- cross-posted to:
- technology@lemmy.world
- cross-posted to:
- technology@lemmy.world
DOJ should quietly remove US malware too
And the NSA quietly installed their own.
malware is what gave the DOJ the ability to do this, so yeah,
I like to imagine that one arm of the American surveillance state started the exploit and the DOJ wrapped it up only after Fancy Bear noticed exploitable routers. I mean, there wasn’t any evidence that this originated from Russia in the article, just the assertion that it was so. Who’s checking?
The greatest malware ever installed was the idea that we shouldn’t fear our governments and should trust them implicitly.
Honest question: Assuming nation states have the all-powerful ability to install software on your networking gear, which country would you rather have? USA or Russia?
is switching to Cups and String an option?
Closest thing we have is end to end encryption mixed with services like tor to obfuscate our positions. Privacy is no longer opt out and is increasingly harder to achieve.
I hear pigeons aren’t too hard to breed.
Zimbabwe. I feel like they’d have a harder time doing any real damage to me
If you’re in the USA it seems clearly better to have Russian since they can do much less to affect your life and vice versa.
The country you live in.
An important detail to mention is that every router involved were very old Ubiquiti EdgeRouters which were EOL’d like a year or two ago and they had remote administration enabled and were still using the default admin user and password.
Aka people who just plugged it in and left it as long as it works. These are not the kind of people who would have done anything if informed that they had an issue. On one hand I don’t like the idea of governments fixing private property, but they were never going to be fixed by the owner.
Well the government wasn’t “fixing private property”, as much as they were “expelling hostile foreign nationals from private property that were being utilized for malicious purposes”. They only acted in the case that one of these devices was an active participant in a botnet.
I know the government touching your stuff is an icky thought, I agree. But the only alternative in this case is you being held personally liable for your devices being used to commit cyber crime by a hostile government entity, which is a much worse thought.
Like if you own a gun and it’s stolen and you don’t report it, and a crime is committed with it, you can be charged with a crime in many states. It wouldn’t be the biggest leap for something like that to apply here, if not now then in the future. I think the government fixing the problem for us and leaving us alone about it is just about the best outcome we could ask for.
I was running an edge router x until a few months ago. It was the cheapest set up to deploy a unifi wireless access point for my apartment. I was worried until I read:
It affected routers running Ubiquiti’s EdgeOS, but only those that had not changed their default administrative password. Access to the routers allowed the hacking group to “conceal and otherwise enable a variety of crimes,” the DOJ claims, including spearphishing and credential harvesting in the US and abroad.
Change you default passwords friends. Given that the edge router is not the most noob friendly device to set up, I’m curious how the user base of these devices is not changing the PW.
During the court-sanctioned intrusion, the DOJ “enabled temporary collection of non-content routing information” that would “expose GRU attempts to thwart the operation.” This did not “impact the routers’ normal functionality or collect legitimate user content information,” the DOJ claims.
I bet.
Why is the default setting to enable remote administration?
Because these routers went out to everybody. Tech heads and idiots alike. It is far easier for ISPs to simply remote in than rely on the consumer who may be an idiot.
This is why I run my own router. I’m sure my cable modem has a way in but then you’d have to get past my router.
Ditto. I went one step further and put OpenWRT on mine.
Messed up thing is, some ISPs make it an absolute bitch to make this work.
Yup. I used to think it was malicious by the ISPs but really it’s just all the end technology is kinda A mess for them to have control of the network for you. Which I’m gonna be honest 99.9% of customers NEED. lol
agreed my local area isp switched to calix for most of our customers and it’s really nice just to have a management interface to all of our customers and be able to fix it without having to roll a truck
I think it’s best to only buy routers supporting openwrt in the first place and switch firmware to openwrt asap. Openwrt or Opnsense or anything open source and well maintained will guarantee security updates years and years beyond the original manufactures firmware.
Have you ever used a EdgeRouter?