Vulnerabilities that may actually matter

Bruce Schneier let me know that the WRT54G and a whole bunch of other routers were recently shown to be at least targets of a CIA vulnerability study and possibly compromised at the firmware level.

Now I, like any good sysadmin updates the firmware on my router but I’m no longer in the business of saying “I’m all patched, come at me bro”. Furthermore the WRT54G is one of the good ones, I’m a bit saddened to see it on this list.

This one kinda bugs me because routers are sorta the reason we can’t really hack each other directly anymore. I send you some malicious exploit and your router is like, wtf is this, it hits the end of the ACL and is dropped. If there’s an exploit that changes that, we’re back to the movies of hacking.

If you are paranoid about your router being hacked, just make an open source router with a Raspberry Pi or something.

That’s been on my to do list for some time. In a sense I already do that (sorta) by running a tomatousb variant on my WRT54G. It’s just that that doesn’t quite stop anything hardware level.

I’m not paranoid, and I’m probably gonna say I’m gonna opensource my router then never do it. But the reason I bring this it’s own thread is that the wrt54g is like the apple II of routers, solid and awesome. This is like finding out you shouldn’t be using an apple II to make a gpg key because it’s compromised. Leaves me feeling sour.

[quote=“Apreche, post:2, topic:814, full:true”]
If you are paranoid about your router being hacked, just make an open source router with a Raspberry Pi or something.
[/quote]Does a RasPi really have the power to route packets?

Personally I’m a fan of PFSense, it’s router/firewall software that runs on x86 hardware. I have mine running on an old Dell laptop.

The WRT54G and all Raspberry Pi versions use Broadcom ARM CPUs.

The WRT54G has a 240Mhz chip.

The very first Raspberry Pi had a 700 Mhz chip.

The newest Raspberry Pi (v3) has a 1.2 GHz 64-bit quad-core CPU.

Basic routing is not hard work.

Point well made. I still really like PFSense though.

We use that at work. I’m probably going to set it up at home as well. As much for the learning experience as it is to replace the WRT54G

In English:

There is a bug in may Intel CPUs, including the one in the computer I’m using right now to post this message, and probably yours. Basically, if a jump instruction crosses over a 32 bit boundary line, or ends exactly at the end of a 32 bit boundary line, then there could be unpredictable behavior.

They fixed this with an update to the CPU microcode. The fix is that any such instructions won’t be cached at all. This fixes the problem, but has a huge performance impact since the CPU will now have a lot of cache misses.

So on top of that, there is yet another fix. Everyone is adjusting their compilers so that the compiled programs don’t put jump instructions on the 32 bit boundaries in the resulting executables.

This means that if you get the microcode fix, your computer will slow down a bunch, but you’ll avoid the bug. Then you’ll need every single program and your operating system to get updates when the developers recompiled their code to realign the instructions. That will bring things back up to speed.

It’s these rare occasions that make a good argument for the source-based Linux distros like Gentoo. If all your programs on your computer are compiled from source code by you on the computer, you choose the compiler flags. The compilers already have updates. You could just set the flags and rebuild all your software right now. Of course, you would have to wait several hours for everything to recompile, but hey!

1 Like

I don’t know that I like the attention grabbing headline, but this one differs from other articles in that it actually shows the particular CVEs exploited and what devices they specifically affect.

Pretty cool that there’s devices I’ve personally patched to avoid issues listed here, years ago. No advice has changed, update your shit.