Slashdot Mirror

← Back to Stories (view on slashdot.org)

Netgear and ZyXEL Confirm NetUSB Flaw, Are Working On Fixes

Posted by samzenpus on from the protect-ya-neck dept.

itwbennett writes: In follow-up to a story that appeared on Slashdot yesterday about a critical vulnerability in the NetUSB service, networking device manufacturers ZyXEL Communications and Netgear have confirmed that some of their routers are affected and said they are working on fixes. ZyXEL will begin issuing firmware updates in June, while Netgear plans to start releasing patches in the third quarter of the year.

17 of 34 comments (clear)

  1. Hey! by Ol+Olsoc · · Score: 1

    If anytone is going to confirm anything around here, it will be Netcraft!

    --
    The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
    1. Re:Hey! by Ol+Olsoc · · Score: 1

      They confirmed you're a cuckolded sissy.

      Only thing worse than being witty is not being witty.

      --
      The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
  2. Re:Open sores software == shit by Ol+Olsoc · · Score: 1

    That's what happens with you trust open sores software. Freetards writing C code is dangerous.

    Yeah, we need some of that always safe commercial stuff there Trollerena.

    Anyone who gets that reference wins one internet.

    --
    The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
  3. Secrecy in security is not always a good thing. by deviated_prevert · · Score: 4, Insightful
    Even if Snowden had never blown the whistle on how the culture of secrecy can run amok and abuse privacy, eventually the NSA would have been caught out because of the Hubris a culture of closed doors creates. This latest revelation about how they tried to do man in the middle attacks on android and IOS devices only goes to prove the fact that the more closed the source is the more vulnerable it is to abuse in the long term. The first post to this thread is woefully wrong and was evidently posted by a zombie in his parents basement trying to score points with his friends.

    That being said culturally we are being morally bankrupted more by a culture of fear and secrecy than hackers. Gag orders only work to cause public distrust in the long run and so does a lack of transparency.

    The vulnerabilities in these devices will not cause problems long term because their code is transparent the same thing cannot be said about closed source devices. Fortunately Microsoft is transparent and does appreciate users telling them about security flaws otherwise I would never use a Windows device again. Naturally the flaws that exist are harder to fix but at least they do try to make their products and OSes bullet proof from the NSA. Touch wood.

    --
    This message was not sent from an iPhone because Peter Sellers really was a deviated prevert without a dime for the call
  4. Re:Open sores software == shit by binarylarry · · Score: 1

    Dude I loved that album!

    --
    Mod me down, my New Earth Global Warmingist friends!
  5. Re:Open sores software == shit by msauve · · Score: 1

    "open sores software"

    There's an anti-virus which can treat that.

    --
    "National Security is the chief cause of national insecurity." - Celine's First Law
  6. In the meantime, by fustakrakich · · Score: 3, Funny

    Turn off the equipment, and take up knitting...

    --
    “He’s not deformed, he’s just drunk!”
  7. Re:what about their older routers? by Lunix+Nutcase · · Score: 1

    Being rhetorical, right?

  8. zyxel? by satsuke · · Score: 1, Insightful

    zyxel is still a thing?

    You'd think that brand (name) would have died a decade ago.

    1. Re:zyxel? by TheGratefulNet · · Score: 1

      ODDLY enough, I have 2 nas boxes here by zyxel; and the truly odd thing is their model number: nsa-320. I kid you not!

      had them running about 2 years, now, with no problems! not the fastest thing but they are tiny, they do support both nfs and smb (most small nas boxes don't do nfs) and it has not crashed or had o/s issues that I've seen. I dont use usb on it, only ethernet in and 1 or 2 drives internally, but its been pretty good for its size and price!

      --

      --
      "It is now safe to switch off your computer."
  9. Re:Open sores software == shit by Bing+Tsher+E · · Score: 1

    You're soaking your fingers in it.

  10. Re:what about their older routers? by Bing+Tsher+E · · Score: 2

    Protection rackets don't work that way.

    Get on board with their new stuff!

  11. NetUSB (USB Over IP) is proprietary software. by techt · · Score: 4, Informative

    NetUSB by the company KCodes is proprietary not open source software.

  12. ZyXel in the BBS days by Anonymous Coward · · Score: 1

    They made *killer* modems in the last days of the BBS era. They were really the only company that could complete (and dominate) over the USR Courier, which was the gold-standard in its many forms from the late '80's to the late '90's. ZyXel was also making the U1496, etc. in Germany at the time.

    Now, they seem more than content to sell Linksys-like shrinkwrapped China-junk @ Frys.

    RIP. ZyXel (oh, and USR...)

  13. Re:Open sores software == shit by Ol+Olsoc · · Score: 1

    You're soaking your fingers in it.

    Something tells me you don't get the reference.

    --
    The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
  14. Critical; thrid quarter? lol by Anonymous Coward · · Score: 5, Insightful

    A critical vulnerability will be fixed some many months from now. Gee, thanks!

    I'll stick with my open-source solutions, thanks!

    Morons, or maybe I should say "assholes".

  15. Too bad you don't know where FW is downloaded from by NotBorg · · Score: 1

    Lets say I want to update my FW because I don't want the NSA to exploit it. How do I know I'm downloading it from Netgear (or any other major home router vendor) rather than a NSA hijacked page? None of them do https.

    --
    I want this account deleted.