Tag Archives: Back Doors

Inexpensive is not always Good

Apparently Walmart has been selling an affordable Jetstream router. Affordable, apparently, because it has a back door in it that would allow hackers to not only control the router, but also all of the computers on your network.

But Walmart is not alone.

Wavlink routers sold on Amazon also have back doors. In this case it attempts to connect to nearby WiFi connections so that it has a covert way to steal that data.

Similar routers are available on eBay.

Researchers say there is evidence that this is not a theoretical problem, but rather is being used in real attacks.

Also, these back doors are being used to allow your network to attack other networks via the Mirai bot network. Guess who the FBI is going to come visit if YOUR router is found to attacking other networks?

When the researchers talked to Walmart, to their credit, they said (a) it is currently out of stock and (b) they have no plans to replenish it. I will give them credit for dumping this trash even though they felt necessary to spin it. I guess they just couldn’t say “oh, crap, we got duped. Handled!”

Likely these two routers are really made by the same company.

The researchers apparently were bored during the pandemic, so they started buying cheap routers online to see if they could hack them.

The back doors even have a user friendly interface – a different one than the paying users see, of course.

These back doors, according to the researchers, are active and probably enabled on millions of devices. Credit: Cybernews

Paris Police Report Shows No Evidence Of Use Of Encryption

Over the weekend the New York Times ran a piece on the report created by the French anti terrorism police on the Paris attacks.  The report indicates that there is no evidence of use of encrypted email, devices or messaging solutions.

In fact, they used phones that they activated just before the attack (burner phones) and phones taken from the victims.  Since the phones were only active for a few minutes, they didn’t care if someone was able to track them.

The Times decided that since there was no evidence of encrypted email, the attackers must have used encrypted email.  That logic escapes me.  The Times figures that encrypted emails must be invisible.

Now this does not mean that future attackers won’t use encryption, but if they do, at least the smart ones will not use software from countries that require back doors.

Perhaps we need to ban cell phones.  After all, the root of all these issues is people using cell phones.  If we get rid of cell phones, then the attackers will be forced to meet with each other – a much riskier proposition.

There is no simple answer to these problems even though politicians will attempt to create a simplistic solution.

What is likely is that if U.S. companies are forced to put back doors in their software, companies in other countries will avoid buying U.S. technology products, costing profits and jobs.

Information for this post came from Techdirt.