deleted by creator
It’s possible the “mystery” they refer to could be related to the identity of the hacker(s), how it got onto the routers in the first place, or the purpose for the attack
deleted by creator
With no clear idea how the routers came to be infected…
deleted by creator
You posses extremely niche knowledge. Being catty because the headline doesn’t suit your preferences comes off as fairly rude and pretentious. Good for you for understanding that the headline is misleading, but there are more relatable ways to say that.
Basic reading comprehension shouldn’t be considered extremely niche knowledge
Ah so you’re just kind of rude, cool.
English aint Lojban, if you know what I mean.
“mystery malware”
The article clarifies the name of the malware.
Clickbait BS. Why are you being disingenuous?
Your reply reads to me as if you’re calling me disingenuous, which I can’t for the life of me understand. I’m not the author. I offered a possible explanation.
One day last October, subscribers to an ISP known as Windstream
In case anyone only reads the headline
Keep firing tech people, the tech peiple will have to find an hobby
And that’s why you should run your own router. Preferably using open firmware/OS like ddwrt or pfSense/opnSense.
I’m curious, does running open source software somehow exempt you from getting malware?
Not necessarily, but the odds of getting popped by a heretofore undisclosed backdoor that your ISP didn’t think would be a big deal are eliminated entirely, and you can also do a lot more interesting things with your home infrastructure, if that’s your thing.
Is the recent XZ backdoor (and something that had to do with SSH too) anything to worry about in terms of the probability of there being a backdoor even in open source router software?
Not trying to dissuade anyone here, I love open source software, I’m just wondering how much effort is reasonable to be put into securing your local network (i.e. buying your own router, also installing open source software, or writing your own router software if you don’t trust existing solutions) given that not everyone is tech savvy and you get diminishing returns for every additional security measure. And when is the usual point at which you would say “okay, this is secure enough”?
My router is not from an ISP, but it does get frequent firmware updates and I don’t use any cloud management features, only local configuration.
I mean, the ISP-provided boxes don’t give you a way to upgrade past that faster than you would on an open distribution. The latter had fixes out within a week, or just weren’t affected. And it’s also way easier to check the deps on open firmware/OSes.
