UPnP — in a perfect world it would have been the answer to many connectivity headaches as we add more devices to our home networks. But in practice it the cause of a lot of headaches when it comes to keeping those networks secure.
It’s likely that many Hackaday readers provide some form of technical support to relatives or friends. We’ll help sort out Mom’s desktop and email gripes, and we’ll set up her new router and lock it down as best we can to minimise the chance of the bad guys causing her problems. Probably one of the first things we’ll have all done is something that’s old news in our community; to ensure that a notorious vulnerability exposed to the outside world is plugged, we disable UPnP on whatever cable modem or ADSL router her provider supplied.
Continue reading “UPnP, Vulnerability As A Feature That Just Won’t Die”
Where’s Cardboard Snowden?
On the last day of DEF CON, I talked to some charity hackers, checked out the lockpicking village, and learned how insecure my router is in the wireless village.
Continue reading “DEF CON: Hacking Charities and Routers”
You may have already heard that Chrysler is planning to provide in-car wireless internet access to its vehicles. If not, expect to hear more about it later this year when the requisite hardware becomes a sales-floor option, or next year when it becomes factory standard for some cars.
We can’t say it’s a bad idea, it’s just not a new one. Plenty of commercial portable routers are available, but they still need a modem and data plan to provide internet access. For internet access and wireless routing, look to [Nate True]’s cellphone-router combo, which uses a spare Nokia cellphone and a highly modded Wi-Fi router running OpenWRT. [True] has made it easy by providing the instructions and necessary custom code, but it seems like a lot of effort for a relatively slow connection. We think the original Stompbox is still the most fun since it has the speed of commercial devices and an open x86 OS to modify.