Follow Slashdot stories on Twitter


Forgot your password?
Slashdot Deals: Cyber Monday Sale! Courses ranging from coding to project management - all eLearning deals 25% off with coupon code "CYBERMONDAY25". ×
Security Encryption Linux

Study: Firmware Plagued By Poor Encryption and Backdoors 141

itwbennett writes: The first large-scale analysis of firmware has revealed poor security practices that could present opportunities for hackers probing the Internet of Things. Researchers with Eurecom, a technology-focused graduate school in France, developed a web crawler that plucked more than 30,000 firmware images from the websites of manufacturers including Siemens, Xerox, Bosch, Philips, D-Link, Samsung, LG and Belkin. In one instance, the researchers found a Linux kernel that was 10 years out of date bundled in a recently released firmware image. They also uncovered 41 digital certificates in firmware that were self-signed and contained a private RSA encryption key and 326 instances of terms that could indicate the presence of a backdoor.
This discussion has been archived. No new comments can be posted.

Study: Firmware Plagued By Poor Encryption and Backdoors

Comments Filter:
  • Re:Of course (Score:4, Informative)

    by Lazere (2809091) on Tuesday August 12, 2014 @04:14PM (#47658213)

    Once you have IPV6, with no (supposed) need for firewalls.

    Why does somebody always have to trot this out? IPV6 does not mean no need for firewalls. It means no need for NAT. These are not the same thing. Please, please stop spewing this crap.

Leveraging always beats prototyping.