back to article Microsoft names Chinese group as source of new attack on SolarWinds

Microsoft has attributed a new attack on SolarWinds to a group operating in China. The software giant on Tuesday posted details of the attack, which SolarWinds on Monday patched and revealed as a Return Oriented Programming attack that targets its Serv-U managed file transfer product and allows an attacker to run arbitrary …

  1. vtcodger Silver badge

    Rarer than unicorns?

    "Bad actor likes to work through insecure consumer routers"

    Is there such a thing as a secure consumer router?

    1. amanfromMars 1 Silver badge

      Re: Rarer than unicorns?

      Is there such a thing as a secure consumer router? .... vtcodger

      No, vtcodger, there is not, nor even whenever routing and/or routeing information servering and servicing intelligence.

      'Tis an escapable fact of/for universal life.

      Many routers are just less secure than others by simple virtue of who and/or what would be using them ..... and for what and/or for whom. To consider any of them failsafe secure is an arrogance displaying an ignorance born of hubris and a fundamental misunderstanding of the nature of the wild beast so obviously confronting one. And such is an exploitable vulnerability which some would tell you has no peer.

    2. SotarrTheWizard

      Re: Rarer than unicorns?

      Not out of the box. Potentially, if flashed with DD-WRT or OpenWRT. . . but J. Random User lacks the knowledge, much less the skills to do so. . .

      Otherwise, the only secure consumer routers are still in their original boxes, sealed and shrinkwrarr

      1. Tom Chiverton 1

        Re: Rarer than unicorns?

        Zen's Fritz devices are solid, auto updating...

      2. Sandtitz Silver badge

        Re: Rarer than unicorns?

        "Not out of the box. Potentially, if flashed with DD-WRT"

        A few years ago Buffalo sold routers with DD-WRT pre-installed. Perhaps others as well?

        DD-WRT lacks any sort of autoupdate mechanism and the all guidance instructs resetting the device to factory defaults when updating and reseting all the options. Which is a major pain. Most commercials home routers usually retain their settings even after major version updates.

    3. Throatwarbler Mangrove Silver badge
      Thumb Up

      Re: Rarer than unicorns?

      I have had no reason to complain about my Synology. It gets security updates and has had no significant vulnerabilities that I'm aware of.

    4. HildyJ Silver badge
      Megaphone

      Re: Rarer than unicorns?

      There is no such thing as a secure router, consumer or otherwise. There are only routers that don't have discovered vulnerabilities.

      I'd go further and say that there's no such thing as a secure device that's connected to the internet. Trusting your devices without additional security is foolish and, for consumers, is basically trusting that out of the hundreds of millions of consumers, you won't be a target. Security by obscurity.

      Keep in mind that SolarWinds was secure, until it wasn't.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021