Friendly forums for passionate Dems!
More than 91 million posts since 2001
Home Latest Greatest Videos Forums Hide ads Join up!
Home Latest Greatest
Videos Forums Help
Hide ads Join up!
Latest Discussions»General Discussion»Walmart-exclusive router ...
Welcome to DU! The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards. Join the community: Create a free account Support DU (and get rid of ads!): Become a Star Member Latest Breaking News General Discussion The DU Lounge All Forums Issue Forums Culture Forums Alliance Forums Region Forums Support Forums Help & Search

General Discussion

Related: Editorials & Other Articles, Issue Forums, Alliance Forums, Region Forums

LiberalArkie

(15,715 posts) Tue Nov 24, 2020, 11:49 AM Nov 2020

Walmart-exclusive router and others sold on Amazon & eBay contain hidden backdoors to control device

In a collaboration between CyberNews Sr. Information Security Researcher Mantas Sasnauskas and researchers James Clee and Roni Carta, suspicious backdoors have been discovered in a Chinese-made Jetstream router, sold exclusively at Walmart as their new line of “affordable” wifi routers. This backdoor would allow an attacker the ability to remotely control not only the routers, but also any devices connected to that network.

CyberNews reached out to Walmart for comment and to understand whether they were aware of the Jetstream backdoor, and what they plan to do to protect their customers. After we sent information about the affected Jetstream device, a Walmart spokesperson informed CyberNews: “Thank you for bringing this to our attention. We are looking into the issue to learn more. The item in question is currently out of stock and we do not have plans to replenish it.”

Watch the video below to hear directly from Sasnauskas, Clee and Carta about how they discovered the backdoors and what it means for everyday consumers:



Snip

https://cybernews.com/security/walmart-exclusive-routers-others-made-in-china-contain-backdoors-to-control-devices/
InfoView thread info, including edit history TrashPut this thread in your Trash Can (My DU » Trash Can) BookmarkAdd this thread to your Bookmarks (My DU » Bookmarks) 15 replies, 1644 views
ShareGet links to this post and/or share on social media AlertAlert this post for a rule violation PowersThere are no powers you can use on this post EditCannot edit other people's posts ReplyReply to this post EditCannot edit other people's posts Rec (23) ReplyReply to this post
15 replies = new reply since forum marked as read
Highlight: NoneDon't highlight anything 5 newestHighlight 5 most recent replies
Walmart-exclusive router and others sold on Amazon & eBay contain hidden backdoors to control device (Original Post) LiberalArkie Nov 2020 OP
Wow...just wow DonaldsRump Nov 2020 #1
Not so much to spy on the user, but can tell all the routers at the same time to seek to open LiberalArkie Nov 2020 #3
That, and a hundred thousand desktops all running code in the background, Volaris Nov 2020 #12
It's got me wondering, too Zorro Nov 2020 #4
I would NEVER have a device in my house that listens. Grasswire2 Nov 2020 #8
My Alexa is currently sitting in a box, unopened, in my closet. Initech Nov 2020 #9
My Kindle has Alexa. I asked a question on my cellphone and the Kindle answered it. keithbvadu2 Jul 2021 #14
My smartphone has asked me several times to enable the camera and microphone. keithbvadu2 Jul 2021 #15
Chinese would never 4Q2u2 Nov 2020 #2
Nah. Not a chance. BComplex Nov 2020 #5
yup, the Chinese are not our friends Amishman Nov 2020 #7
For $40 from Walmart you expect security? Klaralven Nov 2020 #6
I won't buy any networking product not named Linksys or Netgear. Initech Nov 2020 #10
I don't either. Demsrule86 Nov 2020 #11
Chinese government requires data retention and access by govt ... Hermit-The-Prog Nov 2020 #13

LiberalArkie

(15,715 posts)
3. Not so much to spy on the user, but can tell all the routers at the same time to seek to open
Reply to DonaldsRump (Reply #1)
Tue Nov 24, 2020, 11:57 AM
Nov 2020

democraticunderground.com at the same time. No site can stand having 100,000 hits at the same instant.

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post

Volaris

(10,270 posts)
12. That, and a hundred thousand desktops all running code in the background,
Reply to LiberalArkie (Reply #3)
Tue Nov 24, 2020, 05:50 PM
Nov 2020

Is a hella smart way to de-centralize your attempt at encryption cracking...

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post

Zorro

(15,740 posts)
4. It's got me wondering, too
Reply to DonaldsRump (Reply #1)
Tue Nov 24, 2020, 12:24 PM
Nov 2020

I recently bought a made-in-China robot vacuum cleaner that maps the entire interior of my home to identify the floorplan/furniture layout.

