Eee PC hacked out of the box? Pfft.
In the news aggregator we use here I saw a post before the weekend entitled: ASUS Eee PC rooted out of the box. I bookmarked it for today but honestly thought nobody else would see it and if they did, they would see how flimsy the whole thing was and not bother reposting it.
But it turns out that Rise Security, who say they were founded in 2004, yet did not purchase their domain until mid-2006 — in other words: liars or idiots, were taken extremely seriously. But why?
The article’s premise is that they can “hack” a stock Eee PC because it runs a vulnerable version of the Samba server. But I can’t see how this would ever be an issue.
Say you buy one, take it home and turn it on. Are you going to get hacked there and then? No. You don’t have your networking set up. So you turn on WiFi for the first time and connect to the internet. The Eee PC checks for updates (including a patch for Samba). Theoritically if you had somebody inside your network that knew your IP and knew it was a stock Eee PC, they could, theoretically, brute your Samba server.
What’s more likely is you download a few updates and you’re nigh-on-immediately safe.
And this “out the box” thing is nuts. Every OS disk a few months behind the latest patches is horribly insecure. That’s why we have updates people!
February 20th, 2008 at 5:58 am
Do you think everybody will do auto update?
Do you know that there are millions of worms out there on the internet always auto attacking and pwning using known vulnerabilities?
Do you know that universe produce more idiots everyday ?
Can you see the issue now? If not you will be one of the byproduct of universe , see above.
February 20th, 2008 at 8:23 am
As I understood it, worms aren’t a threat to home users behind a wireless router (as an Eee PC user would be) unless the relevant exploitable port (samba’s in this case) was forwarded to the new machine unless there was a pre-existing worm running inside the network.
I’ve got to agree with Carl. This isn’t “out the box hacking” it’s a theoretical what-if that can only be exploited in lab conditions where you purposefully don’t install updates and you have an exploit sitting there ready to run inside the network. It’s crazy.
And security patches are applied without any user interaction by default, no?
February 21st, 2008 at 6:14 am
[…] Carl at CandyFOSS doesn’t think this could realistically be exploited, but I’m not so sure. […]
March 31st, 2008 at 12:16 pm
Wrong , User have to do update . They are not applied without any user interaction.
Not all the PC are under Router or Firewall AND MOST ADSL / WIRELESS Routers are configured to access internally / externally + with DEFAULT PASSWORDS!
Last month I Just Scanned in my ADSL subnet and 83 of 102 Routers are with Admin / Admin or any other default router login . What i do is just forward the port i want to play from that router . and do watever i want to that port.
As julie have checked , there is not even patch released for samba exploit , Carl , u giving wrong information to public that it does auto update to patch samba exploit .
Thats why , it says “Small Knowledge is Very dangerous.” .