Slashdot Mirror

← Back to Stories (view on slashdot.org)

Backdoor In RuggedOS Systems: Infrastructure, Military Systems Vulnerable

Posted by Unknown on from the steal-me-up-some-electricity dept.

FhnuZoag writes "A backdoor has been found in Canadian based RuggedCom's 'Rugged Operating System', providing easy access to anyone with the devices's MAC address — something often publically displayed. Rugged OS is being used in a wide range of applications, including traffic control, power generation, and even U.S. Navy bases. The backdoor was first found over a year ago, and RuggedCom have so far refused to patch out the exploit." The exploit is trivial: each device has a permanent "factory" user, and an automatically generated password derived from the MAC.

10 of 154 comments (clear)

  1. Re:Nothing is 100% secure. by LordAndrewSama · · Score: 5, Funny

    There's a difference between "Nothing is 100% secure" and "Why yes sir, I will lay out the welcoming mat for you".

  2. Re:Nothing is 100% secure. by ColdWetDog · · Score: 5, Funny

    Never play cards with a man called Doc. Never eat at a place called Mom's. Never sleep with a woman whose troubles are worse than your own.

    Never trust an OS with the 'Rugged' in it's name.

    --
    Faster! Faster! Faster would be better!
  3. PCI-DSS and others by Alioth · · Score: 5, Interesting

    Using this device would mean you would fail PCI-DSS and probably a few other widely used standards (ISO-27001 for example). One of the first requirements in these standards is that default vendor passwords be changed. You can't change it or even disable it.

    --
    Oolite: Elite-like game. For Mac, Linux and Windows
  4. exploit by vlm · · Score: 5, Insightful

    Looks like to exploit this, you need the MAC addrs.
    1) One way is to be on the same LAN segment and watch a sniffer. This means you're already dead because you've lost physical security.
    2) Another way is to telnet (FREAKING telnet in 2012?) into the device and the MAC is in the MOTD. This means you're already dead because you've lost all network security. What kind of madman allows telnet traffic thru a firewall in 2012? What kind of a madman allows unrestricted internet access to an embedded control device?
    3) If you manage to somehow own a plain ole PC on a scada network, now you can own embedded control devices. But having an owned PC on your network means you're dead anyway.

    I'm still struggling to figure out how a live, well run network could be in danger. What I mean is to implement this exploit takes a system that is already more screwed up than anything you could do with the exploit.

    --
    "Science flies us to the moon. Religion flies us into buildings." - Victor Stenger
    1. Re:exploit by Guppy06 · · Score: 5, Insightful

      4) brute force the password, knowing that only 3 bytes are unique to the device.

    2. Re:exploit by idontgno · · Score: 5, Informative

      It really isn't 6 bytes either. Since RuggedCom has two registered MAC OUIs (grep for "RuggedCom"), it's only 24 bits to brute-force over two possible 3-byte manufacturer prefixes.

      Yeah. Fail-flavored failure-stuffed failure topped with fail gravy.

      --
      Welcome to the Panopticon. Used to be a prison, now it's your home.
  5. Re:Nothing is 100% secure. by yoyoq · · Score: 5, Informative

    never get involved in a land war in Asia Never go against a Sicilian when death is on the line

  6. Re:Engineers overlooking the obvious design by h4rr4r · · Score: 5, Insightful

    Also when the switch is flipped it should not perform its normal work.

    That way it cannot be left in that mode.

  7. It was a typo. by HiggsBison · · Score: 5, Funny

    It was supposed to be RiggedOS.

    --
    My other car is a 1984 Nark Avenger.
  8. Re:Nothing is 100% secure. by H0p313ss · · Score: 5, Insightful

    Never get involved in a software project where the team leader says either "agile" or "scrum" in every second sentence.

    --
    XML is a known as a key material required to create SMD: Software of Mass Destruction