An ease-of-use feature that lets users bypass the network password and connect devices to a router for gaming for gaming" class="wow_main_float_head_img">

An ease-of-use feature that lets users bypass the network password and connect devices to a router for gaming for gaming

Comments · 321 Views

"If WPS is active, you can get into the router for gaming," Horowitz said. "You just need to make 11,000 guesses" — a trivial task for most modern computers and smartphones.

The WPS threat
Worst of all is router for gaming Protected Setup (WPS), an ease-of-use feature that lets users bypass the network password and connect devices to a router for gaming for gaming network simply by entering an eight-digit PIN printed on the router for gaming itself. Even if the network password or network name is changed, the PIN remains valid.

"This is a huge expletive-deleted security problem," Horowitz said. "That eight-digit number will get you into the [router] no matter what. So a plumber comes over to your house, turns the router over, takes a picture of the bottom of it, and he can now get on your network forever."

That eight-digit PIN isn't even really eight digits, Horowitz explained. It's actually seven digits plus a final checksum digit. The first four digits are validated as one sequence and the last three as another, resulting in only 11,000 possible codes instead of 10 million.

"If WPS is active, you can get into the router for gaming," Horowitz said. "You just need to make 11,000 guesses" — a trivial task for most modern computers and smartphones.

Then, there's networking port 32764, which French security researcher Eloi Vanderbeken in 2013 discovered had been quietly left open on gateway router for gaming sold by several major brands. 

Using port 32764, anyone on a local network — which includes a user's ISP — could take full administrative control of a router for gaming for gaming, and even perform a factory reset, without a password.

The port was closed on most affected devices following Vanderbeken's disclosures, but he later found that it could easily be reopened with a specially designed data packet that could be sent from an ISP.

"This is so obviously done by a spy agency, it's amazing," Horowitz said. "It was deliberate, no doubt about it."

Comments