Privacy Blog

"Friends don’t let friends get spied on.' – Richard Stallman, President of the Free Software Foundation and longtime advocate of privacy in technology.

Backdoor Accounts Discovered in 29 FTTH Devices from Chinese Vendor C-Data

Here is another argument in favor of encryption without any “back doors”:

In a report published this week, security researchers Pierre Kim and Alexandre Torres said they discovered seven vulnerabilities in the firmware of FTTH OLT devices manufactured by Chinese equipment vendor C-Data.

Kim and Torres said they confirmed the vulnerabilities by analyzing the latest firmware running on two devices, but they believe that the same vulnerabilities impact 27 other FTTH OLT models, as they run similar firmware.

The vulnerabilities are as bad as it gets, but by far, the worst and most disturbing of the seven is the presence of Telnet backdoor accounts hardcoded in the firmware.

Who knows how many companies and organizations can access these backdoors? Obviously, the manufacturer (C-Data) can surreptitiously access it anytime they want but what about credit card thieves, identity thieves, or the Chinese government?

You can

Categories: Encryption, Online Privacy & Security

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.