Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
Security Encryption Linux

Study: Firmware Plagued By Poor Encryption and Backdoors 141

Posted by Soulskill
from the how-the-sausage-is-made dept.
itwbennett writes: The first large-scale analysis of firmware has revealed poor security practices that could present opportunities for hackers probing the Internet of Things. Researchers with Eurecom, a technology-focused graduate school in France, developed a web crawler that plucked more than 30,000 firmware images from the websites of manufacturers including Siemens, Xerox, Bosch, Philips, D-Link, Samsung, LG and Belkin. In one instance, the researchers found a Linux kernel that was 10 years out of date bundled in a recently released firmware image. They also uncovered 41 digital certificates in firmware that were self-signed and contained a private RSA encryption key and 326 instances of terms that could indicate the presence of a backdoor.
This discussion has been archived. No new comments can be posted.

Study: Firmware Plagued By Poor Encryption and Backdoors

Comments Filter:

Statistics are no substitute for judgement. -- Henry Clay

Working...