Slashdot Mirror

← Back to Stories (view on slashdot.org)

Netgear's Amusing "fix" for WG602v1 Backdoor

Posted by CmdrTaco on from the get-your-giggle-on dept.

An anonymous reader writes "Recently Slashdot reported that the Netgear router has as WLAN backdoor. According to this report by the news service of the German publisher Heise Netgear "fixed" the problem with a firmware update. And what is the fix? According to Heise, they didn't remove the backdoor at all. Instead they just changed the login information! They replaced the old user name 'super' with 'superman', and changed the old password to '21241036'. "

6 of 515 comments (clear)

  1. Translation...no mod by Prince+Vegeta+SSJ4 · · Score: 0, Redundant

    HERE is the google translation, for those of us who don't speak German

  2. another one bites the dust by klocwerk · · Score: 0, Redundant

    /me takes another vendor off my personal acceptable list

    --

    "You worthless post!"
    -Shakespeare, 2 Gentlemen of Verona, 1. 1. 147
  3. Wow, What A brillient Job by masternerd · · Score: 0, Redundant

    Changing the user information, is a fix ??? Whats up with you guy ? Joke! What do I comment on this stupid move.

  4. Backdoor also in new Netgear firmware by Anonymous Coward · · Score: 0, Redundant

    Netgear reacted to the messages of a backdoor in the firmware of their ACCESS POINT WG602 promptly with a firmware update, however the backdoor is still present -- this time only with new user name and password. They were a bit creative with the name and extended the superuser login "super" to "superman". With the 21241036 password Netgear has obviously for the first time taken security seriously. To whom however this telephone number is owned, Netgear Germany could not say -- because no one knew anything about the problem and only wanted to fix it.

    Clear enough? :)

  5. Re:anon to not karma whore by joranbelar · · Score: 0, Redundant

    Sure can, that's my job ;) Backdoor remains in new firmware from Netgear While Netgear may have reacted quickly to the reports of a backdoor in the firmware of their Access Point WG602 by issuing a firmware update, the backdoor itself is nevertheless still present -- this time simply with a new username and password. They were less than creative with the user name, extending the original "super" to "superman". With the password, Netgear has apparently taken the first forum reports of the security hole seriously and changed the phrase to "21241036". To whom this telephone number belongs, however, Netgear Germany could not say - nobody there knew anything about the "new" problem, first wanting to fully acquaint themselves with the issue. Another firmware update is not yet available, and regardless, the question remains whether users will be eager to apply yet another patch after the second screw-up. According to lawyers, this could open the door for end users to return the hardware to the vendor and demand a refund. While they may still try to fix the problem, at the chances of are pretty low.

  6. Accuracy in reporting? by Junior+J.+Junior+III · · Score: 0, Redundant

    This is neither amusing nor is it a fix.

    --
    You see? You see? Your stupid minds! Stupid! Stupid!