32C3: Beyond Your Cable Modem

[Alexander Graf] gave an absolutely hilarious talk at 32C3 about the security flaws he found in cable modems from two large German ISPs. The vulnerability was very serious, resulting in remote root terminals on essentially any affected cable modem, and the causes were trivial: unencrypted passwords in files that are sent over TFTP or Telnet to the modems, for instance.

While [Alexander] was very careful to point out that he’d disclosed all of these vulnerabilities to the two German cable ISPs that were affected, he notably praised one of them for its speedy response in patching up the holes. As for the other? “They’d better hurry up.” He also mentions that, although he’s not sure, he suspects that similar vulnerabilities are present in other countries. Oh dear.

A very interesting point in the talk is the way that [Alexander] chose to go about informing the cable ISPs. Instead of going to them directly and potentially landing himself in jail, he instead went to the press, and let his contacts at the press talk to the ISPs. This both shielded him from the potential initial heat and puts a bit of additional pressure on the ISPs to fix the vulnerability — when the story hits the front page, they would really like to be ahead of the problem.


There’s even a bone for you die-hard hardware hackers out there who think that all of this software security stuff is silly. To get the modem’s firmware in the first place, at minute 42 of the talk, [Alexander] shows briefly how he pulled the flash chip off the device and read it into his computer using a BeagleBone Black. No JTAG, no nothing. Just pulling the chip off and reading it the old-fashioned way.

If you’ve got an hour, go watch [Alexander]’s talk. It’s a fun romp through some serious vulnerabilities.

Hackaday Links: April 20, 2014


[Josh] hit the same issue we’ve faced before: cable modems don’t match a form factor and usually don’t make themselves easy to mount on something. We could complain about routers as well, but at least most of those have keyhole slots so you can hang them on some screws. Inspiration struck and he fabricated his own rack-mount adapter for it. Velcro holds it in place, with a cutout bezel to see the status lights and an added fan to keep things cool.

Here’s a pair of strange but possibly interesting ones that were sent in separately. The first is an analysis of how much energy short-run CNC prototyping consumes versus traditional manufacturing. The other is an article that [Liz] wrote about getting started with CNC mill bits. She says she compiled all that she learned as she was getting started in the field and wants to save others the effort.

This one goes back several years, but who doesn’t love to hear about a voice-controlled wheelchair?

So you can solder QFN parts but you can’t hammer a nail straight into a piece of wood? The answer, friend, is a laser guided hammer. Someone hire this [Andybot] person, because the solution to the problem shows the ability to out-think an interesting dilemma: how do you put a laser in a hammer head and still use it to hit things?

We’ve seen a lot of these long-range WiFi hacks over the years. This one is worth looking at because of the work done to create an outdoor mount that will stand the test of time.

And finally, we’re still really fond of this 2-bit paper processor that helps you wrap your brain around what’s going on with those silicon wafers that rule our everyday lives. [glomCo] liked it as well, and actually coded an emulator so that you can play with it without printing anything out on paper. We think it takes away some of the fun, but what an excellent programming exercise!