1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

News BT modems have NSA back-door, claim researchers

Discussion in 'Article Discussion' started by Gareth Halfacree, 17 Dec 2013.

Page 2 of 2
  1. Corky42

    Corky42 Where's walle?

    Joined:
    30 Oct 2012
    Posts:
    9,648
    Likes Received:
    388
    I think GeorgeStorm hit the nail on the head, why would they put back doors in every modem when they can cover entire networks by tapping into one or two upstream connection.
     
    Corky42, 17 Dec 2013
    #21
  2. theshadow2001

    theshadow2001 [DELETE] means [DELETE]

    Joined:
    3 May 2012
    Posts:
    5,284
    Likes Received:
    183
    Mine keeps telling me to speak up a bit.
     
    theshadow2001, 17 Dec 2013
    #22
  3. r3loaded

    r3loaded Minimodder

    Joined:
    25 Jul 2010
    Posts:
    1,095
    Likes Received:
    31
    My own router would not allow remote access to my LAN from the WAN side, except for ports that were explicitly opened. It doesn't matter what the modem does, the router would prevent access.

    Contrast this with BT's combined modems/routers where it was allowing access to the LAN via a VC.
     
    r3loaded, 18 Dec 2013
    #23
  4. IvanIvanovich

    IvanIvanovich будет глотать вашу душу.

    Joined:
    31 Aug 2008
    Posts:
    4,870
    Likes Received:
    252
    I see no reason there would be such a thing. All of the monitoring/spying equipment is installed on the backbone internet exchange points already! When you can put in equipment to do entire countries/regions to monitor all traffic in the middle at once there is no point in having a backdoor at individual end points.
     
    IvanIvanovich, 18 Dec 2013
    #24
  5. Gareth Halfacree

    Gareth Halfacree WIIGII! Lover of bit-tech Administrator Super Moderator Moderator

    Joined:
    4 Dec 2007
    Posts:
    17,148
    Likes Received:
    6,750
    Simple: sticking something at the exchange will let you see the traffic to or from my home network, but it won't let you see my home network - nor will it allow you to see the contents of any properly encrypted VPN or tunnel, modulo brute-force decryption, a back-door or flaw in the VPN software itself, or a man-in-the-middle attack.

    Pwning my router, on the other hand, gives you complete access to my entire home network - including, if you so desire, the ability to then attempt to compromise my desktops, laptops, IP cameras, servers and so forth. Very handy.

    For the record, I'm not convinced by 'The Adversaries,' but I am disappointed that BT hasn't even bothered to respond to my emails on the matter.
     
    Gareth Halfacree, 18 Dec 2013
    #25
  6. forum_user

    forum_user forum_title

    Joined:
    4 Jan 2012
    Posts:
    511
    Likes Received:
    3
    Therefore, the plot thickens!

    The HomeHub5 I have is a VDSL modem and router in one. I guess I cannot use my old Asus D6300 due to not being VDSL, is that right?

    1. I never agreed to be part of BT Wifi - which means anyone can leach my broadband using their BTInternet email and pass.

    2. This story makes me wanna drop HH5 like a hot potatoe.

    3. I'm having serious issues with speed at this new property anyway, and want to test using one of my older routers but can't get it up and running. Due to VDSL?
     
    forum_user, 18 Dec 2013
    #26
  7. Gareth Halfacree

    Gareth Halfacree WIIGII! Lover of bit-tech Administrator Super Moderator Moderator

    Joined:
    4 Dec 2007
    Posts:
    17,148
    Likes Received:
    6,750
    Correct: ADSL and VDSL are both Digital Subscriber Line standards, but incompatible. ADSL2+ maxes out at, what, 20-odd Mb/s, whereas VDSL hits 76Mb/s and more without difficulty.
    You can opt out of this in your BT Account page, although doing so means you can no longer get free access to others' BT WiFi hotspots. Also, technically speaking, you did agree to be part of BT WiFi - it's in the Ts&Cs nobody ever bothers to read when they sign up.
    The document definitely doesn't cover the Home Hub 5, as it specifically refers to a separate modem and appears to indicate that it's this modem that has been compromised. That said, given what we know from Snowden it would seem likely that any given closed-source product has at least one country's back-door in it, and possibly multiple - routers included. So, too, might your Asus router - or any other router you pick up as a replacement. Joy!
    Yup. As above, they're completely incompatible. If you want to ditch the HH5, you'll need a VDSL modem/router or a separate VDSL modem; an ADSL modem will do you no good here.
     
    Last edited: 18 Dec 2013
    Gareth Halfacree, 18 Dec 2013
    #27
  8. IvanIvanovich

    IvanIvanovich будет глотать вашу душу.

    Joined:
    31 Aug 2008
    Posts:
    4,870
    Likes Received:
    252
    If they spot traffic to/from you that causes interest, it doesn't matter what you are doing inside your own network with it, you've already been flagged. I seriously believe every known widely used encryption is already broken by NSA, etc. and they probably have the capability to decrypt it on the fly with specialized 'black box' hardware. Also at which case they can surely do any altering of traffic and data injection if they so choose from what is in place at the exchange points.
    Basically, if you engage in illicit activities electronically, you are most likely screwed regardless of precautions you have taken, barring writing ALL of your own software from scratch. If you are not, well sure it's annoying to be monitored and you shouldn't say it's OK but it's not like anything will actually be done about it to change it. Not enough people are willing to wake up and take a true hard stand against the governments and companies responsible and take any action to actually force that change. Even if there were, how can we be sure it actually happened?
     
    IvanIvanovich, 18 Dec 2013
    #28
Page 2 of 2
Tags: Edit

Share This Page