively runs inside the kernel space, so has the power to just directly access devices anyway.

4
0
Bronze badge

Re: Hmm, which device?

Erm, *read* access is one thing. *WRITE ACCESS* is double plus ungood.

0
0
h3
Bronze badge

First thing I do when I get these sticks is work out how to enable diag mode and disable the cdrom emulation.

They work so much better like that and more consistently regardless of OS I have found.

6
0
Silver badge

mi-fi

Does this affect the mi-fi too?

0
0

Everyone is worried that Huwai might be a vector for cyber attacks from the Chinese government and/or military. These "vulnerabilities" could then be very useful in being able to deny it was every Huwai's own attack - they can claim that someone merely used them as a vector.

Time to ditch every piece of Huwai kit...

3
4
Holmes

And what then?

Which other piece of kit, made in China, would you go with?

2
0
Anonymous Coward

Looks like the 50c army has shown up for some comment down-voting between the lines.

0
0

Yep, it does

I bought a throwaway Huawei 4g USB stick on a trip down to Chile a couple years back, and it looks like the installer did actually make /usr/local 777. Thankfully it wasn't recursive, but it seems to have done it in order to create a directory called hw_mp_userdata which is also recursively 777.

Seriously though, WTF?

2
0
Bod

Re: Yep, it does

I thought linux was so amazingly secure this kind of thing could never happen? ;)

Ah yes, sudo.

If you run linux though, you should be downloading the source and/or reverse engineering and analyzing what the driver does before allowing it on your machine of course ;)

0
0
WTF?

Re: Yep, it does

4G in Chile a couple of years back?

The closed tests for a handful of users of 4G started a couple of weeks ago in Chile, with the first trials in last November.

(in spanish: http://www.latercera.com/noticia/nacional/2013/03/680-512439-9-claro-inicio-marcha-blanca-de-red-4g-en-santiago-que-involucrara-a-100-usuarios.shtml)

R

0
0
Silver badge

Re: Yep, it does

> I thought linux was so amazingly secure this kind of thing could never happen? ;)

If you actually read the article, you'll see that it is MacOS X that gets comprimised here.

Linux users would just use what comes with their OS (likely NetworkManager, wicd, or in my case, I just configure pppd and chat directly) -- thus Huawei's software isn't involved.

0
0
Joke

oh rlly

Russian calls Chinese company a danger to their users...

"Hi Kettle? Just calling to say you is black man. Soooo black, oo you is black, blacker than a crow's bumhole on a moonless night! Yes i know. Whatever, fuck you. Yes it is Pot calling. bye"

4
2
Silver badge

Re: oh rlly

In my experience:

Russians/ex-eastern-bloc denizens are generally aware of issues and are willing to fix 'em even if they have a minor tantrum and call the person who discovers the problem names for a while first.

The chinese are more likely to simply put their fingers in their ears and go "nononononononono" when problems are pointed out, especially if the pointer comes from Johnny Westerner - there's a large element of "Bloody Foreigners, trying to tell us what to do!" involved and it's fairly widespread (Think of it as a backlash against western imperialism and perceptions of the West continuing to try and impose rules upon the locals and you won't go far wrong. Xenophobia isn't confined to the BNP)

There _are_ worse offenders than the chinese for this kind of reaction. Citizens of some countries (eg Malaysia) will try and aggressively wave the racism card at the slightest provokation.

0
0
Thumb Up

"Hi Kettle? Just calling to say you is black man. Soooo black, oo you is black, blacker than a crow's ASShole on a moonless night! Yes i know. Whatever, fuck you. Yes it is Pot calling. bye"

'fixed that for you.

0
3

Not even surprising

0
0
Gold badge

"the Huawei OS X update app (ouc.app) has unrestricted access to /usr/local.

"Can anyone verify that the Telekom LTE Stick from Huawei makes /usr/local world writable on OSX? WTF?", Esser posted."

The second paragraph is far worse than the first.

The Huawei update app has unrestricted access to /ussr/local? Well, it probably must run as root anyway to update drivers and so on for itself. No big deal.

The Huwaei update app makes /usr/local world writable? This is VERY bad, this means any software running as any user whatsoever on your system can put stuff into /usr/local (most importantly, /usr/local/bin/, which is almost certainly in the path on OSX since it is on any normal UNIX system.)

Running IIS6 is a big joke too of course. Not too unusual though, I've seen several cases where I was real glad I was running Ubuntu, I'd get some piece of hardware and find the web site (for the Windows software) was just SO SO dodgey I couldn't believe it (of course, served off incredibly old setups like IIS on Windows 2000.)

0
0
This topic is closed for new posts.