lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <200406011909.i51J94cX003880@turing-police.cc.vt.edu>
Date: Tue, 01 Jun 2004 15:09:04 -0400
From: Valdis.Kletnieks@...edu
To: steffen.mueller@...ion-it.de
Cc: bugtraq@...urityfocus.com
Subject: Re: LinkSys WRT54G administration page availble to WAN

On Tue, 01 Jun 2004 16:43:05 +0200, Steffen Mueller <steffen.mueller@...ion-it.de>  said:

> did you check the alternative firmwares available for the Linksys ?
> 
> Great enhancements are available from SVEASOFT. 
> 
> http://www.sveasoft.com/modules/phpBB2/index.php

I haven't looked, but all the same, it's probably insanely great.

The problem is that 95% of the people that buy a Linksys couldn't figure out
how to jump through all the hoops to install it.

Sure, Alan can install it.  And probably a few dozen others on the list will be
motivated to do the firmware upgrade.  However, if Linksys sold 5 million of
these critters, that leaves 4,999,950 or so with lame defaults....

Consider another example - it's *quite* possible to nail down a Windows box to
drastically tighten the security on it.  Why do we still have problems? Because
it isn't that way "out of the box", and users can't/won't do it after unboxing
it....


Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