[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Default SSL Keys in Multiple Routers
- To: Michal Zalewski <lcamtuf@xxxxxxxxxxx>
- Subject: Re: [Full-disclosure] Default SSL Keys in Multiple Routers
- From: "Thor (Hammer of God)" <thor@xxxxxxxxxxxxxxx>
- Date: Mon, 20 Dec 2010 16:36:15 +0000
LOL. Yeah, it seems like I get myself in this cycle of "OMG, really?" followed
by "maybe people are starting to learn" and then back to disappointment.
To be honest, this was something that I never really considered (shared,
persistent keys on routers). In hindsight, it seems like an obvious concern,
but it is still interesting.
t
> -----Original Message-----
> From: Michal Zalewski [mailto:lcamtuf@xxxxxxxxxxx]
> Sent: Monday, December 20, 2010 8:16 AM
> To: Thor (Hammer of God)
> Cc: Craig Heffner; full-disclosure@xxxxxxxxxxxxxxxxx
> Subject: Re: [Full-disclosure] Default SSL Keys in Multiple Routers
>
> > These manufacturers use the same key on each of their models? That
> > seems ridiculous to me...
>
> As a person who had a Siemens AP / router with a hardcoded, hidden
> "management" account on it, I find your surprise entertaining ;-)
>
> Craig, cool project.
>
> /mz
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/