SOHOpeless Realtek driver vuln hits Wi-Fi routers Twenty months of optimism has come to nought, so the Zero Day Initiative has gone public with a vulnerability in the Realtek SDK that's inherited by at least two broadband router vendors. The vulnerability that the HP-owned TippingPoint initiative discovered, here, is in the SDK's SOAP implementation. The minigd SOAP service …
so we won't have to rely on the software the vendors sent with it. If hardware vendors refuse to comply with that, they should have to pay for all the security bugs they created with their buggy software.
Free software may not have fewer bugs than commercial software, but once they are found they get fixed.
Well that fine would have to be astronomically high to get those companies to have updates. After all their whole workflow is not designed to bring out patches. They take a complete image from their chipset vendor, skin it and release it. For a patch they need to do the whole thing again.
Just forcing public documentation would be much simpler. I mean nobody profits from a closed system, except for maybe the NSA.
Yes, fines should be large and enforced otherwise bugger-all will change.
How said companies chose to respond is up to them. It would be better for free software and probably cheaper for them to cooperate in making specifications fully public, also it would help build trust that nothing dodgy was added. But sense seems to be a rear thing these days.
Well that fine would have to be astronomically high to get those companies to have updates. After all their whole workflow is not designed to bring out patches. They take a complete image from their chipset vendor, skin it and release it. For a patch they need to do the whole thing again.
This comment reminds me of the current state of my Chinese Android TV Box... There are a few Vendors selling, what is essentially the same Device. Sans the bit, of Lipstick meets Pig, they're identically the exact same Firmware, worse yet with the exact same Bugs in the amcodec decoder.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
