May 28, 2018 By: El Jefe Category: Holy Crap
In today’s NYT: The FBI is urgently requesting that everyone reboot their home and small business routers. Russian malware has been infiltrating small networks causing damage from stolen passwords and personal data to rendering devices unusable. This is not a joke, this is not The Onion. Reboot your router.
And, no, Donald, this is not fake news.
Welcome to The World's Most Dangerous Beauty Salon, Inc.
My name is Susan DuQuesnay Bankston. I live in Richmond, Texas, in the heart of Tom DeLay's old district. It's nuttier than squirrel poop here.
I am honored and privileged to know Miss Juanita Jean Herownself, hairdresser extraordinary and political maven. Since she does not have time to fiddle with this internet stuff, I type her website for her and you can read it if you want to. If you don't, she truly does not give a big bear's butt.
A lot of what I post here has to do with local politics, but you probably have the same folks in your local government.
This ain't a blog. Blogs are way too trendy for me. This is a professional political organization.
And just how do I do this? Verizon holds my router hostage.
1My idea of rebooting is to turn it off and then on again. What else needs to be done? I’m one of those out of the stone age people.
2AK Lynne – Turning a router off, waiting 15-30 seconds, then turning it back on reboots it. Just like turning off your PC and turning it back on.
3It, may not be a drill, but I am reliably informed that it IS a witch hunt.
4So military hackers from Rusher have infiltrated are servers with malware??? I betcha Spank Drumpf are fearless leader will have something to say about that. Oh yeah, like @lumpkin@ said above “witch hunt”. What Dumba$$es these snacilbupeR are.
5List of routers known to be vulnerable: https://slate.com/news-and-politics/2018/05/fbi-is-asking-everyone-to-reboot-their-routers-to-stop-russian-malware-infection.html
6Instead of turning the router off then back on, disconnect it from power source (unplug from wall) then reconnect it after about 30 seconds. Many devices do not turn completely off when the off/on switch is flipped. Others do not even have a power switch. YMMV!
7This is mostly for folks who haven’t bothered to change the default admin password, which admittedly is most. If you have a reasonable password set, there is little chance of malware, because it’s not worth the time required to guess it. But I suspect most home users don’t even know that there is a separate password for administering the router, in addition to the wifi password. The standard default username is admin, and the default password is often ‘password’, and if it’s different, it’s easily found via the internet. Changing the admin password is the first thing that should be done when installing a router.
8Disconnect the router from the power source (unplug it), wait 30 seconds. Turn it on BEFORE plugging it back in, sometimes they will hold a charge. Turn it off. Plug it back in to the power source, turn it back on again.
9Router security has largely been ignored up until now. The ISPs typically don’t pay much attention to this, and those routers have remote administration features that can be hacked. Most end users don’t routinely check for firmware updates, and ignore the router as long as the Internet is running.
One suggestion: run a search for “secure router” Various manufacturers offer these – and they’ve typically got anti-malware and other features built in. Still vulnerable to a determined attacker, but at least one isn’t leaving the digital door unlocked.
10One other thing: rebooting the router may not be enough to stop the “vpnfilter” router malware:
11Meanwhile, every Intel processor has an NSA back door built into it. That includes all Intel ARM cpus-the ones used in phones, tablets,and smart devices. When it came out that Intel was doing this, it was called a “design flaw”,-RIGHT!! I’m more worried about our homegrown alphabet agencies hacking my computer than anyone else. Just like those state voter ID databases that were hacked, ostensibly by the Russians, and it turned out the IPs traced to the hacks were controlled by DHS.
12@Mike
So the Obama administration hacked the November 2016 election to benefit… Spanky? Why?
13I will really get upset when Trump orders the FBI to confiscate everyone’s hard drive.
14Off topic, but is el Jefe creating an opus about the refugee children being taken from their parents and now nearly 1500 are “misplaced”??? Snopes says it’s real. So does John Kelly.
15@LInda Phipps #15: They’ve not been “misplaced” .
They’re *hostages* that have been “disappeared”.
I already wrote my senators, suggestions for others?
