Check your router now - it could be a huge Linux security risk

Many of the most popular home routers available to buy today feature a worrying number of security flaws and vulnerabilities, new research has found.

A report from Fraunhofer Institute for Communication (FKIE) discovered that the firmware present in a large number of leading routers was susceptible to hugely damaging security issues.

Many routers were found to never have received a single security firmware update in their lifetime, despite the risk that this could pose to users at home and at work, and were vulnerable to hundreds of well-known security issues.

Linux security

The FKIE study looked at 127 home routers from seven brands (Netgear, ASUS, AVM, D-Link, Linksys, TP-Link and Zyxel), examining the product firmware for any known security vulnerabilities.

46 of the products it tested had not received any kind of security update within the past 12 months, with some vendors shipping firmware updates without fixing known vulnerabilities, and one set of products not seeing a firmware update for more than five years.

"The update policy of router vendors is far behind the standards as we know it from desktop or server operating systems," the FKIE noted in its report, calling for an industry-wide push to improve router security as a whole.

"Numerous routers have passwords that are either well known or simple to crack – or else they have hard-coded credentials that users cannot change." 

FKIE found that almost all (90%) of the routers were running some form of Linux operating system, however the manufacturers were failing to update this software with the latest patches and fixes, leaving the devices open to attack.

"Linux works continuously to close security vulnerabilities in its operating system and to develop new functionalities. Really, all the manufacturers would have to do is install the latest software, but they do not integrate it to the extent that they could and should," Johannes vom Dorp, part of the team at FKIE's Cyber Analysis & Defense department said.  

"Most of the devices are powered by Linux and security patches for Linux kernel and other open-source software are released several times a year. This means the vendors could distribute security patches to their devices far more often, but they do not."

Via ZDNet



from TechRadar - All the latest technology news https://ift.tt/3iGMpv6
Share:

Related Posts:

1 comment:

Categories

Rove Reviews Youtube Channel

  1. Subscribe to our youtube channel
  2. Like our videos and share them too.
  3. Our youtube channel name Rove reviews.

WITNUX

This website is made by Witnux LLC. This website provides you with all the news feeds related to technology from large tech media industries like GSM Arena, NDTV, Gadgets 360, Firstpost and many other such ates altogether at technical depicts so that you need not go to several sites to view their post provide you advantantage of time.

From the developer
Tanzeel Sarwar

OUR OTHER NETWORKS

OUR YOUTUBE CHANNEL

ROVE REVIEWS PLEASE SUBSCRIBE

OUR FACEBOOK PAGE

The Rove Reviews

Support

Trying our best to provide you the best DONATE or SUPPORTour site Contact me with details how are you gonna help us