Many thanks to SWLing Post contributor, Ed, who writes:
I’m wondering if SWLing Post readers who use Imperial Dabman web
radios might want to read about this serious security vulnerability.(Source: Threat Post)
Attackers can drop malware, add the device to a botnet or send their own audio streams to compromised devices.
Imperial Dabman IoT radios have a weak password vulnerability that could allow a remote attacker to achieve root access to the gadgets’ embedded Linux BusyBox operating system, gaining control over the device. Adversaries can deliver malware, add a compromised radio to a botnet, send custom audio streams to the device, listen to all station messages as well as uncover the Wi-Fi password for any network the radio is connected to.
The issue (CVE-2019-13473) exists in an always-on, undocumented Telnet service (Telnetd) that connects to Port 23 of the radio. The Telnetd service uses weak passwords with hardcoded credentials, which can be cracked using simple brute-forcing tactics. From there, an attacker can gain unauthorized access to the radio and its OS.
In testing, researchers said that the password compromise took only about 10 minutes using an automated “ncrack” script – perhaps because the hardcoded password was simply, “password.”
Click here to read the full article at Threat Post.
Thank you for the tip, Ed!
Such problems are quite typical for many components that contained an “embedded” computer and are connected to the Internet:
* The developers use a computing component “out of the cookbook” without worrying about these problems.
* Neither is there an update mechanism for the operating system in these devices nor does the manufacturer worry about last season’s products.
Normal users cannot do very much. But you can protect your computers and data quite easily:
* Get a WLAN router with a WAN (wide-area network) connector.
* Connect the WAN connector to a LAN connector of your standard WALN router.
* In the new router give the WAN connctor an address of your present LAN.
* Have the new router create another LAN with a different address space, for example 192.168.178.* if your present router uses 192.168.177.*
* Connect components like this radio to the “outer” LAN (192.168.177.* in the example).
Now the IoT device cannot access your normal equipment easily.
One of the major advantages of radio is that it is a one way communications system. So if the broadcaster keeps any publicly accessible computer systems away from those used to produce and distribute program. This makes radio free of hacking.
Your have shown an enormous hole in the security. With netcasting the fake news can be easily spread even if the listener doesn’t want it!
Fortunately there are still digital radios without netcasting reception. In radio the closest to this is jamming which is like having one person talking and the other shouting or just another loud noise source. Jamming in DRM will just prevent reception. The shorter range of DAB+ means that the jammer has to be within the listeners’ country. Thus radio direction finding can locate the source.