Hundreds of millions of Broadcom-based cable modems at risk of remote hijacking, eggheads fear A vulnerability in Broadcom's cable modem firmware has left as many as 200 million home broadband gateways in Europe, and potentially more worldwide, at risk of remote hijackings. Four Danish researchers have demonstrated how a miscreant could exploit the hole, CVE-2019-19494, the wild: essentially, a victim is tricked into …
Yep. Go to the provided link and....blank screen unless I allow scripts to run. Exactly the behaviour they raise as the ingress for the malware. I took a chance and enable scripts for their domain. They have a tool I can use to see if my modem has been compromised. Their link takes me to github where I'm expected to download and install some executable then download and run a Python script.
How do I know for sure that this isn't an elaborate hoax to get be infected?
Question is though, what bandwidth is there upstream from the head ends? Sure, maybe each modem could peak at 1G/s up on a good day, but if you get 1000 modems all doing that I highly doubt there's a working 1T/s connection up from each head end to the next level provider (or even the next hop, often another head end, in the cable plant).
At minimum the NOC should notice and if required throttle all those modems to get the storm under control (first network to get DDoSed in such an attack will be the network operator's, after all...)
DDoS generally uses magnification attacks, they send a small packet upstream, which causes the recipient to send a lot of data to the spoofed IP address.
You send a simple request of a few bytes up to, for example, an NTP server, asking for a list of information and you provide it with a spoofed answer address. Your few bytes upstream turn into anything up to megabytes in return information aimed at the site you are DDoSing. Therefore 200 million modems with limited upstream capability can still cause terabyte sized DDoS attacks.
Fair enough, though a decent NOC should still be able to see the abnormal flow on their network (200 million modems doing constant NTP or DNS lookups with no return flow *should* throw a few alarms).
As to how to mitigate that, I'm not sure. You can't just cut off NTP or DNS, and rate limiting is not going to help much due to the amplification. Any of the obvious solutions (redirect to ISP servers only, block outgoing, blocking IPs with outgoing requests but no incoming data) will either create massive privacy and security problems or result in the helldesk phones ringing off the hook with justified "can't browse" complaints.
It's almost like trusting a third party to develop business critical software might be a bad idea, no?
I'll add the ever famous Pi-Hole to the list, as well as stop social, ghostery and NoRef for your browsing pleasure.
I was really put off the other day when I visited a website, by a knowledgable IT guy now has some shitty overlay on his website that complains about your adblockers, and wants you to click on an ad to get access to his site, which is really sad, as his mojo saved me hours of mindless searching. I get it that he needs to keep his site running and that cost money. Unfortunately, ad slingers could care less about your computer security, and I won't take the chance.
idiom nounid·i·om | \ ˈi-dē-əm
\
plural idioms
Definition of idiom
1 : an expression in the usage of a language that is peculiar to itself either in having a meaning that cannot be derived from the conjoined meanings of its elements (such as up in the air for "undecided") or in its grammatically atypical use of words (such as give way)
Emphasis mine.
Does not explain "could care less", which I only noticed for the first time three or four years ago, I think originally in US-based sources. The actual expression has been around for a very, very long time, though it is usually shown as "couldn't" rather than "could not". I imagine "couldn't" --> "could" is simply the sort of lazy-stop that often cuts off the ends of words.
M
That's exactly the reason. It's even - gasp! - irony. Like "they couldn't care less" so much that they couldn't be bothered with the "-n't".
People criticising slang idioms in different versions of English is tedious in the extreme. FWIW, Americans use both, and there are plenty of Americans who also criticise the "could care less" version among their own. Again, slang, who cares?
If you see it in formal writing, sure, get up on your hind legs then (but make sure it's not a perfectly acceptable variation in their English first).
It's even - gasp! - irony
Nah. In most cases (sweeping generalisation) it's simply ignorance. We discussed a similar case here recently, "the proof is in the pudding". I'll bet that most people who use this phrase do it entirely innocently - not ironically - having heard it somewhere else and not realising that it's a corruption of a perfectly legitimate and explainable phrase.
In fact I'd go so far as to say that many, if not most, idioms have a rational explanation behind them. Even apparently madcap ones such as "raining cats and dogs" or the Welsh equivalent "hen wragedd â ffyn" = "old ladies with sticks". They bring to mind a particular sort of painful, lashing rain.
M.
When I was in primary school (Wales, 1970s), it was quite common to here the expression "I could care less, but not much!" (with heavy emphasis on the "could"). I've always assumed that "I could care less" was a shortened version, with "but not much" being implied.
"Could not care less" is a factually incorrect statement. By saying it, it shows you care enough to at least make a statement about the topic. Ignoring the topic and talking about something else is the way you show you couldn't care less.
/pedant
There's something of a mistery to me how one person can't keep his site running unless making money out of it.
I pay 7 euro/year for my domain and about 75 euro/3 years for hosting. Let's make it a total of 100 euro/3 years, that's 10 euroCENTS per day.
FFS, what's wrong with you people?
I get it, you want to be paid for your knowledge. So set up a subscription and enjoy the income.
It depends on the site and the expectations of that sort of thing. For example, the well-regarded Phoronix is essentially a one-man-band, but it is constantly updated, read by lots of people and runs forums. Constant updates mean spending time on the site, which often means it's impossible to run the thing as a hobby alongside "real work". A large readership means typical low-end servers can't cope - for €25 a year you are getting, what, 100MB per month bandwidth, and a few GB of storage? Running forums is even more difficult as you need someone to keep an eye on things because spanners will put people off and people posting illegal content or links will eventually attract the attention of the authorities.
Somehow that all has to be paid for and I have no problem at all with small sidebar or even in-line adverts, but I really do have a problem with ads which rely on third-party script, as nearly all of them have as their joint-primary purpose tracking you across the web. I particularly hate those which prevent the site content loading until you agree to this tracking, and "cookie consent" banners which won't go away until you have clicked "I consent" and (and I'm sure this is illegal) don't offer you an "I don't consent" option.
I'm sure many here have sites such as doubleclick and google-analytics permanently disabled or black-holed. In my case, if that breaks a website, I make do without.
Or I only browse from work, where I don't have control over such stuff :-)
M.
This post has been deleted by its author
who sells (and rents) consumer DSL modems with the TR-069 port enabled from the factory (port 4567, for anyone interested), not disableable via the configuration pages, and world-accessible. (They don't block incoming connections from the 'net to the port!) And their tech support folks have never heard of TR-069. And the factory (Actiontec) won't provide instructions to modem owners on how to disable it, as it's a CenturyLink "feature".
Guess why I maintain my own router behind the modem, and only use the modem's wifi as guest access?
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
