SHODAN Researches DD-WRT Vulnerability – /dev/ttyS0

John Matherly of SHODAN fame and Dan Tentler from Aten Labs teamed up to research the DD-WRT information disclosure vulnerability we released back in December. The results show that approximately 10% of remotely accessible DD-WRT routers were both vulnerable to the attack and could be geo-located based on the information… Continue reading

Breaking SSL on Embedded Devices – /dev/ttyS0

No, this is not some new SSL vulnerability. In fact, it’s a really old vulnerability, as old as cryptography itself: keep your secret keys secret. A lot of embedded devices provide HTTPS support so that administrators can administer the devices securely over untrusted networks. Some devices, such as SSL VPNs,… Continue reading