Security

Sinister secret backdoor found in networking gear perfect for government espionage: The Chinese are – oh no, wait, it's Cisco again

Better ban this gear from non-US core networks, right?


Right on cue, Cisco on Wednesday patched a security vulnerability in some of its network switches that can be exploited by miscreants to commandeer the IT equipment and spy on people.

This comes immediately after panic this week over a hidden Telnet-based diagnostic interface was found in Huawei gateways. Although that vulnerability was real, irritating, and eventually removed at Vodafone's insistence, it was dubbed by some a hidden backdoor perfect for Chinese spies to exploit to snoop on Western targets.

Which, of course, comes as America continues to pressure the UK and other nations to outlaw the use of Huawei gear from 5G networks over fears Beijing would use backdoors baked into the hardware to snatch Uncle Sam's intelligence.

Well, if a non-internet-facing undocumented diagnostic Telnet daemon is reason enough to kick Huawei kit out of Western networks, surely this doozy from Cisco is enough to hoof American equipment out of British, European and other non-US infrastructure? Fair's fair, no?

US tech giant Cisco has issued a free fix for software running on its Nexus 9000 series machines that can be exploited to log in as root and hijack the device for further mischief and eavesdropping. A miscreant just needs to be able to reach the vulnerable box via IPv6. It's due to a default SSH key pair hardcoded into the software, as Cisco explained:

A vulnerability in the SSH key management for the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, remote attacker to connect to the affected system with the privileges of the root user.

The vulnerability is due to the presence of a default SSH key pair that is present in all devices. An attacker could exploit this vulnerability by opening an SSH connection via IPv6 to a targeted device using the extracted key materials. An exploit could allow the attacker to access the system with the privileges of the root user.

The blunder, labeled CVE-2019-1804, was discovered and reported by Oliver Matula of ERNW Enno Rey Netzwerke in cooperation with ERNW Research.

It's one of 40-odd security patches Cisco emitted on Wednesday, fixing all sorts of holes from privilege escalation flaws to denial-of-service weaknesses in its products. And it's not the first time Cisco's had to patch over security shortcomings in its gear.

Yes, everything has bugs, from Cisco to Huawei, and Ericsson to Siemens kit. It's important they get fixed. It's just rather odd to see the US administration lean on its allies to ditch Huawei gear apparently out of fears of Chinese snooping via backdoors when its own homegrown offerings are just as flawed and open to remote access.

It's one thing for a nation to say it only wants gear it can trust on its networks; it's another to publicly pressure other countries into dumping their hardware providers. It just adds weight to the argument that America is simply upset its corporations are being undercut by Huawei and other manufacturers in China. ®

Send us news
149 Comments
Get our Security newsletter

NASSCOM shakeup: Accenture's Rehka Menon becomes first woman to chair Indian IT trade org

Also, Dell and HP miss out on expanded board positions

Indian IT trade association and advocacy group National Association of Software and Services Companies (NASSCOM) has appointed Rehka Menon of Accenture as chairperson – the first woman to take the position in the organisation's history.

Continue reading

SpaceX flings another bunch of humans into orbit in reused capsule atop reused booster

Second jaunt to the International Space Station for Endeavour

SpaceX has launched the second operational Crew Dragon mission, sending another four astronauts to the International Space Station.

The capsule itself, dubbed Endeavour, already saw action during the Demo-2 mission in 2020 and the first stage of the Falcon 9 booster is also flight-proven, having first been used to launch the Crew-1 mission last year before safely returning to Earth in the usual crowd-pleasing fashion.

The launch had been delayed for a day due to unfavourable weather conditions along the flight path; while the launch site looked good, possible recovery areas were less ideal (should an abort be required, which it was not.)

Continue reading

We've finally hit Peak Bork: Microsoft man reveals home-grown welcome back BSOD at Redmond HQ

A treat for returning workers as meeting cancelled due to roomful of bork

Bork!Bork!Bork! Microsoft is famed for eating its own dogfood and this week chowed down on a bowl of fresh bork as its consulting boss encountered what we can only assume is the company's latest attempt to deal with Meeting Culture.

Ben Rudolph, chief of staff for Microsoft Consulting tweeted the screen of baleful blue that greeted him outside a room in Building 115 on the Microsoft's Redmond Main Campus.

The screen would normally cheerfully inform passersby of meetings due to happen or the gatherings already occurring within.

Continue reading

Penguin takeover: We tried running some GUI Linux apps on Windows the official way – and nothing exploded

Microsoft's own distro lurks under the covers and applications magically appear in the Start menu

Hands on Microsoft has released the first public preview of Linux GUI applications on Windows 10 – so we wasted no time in taking it for a spin around the block.

The ability to run GUI applications on Windows Subsystem for Linux 2 is not new – enthusiasts have been able to run them via separately installed X server utilities for years – but the arrival of official support is still something of a game changer. The official support is more ambitious and better integrated than the various unofficial approaches.