It got me thinking whether I have now somehow compromised the inside of my house that might some day be exploited by someone.

With the proliferation of Ring doorbells, Blink cameras, GPS-enabled cellphones, and Amazon Echos (along with all the online shopping details), it looks like we are becoming a society that is voluntarily providing personal information to completely unknown, uncontrolled, and unregulated entities. This is a new world.

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post

Grasswire2

(13,569 posts)
8. I would NEVER have a device in my house that listens.
Reply to Zorro (Reply #4)
Tue Nov 24, 2020, 01:57 PM
Nov 2020

So, so crazy.

And be sure to tape over the camera on your computer and smart TV.

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post

Initech

(100,067 posts)
9. My Alexa is currently sitting in a box, unopened, in my closet.
Reply to Grasswire2 (Reply #8)
Tue Nov 24, 2020, 02:49 PM
Nov 2020

And that is where it stays! No way it's getting connected to my router!

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post

keithbvadu2

(36,783 posts)
14. My Kindle has Alexa. I asked a question on my cellphone and the Kindle answered it.
Reply to Initech (Reply #9)
Mon Jul 26, 2021, 11:02 PM
Jul 2021

My Kindle has Alexa.

I asked a question on my cellphone and the Kindle answered it.

It was not even running any apps; just inert standby.

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post

keithbvadu2

(36,783 posts)
15. My smartphone has asked me several times to enable the camera and microphone.
Reply to Grasswire2 (Reply #8)
Mon Jul 26, 2021, 11:06 PM
Jul 2021

My smartphone has asked me several times to enable the camera and microphone. Does not even say who was asking. I taped over the camera lens that faces me.

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post

BComplex

(8,049 posts)
5. Nah. Not a chance.
Reply to 4Q2u2 (Reply #2)
Tue Nov 24, 2020, 12:39 PM
Nov 2020
How about we just let the chinese hackers into about 1/3 of all the computers in the USA.

We are in the middle of world war III and the USA has their heads up their butts.
TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post

Amishman

(5,557 posts)
7. yup, the Chinese are not our friends
Reply to 4Q2u2 (Reply #2)
Tue Nov 24, 2020, 12:44 PM
Nov 2020

it is so painfully obvious that even a Cheeto Brain can see it

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post
 

Klaralven

(7,510 posts)
6. For $40 from Walmart you expect security?
Reply to LiberalArkie (Original post)
Tue Nov 24, 2020, 12:41 PM
Nov 2020

Jetstream AC1900 Dual Band WiFi Gaming Router, 801.11a/b/g/n/ac - Walmart Exclusive!

https://www.walmart.com/ip/Jetstream-AC1900-Dual-Band-WiFi-Gaming-Router-801-11a-b-g-n-ac-Walmart-Exclusive/643809895

It's probably OK if nothing on your home network has routable IP Addresses. E.g. your home network is all 192.168.xxx.xxx addresses and only the carrier-supplied device has a routable address assigned by the carrier using DHCP.

Usually these back doors are features used by the developers when writing and testing the software. They are just sloppy about not removing them in the shipping images.

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post

Initech

(100,067 posts)
10. I won't buy any networking product not named Linksys or Netgear.
Reply to LiberalArkie (Original post)
Tue Nov 24, 2020, 02:50 PM
Nov 2020

Anything else can pretty much go take a hike as far as I am concerned.

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post

Hermit-The-Prog

(33,328 posts)
13. Chinese government requires data retention and access by govt ...
Reply to LiberalArkie (Original post)
Tue Nov 24, 2020, 05:58 PM
Nov 2020

From the article:

It is near impossible to discuss vulnerabilities in Chinese hardware or software without acknowledging the Chinese government’s position on national and international surveillance. In essence, the current Chinese government, under Xi Jinping, has turned its resources heavily towards gathering as much data as it can about its citizens locally and globally, and its competitors – both in terms of corporations and governments.

Chinese data retention laws, for example, force Chinese companies, or companies operating in China, to keep data on servers located inside the country – and to provide practically unfettered access to that data to law enforcement. This includes even encrypted data, with the Chinese government requiring access to decryption keys.
TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post
Reply to this discussion
Latest Discussions»General Discussion»Walmart-exclusive router ...
Home | Latest Discussions | Greatest Discussions | Latest Videos | All Forums

About | Copyright | Privacy | Terms of service | Contact

In Memoriam

© 2001 - 2024 Democratic Underground, LLC. Thank you for visiting.