BT Home Flub Pwnin The BT Home Hub (3)
Here are the news: it seems that BT is restricting/crippling the remote assistance feature as a result of the vulnerabilities we reported. I personally found the following statement interesting:
A BT spokesman said service will be unaffected by disabling the feature, since support can still access the Home Hub using the separate Remote Access feature.
Something tells me that this "separate Remote Access feature" will also be open to abuse if not locked down properly. Furthermore, some of the vulnerabilities we found (which we forwarded to BT) can still be exploited even if the Remote Assistance featured is removed.
For those who missed it, Dave Hughes, BT's director of wireless broadband, labeled the Home Hub vulnerabilities we discovered as theoretical last Wednesday on a BBC Radio 4 show. Nothing could be further from the truth. I can only hope that Mr Hughes, simply wasn't informed correctly by BT, as opposed to spreading missinformation for the sole purpose of protecting BT's public image. Instead, it would have been more appropriate (in my humble opinion) to admit there are SERIOUS security issues with the BT Home Hub, and explain that BT is working on fixing the PRACTICAL issues. I hope that BT appreciates that we are not providing exploit code until we confirm that the issues have been fixed, for the purpose of protecting BT customers. If the issues were really theoretical we would have published the full details already.
Hopefully, this is not a half-baked fix. Our test BT Home Hub should be upgraded to the new firmware 6.2.6.B soon which we will test with the new FON service. The question is: will the new firmware be still affected by some of the vulnerabilities we found? If not, have new vulnerabilities been introduced with the new firmware? Look out for new information coming up on GNUCITIZEN regarding our results after testing the new firmware!
If your Home Hub hasnâ€™t yet been upgraded after one month, the following advice will help you to receive the upgrade as quickly as possible: * Leave your Hub switched-on, including at night * If you have set up the DMZ / 'Assign public IP address to Hub' feature in the Games & Application Sharing section of the Hub Manager, your Home Hub will not be automatically upgraded. To receive an upgrade, disable the feature and leave your Hub switched on. The feature can be re-enabled after the Home Hub has been upgraded. Your BT Home Hub should then be upgraded within the next 7 days.How many users will not realise that their hub will never be updated because they have the 'Assign public IP address to Hub' feature enabled? Kind Regards Simon