The preview comes via the Windows Insider Program, by which developers and enthusiasts can get an early look at forthcoming releases. The latest downloadable build is 21354, but the version that supports WSLg is build 21364, so in our case it was a matter of installing 21354 from an ISO image, logging in with a Microsoft account signed up as an Insider, and then waiting while the later build came down from Windows Update. We also chose to run it in a Hyper-V VM. To do this, it is necessary to enable nested virtualization since WSL also uses Hyper-V. That requires a PowerShell command from the host machine.

Continue reading

BOFH: Postman BOFH's Special Delivery Service

Back to the office we trudge, dragging our hooked tails behind us

BOFH logo telephone with devil's hornsEpisode 4 WE'RE BACK in the office – and I feel like I 'm only now just starting to feel the effects of COVID.

Continue reading

Something went wrong but we won't tell you what it is. Now, would you like to take out a premium subscription?

Get with the disruptive app design, granddad: meaningless errors are cool

Something for the Weekend, Sir? An error has occurred… Of course it did – I'm in a hurry and the login is sensing my urgency. Big mistake. Let's try again, more casually. An error has occurred…

So it doesn't like my casual manner. How else could I type my credentials into the login screen to fool the remote computer into letting me view my own data? I try typing them r-e-a-l-l-y s-l-o-w-l-y. An error has occurred… I try elaborately. An error has occurred… I try viciously, nonchalantly, softly, insistently, accidentally, musically, and a variety of other adverbs. An error has occurred…

Hmm, it might not be the manner in which I am tapping the keys after all. Perhaps an error really has, well, occurred. The one thing I do know is that my login name and password are correct. It looks like I shall have to contact customer support.

Continue reading

From pregnancy tests to obscure industrial kitchen appliances, Doom really will run on almost anything

As long as the technical nous is there

If you've ever worked in a commercial kitchen, you probably know what a "bump bar" is. These plank-like computerised boards are the organisational force behind every restaurant, enabling sweat-drenched chefs to see pending orders and ensure a steady flow of food to the front of house.

Would it surprise you to learn that someone managed to coax '90s shooter Doom onto one? Of course it wouldn't.

Doom is the videogame equivalent of a glitter bomb, attaching itself to literally everything with an electrical current and a microcontroller. We've seen it played on digital cameras, iPods, calculators, even ATMs and pregnancy tests. So the idea that it would run on a low-powered computer device used exclusively by eateries maybe isn't so outlandish.

Continue reading

George Clooney of IT: Dribbling disaster and damp disk warnings scare the life out of innocent user

Practical jokes: just don't

On Call Welcome to another entry in The Register's On Call files, where we learn that the hilarious pranks of an IT joker can be enjoyed as much as millionaire actor George Clooney's "fun" leg-pulling.

"Jim" returns once more to pages of On Call with a tale of poorly targeted japery and an unfunny practical joke. Is there any other sort?

We skip once more to the 1980s and the mighty IBM XT, a fleet of which Jim was tasked with supporting. Data entry had been done by punch cards back in the day, but the PC now reigned supreme. Keypunchers banged in information via keyboard, as Jim explained: "Floppy disks holding the keypunch program were inserted to provide the OS, and then the other floppy in a dual system held the precious data, from which the company earned its crust."

Continue reading

Starlink creates risk of internet investment doom cycle, says APNIC researcher

Early users get speed, so policy-makers may stop building, but more users means slower speeds ...

Elon Musk's Starlink project has copped more criticism, this time from a researcher at APNIC, the Regional Internet Registry for the Asia-Pacific region.

APNIC's George Michaelson says the project, already under fire for offering low capacity and high prices, risks being loved to death by the wrong sort of users, and may therefore stymie much-needed investment in broadband.

“The bandwidth provided by these LEO satellites is really very good … for now. Starlink, unfortunately, runs the risk of being a victim of its own success,” wrote Michaelson.

Continue reading

We admire your MOXIE, Earthlings: Perseverance rover gizmo produces oxygen for first time on Mars

First, COVID vaccinations, now atmosphere generators for an alien world? We're really cooking on gas now

Earthlings have succeeded in creating oxygen away from their lush home world and on the unforgiving dust planet Mars for the first time, using equipment on a robot they have lovingly dubbed Perseverance.

The gas was created in what's been called MOXIE: the Mars Oxygen In-Situ Resource Utilization Experiment. For this test, a "toaster-sized" atmospheric recycler made of 3D-printed nickel alloy parts, insulating aerogel, and a gold outer coat for infrared heat protection, distilled five grams of oxygen from the Martian atmosphere, which is 96 per cent carbon dioxide. That's enough oxygen for about ten minutes of breathing time for a human.

Continue reading

Happy news: Apple again extends fee waiver for online real time experiences

Sad news: Cupertino seems to think you won’t be comfortable going out until at least the end of the year

COVID-19 vaccinations have been administered to hundreds of millions of people, but Apple seems to think that you'll be safest if you don't go out until at least the end of year.

The Register offers that analysis because Cupertino has extended – for the second time – its waiver of in-app-purchase fees for purveyors of “one-to-few and one-to-many realtime experiences" sold on its App Store.

Apple first waived the fees in mid-2020 and set December 31st, 2020, as the last day on which it would not take its customary 30 per cent cut of in-app purchases.

Continue reading