Results 1 to 4 of 4

Thread: I Flamed The Editor of The INQUIRER!

  1. #1
    Techzonez Governor Super Moderator Conan's Avatar
    Join Date
    Apr 2002
    Location
    Philippines
    Posts
    4,343

    Talking I Flamed The Editor of The INQUIRER!

    I read this article of The Inquirer:

    http://www.theinquirer.net/?article=16298

    So I flamed the Editor cause I was also using a Linksys BEFSR41 Router and I had just updated my firmware last April 2004. Here is the e-mail exchange:


    -----Original Message-----
    From: Conan
    Sent: 07 June 2004 16:16
    To: mike.magee@theinquirer.net
    Subject: Linksys Router Article


    You must be a complete idiot at searching for BEFSR41 firmware. My BEFSR41 is using firmware created on April 1, 2004. http://www.linksys.com/download/firmware.asp?fwid=183

    ----------------------------------------------------------------

    Mike Magee wrote:

    I am not a complete idiot, only 92% an idiot. But I'll forward your tasty little morsel to Fernando, who wrote the article, who can answer for himself.

    Mike Magee

    ----------------------------------------------------------------

    [Note to editor: Oh Sheesh!!]
    Dear Reader:

    FYI: There are three flavors of the Linksys BEFSR11 (and BEFSR41) routers.

    There is hardware "version 1", "version 2" and "version 3". The "version 3" was produced AFAIK after Linksys was engulfed by Cisco. That April 1, 2004 firmware is for VERSION 3 hardware ONLY. If you read the exploit linked from my original article you will find in the comments the phrase "tested against a fully patched BEFSR41" and that exploit is dated mid-may. Chances are, whoever wrote it tested it against a BEFSR41 but of the "v2" or "v1" hardware revision variety.

    There are thousands of "v2" and "v1" BEFSR41 and BEFSR11 in use around the world right-this-minute (like mine), and those WERE OPEN AND VULNERABLE to the BOOTP/memleak security hole. At the moment I wrote the original article the firmware for v1 and v2 routers was not updated by Linksys since mid-2003.

    Only on June 3, 2004 (one day after our article) did Linksys acknowledge the issue and promised an update for v1 and v2 hardware, which was released finally yesterday June 7th. That's why there's now firmware version 1.45.11, dated Jun 03 2004. Which fixes not only the BOOTP sniffing hole but several others.

    I invite you to read the follow-up article at

    Linksys routers can't be sniffed at no more
    Firmware upgrades for all
    http://www.theinquirer.net/?article=16416

    I also invite you to please not call our editor an idiot, as that is reserved for INQ staff only.

    Thanks for reading and taking the time to amuse us.

    Fernando Cassia



    Last edited by Conan; June 8th, 2004 at 11:17 AM.

  2. #2
    Super Moderator Super Moderator Big Booger's Avatar
    Join Date
    Apr 2002
    Location
    JAPAN
    Posts
    10,941
    Nice work Conan. Conan for Pres of Cisco!

  3. #3
    Old and Cranky Super Moderator rik's Avatar
    Join Date
    Aug 2003
    Location
    Watching Your every move...
    Posts
    4,688
    lmao

  4. #4
    Platinum+ Member z3n's Avatar
    Join Date
    May 2004
    Location
    Australia
    Posts
    621
    Quote Originally Posted by rik
    lmao
    <~ DiTo

    Time flies like an arrow. Fruit flies like a banana.~ Groucho

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •