How safe wifi routers can be? In a world where the Internet is another human habitat who knows what can lurk there. And here comes your stronghold router. Editors from German magazine Chip and experts from IoT Inspector have put to test for vulnerabilities the most popular routers. The results turned out to be negatively exceeding.
Researchers have put to test nine major routers` manufacturers
The major problems that those tested routers had in common was an outdated operating system, i.e. Linux kernel. It’s quite understandable as the integration of a new kernel into the firmware costs too much. Every tested manufacturer failed on this one the most. Also the device software that often relies on standard tools like BusyBox showed itself outdated in many devices. Apart from the routing, additional services like VPN or multimedia functions made up the major part of negative results.
“The test negatively exceeded all expectations for secure small business and home routers. Not all vulnerabilities are equally critical – but at the time of the test, all devices showed significant security vulnerabilities that could make a hacker’s life much easier,” as says Florian Lukavsky, CTO of IoT Inspector.
A thorough security test under laboratory conditions resulted in 226 potential security vulnerabilities found in TP Link, Linksys, Synology, D-Link, Netgear, Edimax, AVM and Asus. TP-Link(TP-Link Archer AX6000) and Synology (Synology RT-2600ac) scored 32 vulnerabilities together.
The test team contacted all manufacturers of the routers involved and gave them the opportunity to respond. Every one of them with no exception prepared firmware patches which cybersecurity specialists urgently advise users to apply. Especially if they do not have an activated automatic update function. In the wake of the results the new German government plans to impose more strict rules for manufacturers in case of damage remiss caused by IT security vulnerabilities in their products.
The IoT Inspector Research Lab added also a detailed write-up on extracting routers `encryption keys
In their blog the IoT Inspector Research Lab also added a detailed technical write-up on how they extracted an encryption key for a subset of D-Link routers during the test. It’s quite an interesting thing to read even for non-encryption enthusiasts, one must say. For the research they used D-Link DIR-X1560, a device of the same router generation as D-Link DIR-X5460 which IoT Inspector have put to test in recent Wi-Fi router security check.
Obviously the researchers could not immediately extract the encryption key so they needed to find a workaround here. The first method researchers explained with an older firmware image that hasn’t been encrypted yet. They say it’s most likely that the older firmware version would be present before the encryption is introduced. Here they could check if the key can be extracted from there.
Another technique they propose lies in direct read of the device’s physical flash memory. They explained that in the flash manufacturers leave the firmware not encrypted. The scheme works so that they take one of the devices apart, desolder the flash memory, cast aside this, and read out the filesystem. However they add this method is destructive, wasteful and expensive. The whole write up on extracting Decryption Keys for D-Link you can find by the link included.