General Discussion
Related: Editorials & Other Articles, Issue Forums, Alliance Forums, Region ForumsWalmart-exclusive router and others sold on Amazon & eBay contain hidden backdoors to control device
In a collaboration between CyberNews Sr. Information Security Researcher Mantas Sasnauskas and researchers James Clee and Roni Carta, suspicious backdoors have been discovered in a Chinese-made Jetstream router, sold exclusively at Walmart as their new line of affordable wifi routers. This backdoor would allow an attacker the ability to remotely control not only the routers, but also any devices connected to that network.
CyberNews reached out to Walmart for comment and to understand whether they were aware of the Jetstream backdoor, and what they plan to do to protect their customers. After we sent information about the affected Jetstream device, a Walmart spokesperson informed CyberNews: Thank you for bringing this to our attention. We are looking into the issue to learn more. The item in question is currently out of stock and we do not have plans to replenish it.
Watch the video below to hear directly from Sasnauskas, Clee and Carta about how they discovered the backdoors and what it means for everyday consumers:
Snip
https://cybernews.com/security/walmart-exclusive-routers-others-made-in-china-contain-backdoors-to-control-devices/
DonaldsRump
(7,715 posts)Heaven know how much we are being spied on.
LiberalArkie
(15,713 posts)democraticunderground.com at the same time. No site can stand having 100,000 hits at the same instant.
Volaris
(10,270 posts)Is a hella smart way to de-centralize your attempt at encryption cracking...
Zorro
(15,740 posts)I recently bought a made-in-China robot vacuum cleaner that maps the entire interior of my home to identify the floorplan/furniture layout.
It got me thinking whether I have now somehow compromised the inside of my house that might some day be exploited by someone.
With the proliferation of Ring doorbells, Blink cameras, GPS-enabled cellphones, and Amazon Echos (along with all the online shopping details), it looks like we are becoming a society that is voluntarily providing personal information to completely unknown, uncontrolled, and unregulated entities. This is a new world.
Grasswire2
(13,568 posts)So, so crazy.
And be sure to tape over the camera on your computer and smart TV.
Initech
(100,063 posts)And that is where it stays! No way it's getting connected to my router!
keithbvadu2
(36,775 posts)My Kindle has Alexa.
I asked a question on my cellphone and the Kindle answered it.
It was not even running any apps; just inert standby.
keithbvadu2
(36,775 posts)My smartphone has asked me several times to enable the camera and microphone. Does not even say who was asking. I taped over the camera lens that faces me.
4Q2u2
(1,406 posts)Do that on purpose. Mere manufacturing fault.
BComplex
(8,042 posts)We are in the middle of world war III and the USA has their heads up their butts.
Amishman
(5,555 posts)it is so painfully obvious that even a Cheeto Brain can see it
Klaralven
(7,510 posts)Jetstream AC1900 Dual Band WiFi Gaming Router, 801.11a/b/g/n/ac - Walmart Exclusive!
https://www.walmart.com/ip/Jetstream-AC1900-Dual-Band-WiFi-Gaming-Router-801-11a-b-g-n-ac-Walmart-Exclusive/643809895
It's probably OK if nothing on your home network has routable IP Addresses. E.g. your home network is all 192.168.xxx.xxx addresses and only the carrier-supplied device has a routable address assigned by the carrier using DHCP.
Usually these back doors are features used by the developers when writing and testing the software. They are just sloppy about not removing them in the shipping images.
Initech
(100,063 posts)Anything else can pretty much go take a hike as far as I am concerned.
Demsrule86
(68,552 posts)Hermit-The-Prog
(33,328 posts)From the article:
It is near impossible to discuss vulnerabilities in Chinese hardware or software without acknowledging the Chinese governments position on national and international surveillance. In essence, the current Chinese government, under Xi Jinping, has turned its resources heavily towards gathering as much data as it can about its citizens locally and globally, and its competitors both in terms of corporations and governments.
Chinese data retention laws, for example, force Chinese companies, or companies operating in China, to keep data on servers located inside the country and to provide practically unfettered access to that data to law enforcement. This includes even encrypted data, with the Chinese government requiring access to decryption keys.