I love this sorta stuff! I once had my blog hosted on a docker container on my Robot Vacuum. I switched back to a saner host when I started getting uptime alerts when the vacuum went under my bed and lost wifi signal!
text of tweet: So I bought a networked printer recently and as you do decided to try connecting to it a few different undocumented ways. I tried telneting to it. It turns out that whatever you type, it prints typewriter style. That was a pleasant and hilarious surprise. #internetofshit
a slightly different (but close enough) Hitachi CPU also powered the Cybiko - a wacky games console few have heard of. I tried writing a disassembler for that particular cpu a while back. Was an interesting platform and oh man the documentation at least to me was gorgeous: github.com/kn100/cybemu/
“The concept for the device emerged from social research conducted in six countries, which identified a need for digital communication among youth. … a radio protocol was patented. This protocol allowed up to 3,000 Cybiko devices to form a network without using auxiliary stations.”
Smartphones can form mesh networks with WiFi, but neither of the duopoly OSes have this as a built-in feature, it's left to apps, and that fragments the potential. The most powerful radio isn't user-controllable, it's strictly pay-to-play and operating a base station is heavily licensed, no peer-to-peer activity is possible.
This is something I'd like to see disrupted, although I'm not holding my breath. I don't like that grid failure or (more likely) government order can knock smartphones off the network so easily as they can.
Back in the days (very early 2000s), Amsterdam got WLAN network called Wireless Oost. This gave people in Amsterdam Oost wireless internet access throughout the neighborhood, without needing cable internet from A2000 (later merged with Chello, who merged with UPC, who merged with Ziggo, all the time owned by a certain company known as Liberty Global (you might have heard of them)). It also served as a (W)LAN. Back then, the local computer club ASCII (comprised of political activists and such, predecessor of the hackerspaces) had a cargo bike called Bakscii (derived from Dutch world of cargo bike (bakfiets) and ASCII). This provided WLAN access at demonstrations and such. It was a neat project which Internet Archive likely still holds.
I was never directly involved with said project, btw, but I knew all of the people who were. Nowadays, I live near Amsterdam and will get 1 gbit symmetric fiber internet soon (most of NL already has access to it). I use a Wireguard tunnel to connect via any network (LTE/NG/WLAN) via my home network which runs Pi-Hole. My point being, security has improved, but there is a constant: wireless internet usage can be triangulated, eavesdropped, and clients can be tracked. It is something we need to live with. Every time I leave my smartphone at home even for something as small as picking up my kids at school or sports I feel good. However I can easily be tracked by all the doorbell cameras in the street.
We are done with subversion on the internet. It is over, a done deal. I've given up many years ago, and eventually I also embraced the thought of such. If you want some private time together go to some cave in Turkey or whatever.
I mean, it was not a smartphone but a PDA and it ran Linux: Sharp Zaurus. I owned a CL1000 (later on I went to Nokia N810, though in hindsight the N800 was just as cool with dual SD). Magnificent devices, and back then I liked they didn't have GPRS or 3G. Such was slow anyway (and expensive connection) so I felt that saved me money. Besides, the WWW was dominated by MSIE. And no GSM meant to me less tracking.
The goal was to have a web browser (chromium) able to 'guess' stuff about what response it will get from the network (ie. Will the server return the same JavaScript blob as last time). We start executing the JavaScript as-if the guess is correct. If the guess is wrong, we revert to a snapshot.
It lets you make good use of CPU time whilst waiting for the network.
It turns out simple heuristics can get 99% accuracy on the question of 'will the server return the same result as last time for this non-cachable response'.
However, since my machine has many CPU cores it made sense to have many 'speculative' copies of the browser going at once.
A regular fork() call would have worked, if not for the fact chromium is multi thread and multi process, and it's next to impossible to fork multiple processes as a group.
Terrifying, I love it :) How was the performance in the end? Did you get a good speculation success rate?
It'd be cool to predict which resources are speculation safe (ie the cache headers don't permit it, but the content in practice doesn't change) and speculate those resources but not ones which you have repeatedly had a speculation abort (ie actual dynamic resources). If your predictor gets a high enough hit rate, you could probably do okay with just a single instance/no snapshot and use an expensive rollback mechanism (reload the whole page non-speculatively?).
Sorry if I'm being thick, but why not just cache the response?
If you are guessing at the data anyway, what's the difference?
Why set up an entire speculative execution engine / runtime snapshot rollback framework when it sounds like adding heuristic decision caching would solve this problem?
Sounds like they were caching it since they could execute it before getting the response. The difference is that they wanted to avoid the situation where they execute stale code that the server never would've served. So they can execute the stale code while waiting for the response then either toss the result or continue on with it once they determine if the server response changed.
Great read, and fantastic investigation. Also nice to see a story of some big corp not going nuclear on a security researcher.
I can't say for certain, and the OP if they're here I'd love for you to validate this - but I'm not convinced requests to the local admin interface on these Nokia routers is properly authenticated. I know this because I recently was provisioned with one and found there were certain settings I could not change as a regular admin, and I was refused the super admin account by the ISP. turns out you could just inspector hack the page to undisable the fields and change the fields yourself, and the API would happily accept them.
if this is the case, and an application can be running inside your network, it wouldn't be hard to compromise the router that way, but seems awfully specific!
> Cox is the largest private broadband provider in the United States, the third-largest cable television provider, and the seventh largest telephone carrier in the country. They have millions of customers and are the most popular ISP in 10 states.
That suggested to me that we shouldn't have ISPs that are this big. Cox is clearly a juicy target and a single vulnerability compromises, as an example from the article, even FBI field offices.
> After reporting the vulnerability to Cox, they investigated if the specific vector had ever been maliciously exploited in the past and found no history of abuse
Feel like author should have written "...they claimed to have investigated...".
I think the author wrote it up factually. Readers can make their own inferences, but Cox did share with him that the service he exploited was only introduced in 2023. Which suggests the security team did do some investigating.
I'm sure* they don't keep raw request logs around for 3+ years. I know what next steps I'd recommend, but even if they undertook those, they're not sharing that in the ticket.
(just based on industry experience; no insider knowledge.)
The point is the statementay or may not be accurate. From a journalistic perspective, unless Cox provided evidence or the author was able to otherwise independently verify the claim, it's a claim, not a fact. The comment is a good suggestion.
afaik they're basically the same thing. The need to stir comes from peanut butter that is literally nothing other than minced peanuts. Brands like Jif and the such add a bit of palm oil, salt, and whatever else which I guess helps to stabilize the mixture and make oil separation less likely. "pure" peanut butter like the kind the author likes here is available just the same in the UK with exactly the same problem!
