[ale] OT critical vulnerabilities in ASUS routers
Jim Kinney
jim.kinney at gmail.com
Fri Jul 19 10:10:16 EDT 2013
The flip side of that is, most (l)users can barely read enough to know what
only-fits-one-way plug goes where. so asking (l)users to have some
responsibility for what the devices they buy and put on the interwebs is
like asking a 5th grader to perform their own appendectomy.
The fault with weak products connected lies with marketing. Marketing still
tries to make things out like it's just plug-n-play. THERE'S NO SUCH THING!
Once the sheeple figure out," Hey! Sysadmins save my bacon daily!", then
maybe the sheeple will understand that marketers lie worse that politicians
and EVERYTHING requires maintenance so they need to have a sysadmin around
often or they have to learn how to do it themselves. That will be the point
the manufacturers have to start making things easier to
fix/upgrade/maintain instead of plug-n-pray disposable technology; i.e. -
enough people start buying ONLY the stuff that's easily fixable. Then the
manufacturers start actually supporting projects like DD-WRT, et al. so the
updates will always work on their hardware.
Case in point: look at the kernel commits from Dell, IBM, Intel and AMD.
They want to sell hardware so they pitch in to make sure the kernel has the
best available knowledge.
On Fri, Jul 19, 2013 at 9:10 AM, Charles Shapiro <hooterpincher at gmail.com>wrote:
> Oh fer Pete's sake. It took me less than an hour to put decent
> Open-Source firmware on my device and get it properly configured. The
> 3rd-party stuff was way better laid out and easier to understand than the
> garbaggio that Asus had on there. This is just part of your responsibility
> when you connect to the internetz.
>
> -- CHS
>
>
>
> On Thu, Jul 18, 2013 at 1:57 PM, Jim Kinney <jim.kinney at gmail.com> wrote:
>
>>
>>
>>
>> On Thu, Jul 18, 2013 at 1:36 PM, Ron Frazier (ALE)
>>
>>> the billion dollar manufacturers can't / won't get it right and keep the
>>> device updated.
>>
>>
>> This will ALWAYS be an issue with embedded OS systems. There is NO
>> solution other than to reflash a new embedded OS onto it. At least there
>> are options like tomato and other DDWRT derivatives. Think about the poor
>> schlub who has no skillz and a router that lets in Mr NotNiceGuy.
>>
>> The alternative is to buy a new gizmo. That's the plan from the company
>> (although many do update firmware but only provide info on flashing from a
>> windblows platform) as it sells another gizmo.
>>
>> Ah the curse of capitalism in manufacturing: must make it good enough to
>> sell and bad enough that it will be replaced often but not so bad that
>> buyers hate you and find alternatives.
>>
>> --
>> --
>> James P. Kinney III
>> *
>> *Every time you stop a school, you will have to build a jail. What you
>> gain at one end you lose at the other. It's like feeding a dog on his own
>> tail. It won't fatten the dog.
>> - Speech 11/23/1900 Mark Twain
>> *
>> http://electjimkinney.org
>> http://heretothereideas.blogspot.com/
>>
>> *
>>
>> _______________________________________________
>> Ale mailing list
>> Ale at ale.org
>> http://mail.ale.org/mailman/listinfo/ale
>> See JOBS, ANNOUNCE and SCHOOLS lists at
>> http://mail.ale.org/mailman/listinfo
>>
>>
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>
>
--
--
James P. Kinney III
*
*Every time you stop a school, you will have to build a jail. What you gain
at one end you lose at the other. It's like feeding a dog on his own tail.
It won't fatten the dog.
- Speech 11/23/1900 Mark Twain
*
http://electjimkinney.org
http://heretothereideas.blogspot.com/
*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20130719/239d430e/attachment.html>
More information about the Ale
mailing list