On Tue, 29 May 2018 20:08:37 -0000 (UTC), Jerry Peters
Jeff Liebermann wrote:
Thanks to media attention, the FBI has provided me with a busy day or
two. According to the press release, we're expected to reboot every
router to flush out the malware the evil Russians have installed:
The list of affected routers is rather small:
Easy enough. What could possibly go wrong?
Well, some experts, news agencies, and pundits have mixed up "reboot"
with "reset" your router. Instructions are provided for inserting
paper clips and sharp instruments into any available hole in the back
of the router. Few seem to offer assistance in identifying which box
is the router. Doing a reboot will preserve the router settings.
Doing a reset will wipe them clean and precipitate a support call (to
me). So far, I only have 2 router reconfigurations on my schedule for
today, but I'm sure there will be more.
Therefore, I would like to thank everyone involved for generating the
work, and special thanks to Comcast and AT&T for disabling customer
firmware updates and save settings in their gateways and routers.
Update: I just received a phone call asking which box is the router.
This is going to be an interesting day.
 The probable culprit is the various Comcast VoIP gateways that
have an optional built in backup battery. In order to reboot these,
it is necessary to unplug the power from the gateway, remove the
battery for about 15 seconds, plug the battery back in, plug the power
back in, and watch the lights come sloooooowly back on.
Watched to local news last night, anyone following their instructions
will *reset* his router to the defaults.
Yep. That's because the average reporter or announcer doesn't know
the difference between reboot, reset, restart, power cycle, cold boot,
hot boot, etc. Little surprise because the older computahs had a
button labeled "reset" that did a "reboot". However, when the button
moved to modems and routers, it did both a reset (wipe all settings),
and a reboot (restart the OS). I partly solved the problem by
covering the hole with a round label inscribed with "$35" which is
what it will cost them to have me drive over to their office and put
Humpty Dumpty back together again.
Of course, nothing happens without a suitable conspiracy theory. In
this case, I must ask why the FBI insisted that everyone reset their
routers when only a few models are susceptible. Also, ISP's like
AT&T, can easily reboot their customers routers using SNMP. My
initial guess was that the FBI thought it better to be sure than sorry
when dealing with credential sniffing malware. However, the FBI has
never been known for such lofty sentiments. My guess(tm) is that this
may well be the first technical action in recent memory that the FBI
has performed mostly correctly. They may need the good publicity it
brings to compensate for the general impression of gross incompetence
demonstrated by the Apple iPhone unlocking fiasco.
Unfortunately, my prediction of personal economic enrichment may have
been premature. National Reboot Your Router Day has produced only two
paying service calls and a few unprofitable phone calls and emails.
Very disappointing. Still, I predict additional press releases in the
future by the FBI to remind us that we're being successfully protected
from the machinations of the Russians.
See the "Gell-Mann Amnesia Effect" for further details.
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558