[OpenWrt-Devel] MIPS stack security and other problems

[Hauke Mehrtens]

On 12/17/18 1:54 AM, Dave Taht wrote:
> 
> A pretty deep look at home MIPS and arm routers, and a surprising bug in Linux/MIPS - by mudge and co:
> 
> https://cyber-itl.org/2018/12/07/a-look-at-home-routers-and-linux-mips.html
> 
> I have no idea if current openwrt, or what prior releases... are subject to
> the problems they outline.

In the second paper "Build Safety of Software in 28 Popular Home Router"
[0] they checked the "security" of multiple popular devices, by checking
if they activate ASLR, Non stack Exec, Relro and stack guards. The best
device was the Linksys wrt32x and this is based on OpenWrt with not so
many modifications. ;-) Just something like Samba downgrade to 3.0.37.
The paper also wonders why the other Linksys devices like the wrt1900ac
are much worse, but they probably do not use OpenWrt or a much older
version. The GPL source code tar.gz of the Linksys wrt32x, begins with
cloning from https://github.com/openwrt/openwrt.git


It is also interesting how different this approve to security checking
is to what the German BSI published in the "BSI TR-03148: Secure
Broadband Router:" [1].
You can build a device which scores 100% in the one and 0% in the other,
there is no overlap. ;-)

Hauke


[0]:
https://cyber-itl.org/assets/papers/2018/build_safety_of_software_in_28_popular_home_routers.pdf
[1]:
https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/TechnischeRichtlinien/TR03148/TR03148.pdf?__blob=publicationFile&v=2

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://lists.infradead.org/pipermail/openwrt-devel/attachments/20181218/067e8170/attachment.sig>
-------------- next part --------------
_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel