back to article WikiLeaks emits CIA's Wi-Fi pwnage tool docs

Hundreds of commercial Wi-Fi routers are, or were, easily hackable by the CIA, according to classified files published today by WikiLeaks. The confidential US government documents describe the Cherry Blossom project, which is the framework by which CIA operatives can subvert wireless routers; install software that harvests …

Honest question; anyone who did wireless networking back in the early days even slightly surprised by this?

5
0
Anonymous Coward

and in other news . . .

the BBC confirms today that *really* only North Korea has hackers

2
1
Silver badge

Yet another reason to buy an open-wrt/dd-wrt/gargoyle/tomato compatible router and flash the firmware.

1
0
Anonymous Coward

Or if security is your thing use create_ap on a Linux box only when you need wifi. Why broadcast all the time and deploy a product that introduces loads of features you dont need?

0
0

Fedora 9?

Are you sure it's Fedora 9? It was released in 2008, would have thought they'd use RHEL or similar

0
0
Silver badge

Are there any people in the NSA who've had the epiphany "Wait, are we the bad guys?!?" yet?

13
1

I suspect a routine psych eval would weed those out. Can't have people thinking the ends don't justify the means.

6
0
Silver badge

All democracies have intelligence services that do shady shit to get a clear picture and the upper hand on their adversaries. This should not be a surprise to be anybody, nor the consequences when some of their methods are made public.

1
2
Silver badge
Joke

"Are there any people in the NSA who've had the epiphany "Wait, are we the bad guys?!?" yet?"

Obligatory Mitchell & Webb sketch.

2
0
Facepalm

Oh FFS

Yay. More routers getting hacked and malware site injecting DNS changes incoming.

2
0
Gold badge
WTF?

Curious use of the word "commercial"

How many people actually make their own routers?

And if you are a business WTF would you allow over the air changes?

This looks like an industry wide fail .

0
0

Re: Curious use of the word "commercial"

I imagine that it's to differentiate between those that use pfsense, DDWRT, Smoothwall, or even those who roll their own iptables or pf based *nix based solutions directly off of the bare packages from their chosen distros.

I used to maintain installations where a shoestring budget would be an upgrade, and know I'm not the only one.

1
0
Anonymous Coward

Slight waste of time

I'd say that's a waste of time, given that some organisations are rigged to route all traffic via the US.

In Belgium, for instance, one of the biggest telcos routes anything that isn't destined for Belgium itself via a US backbone which saves the NSA from having to tap into data streams on foreign grounds.

You can enable Autonomous System reporting on traceroute - just run each first and last occurrence of a new AS through geo location and you'll see what I mean.

2
0

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Forums

Biting the hand that feeds IT © 1998–2017