16@Old Fart:
Doesn’t the United Nations have an agency or department that handles (I hope I am saying right) human rights/social injustice and humane treament of immigrants, asylum seekers and the children of? If they do, I wonder if they could have any influence.
17It seems the routers listed aren’t the latest and greatest. So 1 router I checked was reviewed in 2009, another 2012. Both were currently available on Amazon for ~$40. I currently use the Verizon router as a wired only connection, and a better router for WiFi. Sometimes you get what you pay for…
18@ Linda Phipps,
They’ll only get it after I have destroyed it. Then they can wade in in the sewer for the bits.
19@ Mike,
What iMacs? Unix has no back doors. I don’t use microsoft apps on my desk top.
20Oh yeah…
I also keep my media devices off the WiFi if I can help it (wired zone). The “dumber” the device the easier to hack…
21@Papa #20: if the CPU an OS is running on is a modern Intel model, that box is vulnerable without the proper patches and CPU microcode updates. I run Linux, so have been bombarded with a continuous stream of kernel updates, with commentary, since the Spectre and Meltdown vulnerabilities were announced. System management is tedious, but I have firsthand experience with how happy a family member can be when you can resurrect a dead/mangled computer with the backups you’ve been scolding them about. I feel more comfortable with OS-X, but even Windows is better than it used to be, *starting with proper backups and updates*.
Be paranoid, they *are* out to get you…
22Old Fart:
I am running OS X. So far so good. Havent had any invaders so far. Extremely careful about the apps I use and the updates. Updates can be disguises for trojans and scammers.
23@Papa
24The back door is accessible at a machine language level on any Intel cpu, Macs use Intel processors too. The back door was set to be accessed at a level below whatever OS you’re using. You can run Mac, Windows, or Linux and the door is still accessible.
@Mike #20: The patches that disable “speculative prefetch” have been tested and decrease performance ~10-15%. Since my CPU is usually at less than 10% load, I haven’t seen any meaningful difference post patches. The Ubuntu based variants (I use Mint) have a sweet boot time kernel choice in the advanced boot menu, so I can happily stay at post neophyte level w/o reverting to wracking my brain about Unix commands. Mint is the user friendly end of the spectrum, so I even get Adobe Flash type plugins right out of the box. The fact that I can run a life-craft install from a USB flash drive (>16GB pref.) and separate the \home to a dedicated partition has kept me happy through a couple of OS upgrade fresh installs (which only affect the \ (root) partition).
Yes I’m advocating Linux, Because there are soooo many Windows boxes, there are soooo many dollar sign targets drawn on those Windows computers. OS-X is better, but I have no idea about their OS level update schedule and *hate* how they force an install to tie to things like Apple Pay and the cloud. The digital world is easier to deal with if more than one option is available, and multi-booting is an easier way to keep your data accessible…
25Mike, et al,
I think what y’all are fretting about are a part of some modern Intel processor families called “Intel vPro” (the overall tech ‘system’, part of the processor), and “AMT”, and other subsystems within vPro; not ALL Intels.
It is a threat for some, but most consumer computers are not equipped with this vPro tech, which is present in many modern ‘business-class’ machines, and are not vulnerable to what you are describing (I do have a number of HP computers which have this vPro ‘feature’).
