[OpenWrt-Devel] MIPS stack security and other problems
dave at taht.net
Tue Dec 18 10:05:41 EST 2018
Hauke Mehrtens <hauke at hauke-m.de> writes:
> On 12/17/18 1:54 AM, Dave Taht wrote:
>> A pretty deep look at home MIPS and arm routers, and a surprising bug in Linux/MIPS - by mudge and co:
>> I have no idea if current openwrt, or what prior releases... are subject to
>> the problems they outline.
> In the second paper "Build Safety of Software in 28 Popular Home Router"
>  they checked the "security" of multiple popular devices, by checking
> if they activate ASLR, Non stack Exec, Relro and stack guards. The best
> device was the Linksys wrt32x and this is based on OpenWrt with not so
> many modifications. ;-) Just something like Samba downgrade to 3.0.37.
> The paper also wonders why the other Linksys devices like the wrt1900ac
> are much worse, but they probably do not use OpenWrt or a much older
> version. The GPL source code tar.gz of the Linksys wrt32x, begins with
> cloning from https://github.com/openwrt/openwrt.git
> It is also interesting how different this approve to security checking
> is to what the German BSI published in the "BSI TR-03148: Secure
> Broadband Router:" .
> You can build a device which scores 100% in the one and 0% in the other,
> there is no overlap. ;-)
It isn't really something I can put smiley faces about.
How many of the 28 can be reflashed with modern openwrt?
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
More information about the openwrt-devel