Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Security Networking

Netgear and ZyXEL Confirm NetUSB Flaw, Are Working On Fixes 34

itwbennett writes: In follow-up to a story that appeared on Slashdot yesterday about a critical vulnerability in the NetUSB service, networking device manufacturers ZyXEL Communications and Netgear have confirmed that some of their routers are affected and said they are working on fixes. ZyXEL will begin issuing firmware updates in June, while Netgear plans to start releasing patches in the third quarter of the year.
This discussion has been archived. No new comments can be posted.

Netgear and ZyXEL Confirm NetUSB Flaw, Are Working On Fixes

Comments Filter:
  • If anytone is going to confirm anything around here, it will be Netcraft!
  • by deviated_prevert ( 1146403 ) on Thursday May 21, 2015 @08:16PM (#49747861) Journal
    Even if Snowden had never blown the whistle on how the culture of secrecy can run amok and abuse privacy, eventually the NSA would have been caught out because of the Hubris a culture of closed doors creates. This latest revelation [www.cbc.ca] about how they tried to do man in the middle attacks on android and IOS devices only goes to prove the fact that the more closed the source is the more vulnerable it is to abuse in the long term. The first post to this thread is woefully wrong and was evidently posted by a zombie in his parents basement trying to score points with his friends.

    That being said culturally we are being morally bankrupted more by a culture of fear and secrecy than hackers. Gag orders only work to cause public distrust in the long run and so does a lack of transparency.

    The vulnerabilities in these devices will not cause problems long term because their code is transparent the same thing cannot be said about closed source devices. Fortunately Microsoft is transparent and does appreciate users telling them about security flaws otherwise I would never use a Windows device again. Naturally the flaws that exist are harder to fix but at least they do try to make their products and OSes bullet proof from the NSA. Touch wood.

  • by fustakrakich ( 1673220 ) on Thursday May 21, 2015 @08:33PM (#49747919) Journal

    Turn off the equipment, and take up knitting...

  • zyxel? (Score:2, Insightful)

    by satsuke ( 263225 )

    zyxel is still a thing?

    You'd think that brand (name) would have died a decade ago.

    • ODDLY enough, I have 2 nas boxes here by zyxel; and the truly odd thing is their model number: nsa-320. I kid you not!

      had them running about 2 years, now, with no problems! not the fastest thing but they are tiny, they do support both nfs and smb (most small nas boxes don't do nfs) and it has not crashed or had o/s issues that I've seen. I dont use usb on it, only ethernet in and 1 or 2 drives internally, but its been pretty good for its size and price!

  • by Anonymous Coward

    They made *killer* modems in the last days of the BBS era. They were really the only company that could complete (and dominate) over the USR Courier, which was the gold-standard in its many forms from the late '80's to the late '90's. ZyXel was also making the U1496, etc. in Germany at the time.

    Now, they seem more than content to sell Linksys-like shrinkwrapped China-junk @ Frys.

    RIP. ZyXel (oh, and USR...)

  • by Anonymous Coward on Thursday May 21, 2015 @11:03PM (#49748543)

    A critical vulnerability will be fixed some many months from now. Gee, thanks!

    I'll stick with my open-source solutions, thanks!

    Morons, or maybe I should say "assholes".

  • Lets say I want to update my FW because I don't want the NSA to exploit it. How do I know I'm downloading it from Netgear (or any other major home router vendor) rather than a NSA hijacked page? None of them do https.

If all else fails, lower your standards.

Working...