What follows below is just a small, very abbreviated summary of the topic ;] :
https://en.wikipedia.org/wiki/Intel_vPro
“Intel vPro technology is an umbrella marketing term used by Intel for a large collection of computer hardware technologies, including Hyperthreading, Turbo Boost 3.0, VT-x, VT-d, Trusted Execution Technology (TXT), and Intel Active Management Technology (AMT).[1] When the vPro brand was launched (circa 2007), it was identified primarily with AMT,[2][3] thus some journalists still consider AMT to be the essence of vPro.[4]…
Intel AMT is part of the Intel Management Engine that is built into PCs with the Intel vPro brand. Intel AMT is a set of remote management and security hardware features that let a sys-admin with AMT security privileges access system information and perform specific remote operations on the PC.[6]…
Intel vPro is a brand name for a set of Intel technology features that can be built into the hardware of the laptop or desktop PC.[11] The set of technologies are targeted at businesses, not consumers. ”
https://en.wikipedia.org/wiki/Intel_Active_Management_Technology
“Intel Active Management Technology (AMT) is hardware and firmware technology for remote out-of-band management of personal computers,[1][2][3][4][5] in order to monitor, maintain, update, upgrade, and repair them.[1] Out-of-band (OOB) or hardware-based management is different from software-based (or in-band) management and software management agents.[1][2]…
Currently, AMT is available in desktops, servers, ultrabooks, tablets, and laptops with Intel Core vPro processor family, including Intel Core i5, i7, and Intel Xeon processor E3-1200 product family.[1][10][11] …
Intel confirmed a Remote Elevation of Privilege bug (CVE-2017-5689, SA-00075) in its Management Technology on 1 May 2017.[12] Every Intel platform with either Intel Standard Manageability, Active Management Technology, or Small Business Technology, from Nehalem in 2008 to Kaby Lake in 2017 has a remotely exploitable security hole in the ME.[13][14] Some manufacturers, like Purism[15] and System76[16] are already selling hardware with Intel Management Engine disabled to prevent the remote exploit. Additional major security flaws in the ME affecting a very large number of computers incorporating Management Engine, Trusted Execution Engine, and Server Platform Services firmware, from Skylake in 2015 to Coffee Lake in 2017, were confirmed by Intel on 20 November 2017 (SA-00086).”
26Linda Phipps, word from the House is that Lyin’ Ryan is trying to stave off a full revolt by the Freedumb Caucus and also plans to entertain 4-5 immigration proposals with maybe a vote. Whereas the orange lard piñata who once said he’d “sign any bi-partisan plan” placed on his desk is blubbering about his wall. Again. If Congress had a pair among them, they’d tell Donnie that he can have all the wall that Mexico will buy him; like he promised.
https://www.msn.com/en-us/news/politics/gop-leaders-scramble-to-contain-immigration-rebellion/ar-AAxV6RA?ocid=spartanntp
27Paraphrased lines from movie and TV:
Router on… router off. – Karate Kid.
28Do or do not! There is no why! – Yoda in Star Wars
Grasshopper, turn off, then turn back on. – Kung Fu
There’s a good article at Daily Kos about the “missing” children:
https://www.dailykos.com/stories/2018/5/28/1767733/-Please-Stop-Sharing-That-Story-About-1500-Kids-A-PSA-by-Josie-Duffy-Rice
Summary at the end of the article: “There are two things going on: 1) HHS doesn’t know where 1500 unaccompanied minors are. 2) We are separating parents and children at the border… DON’T conflate the two things.”
The article makes some important points:
(i) Unaccompanied minors were unaccompanied when they arrived in the US; i.e., they were alone, not with their parents. These children are in a different category than the children unconscionably separated from their parents at the border.
(ii) ORR (Refugee Resettlement) in HHS has jurisdiction over the unaccompanied minors. Prior to this month, the ORR did NOT share information with ICE in DHS. The Trump administration has now instituted a program that allows ICE to perform background checks on the minors’ sponsors.
(iii) HHS only attempted to locate the children via phone, with no more in-depth research.
(iv) ORR tries to place unaccompanied children with immediate family or relations already in the US. If these sponsors are undocumented, or even documented, they will probably be wary of answering phone calls from immigration authorities in the current political environment.
(v) Finally, to quote from the article: “What we’re demanding is that ORR, which works hand in hand with ICE, ‘keep better track’ of kids they basically would like to deport if [given] the chance… You don’t want this. I promise you don’t.”
The author seems to know what she’s talking about–she’s a lawyer and she’s friends with immigration lawyers.
29@TheoLib #29: Thanks very much!
30My “router” lives in the basement. It has so many buttons and switches that I am sure if I punch one, a major holocaust will occur somewhere eon the planet.
As for the missing kids, define “missing”. HHS actually has info but due to the totally out of bounds actions of ICE, no wonder no one is answering the phone in the homes where the children are located. Hell, ICE has even run up a record of deporting actual American citizens with proof of their citizenship, as in “born here.” Check it out. Its no secret.
31