thoughts/post/2012-10-16-verizon-router-b...

# Verizon router backdoors

A [very disturbing article][0] makes mention of a Verizon TOS update for its
Internet service customers:

[0]: http://www.linuxbsdos.com/2012/10/04/is-that-a-backdoor-or-an-administrative-password-on-your-verizon-internet-router/

> Section 10.4 was updated to clarify that Verizon may in limited instances
> modify administrative passwords for home routers in order to safeguard
> Internet security and our network, the security and privacy of subscriber
> information, to comply with the law, and/or to provide, upgrade and maintain
> service.

<!-- more -->

...what? This is deeply disturbing, deeply perverted idea of security. Not only
is this a severe privacy concern (all internet traffic passes through your
router), but it's a deep *security* concern---what if a cracker is able to
figure out Verizon's password scheme, intercept the communication with your
router or otherwise?

I recommend that you (a) use your own router, (b) change its default password if
you have not yet done so and (c) disallow remote access. Furthermore, I
recommend using a free (as in freedom) firmware such as [DD-WRT][1] if supported
by your hardware.

[1]: http://dd-wrt.com/
Convert posts to markdown files This was considerable effort, and took a bit more time than I had hoped. While newer posts were written with Markdown, previous ones were writen with my own Markdown-like formatting, but they had enough differences that it was quite an effort to get things updated. I also checked the HTML output of each, though I didn't read every article in detail. Some of these were more substantial than others; National Uproar, for example. These conversions were markup translations: the actual text remains unchanged, except in one minor instance to add text for the sake of providing some text to hold a link to a quote. Any changes to post text will happen in future commits so that the diffs are clearly visible. 2018-12-17 23:31:08 -05:00			`# Verizon router backdoors`

			`A [very disturbing article][0] makes mention of a Verizon TOS update for its`
			`Internet service customers:`

			`[0]: http://www.linuxbsdos.com/2012/10/04/is-that-a-backdoor-or-an-administrative-password-on-your-verizon-internet-router/`

			`> Section 10.4 was updated to clarify that Verizon may in limited instances`
			`> modify administrative passwords for home routers in order to safeguard`
			`> Internet security and our network, the security and privacy of subscriber`
			`> information, to comply with the law, and/or to provide, upgrade and maintain`
			`> service.`

			`<!-- more -->`

			`...what? This is deeply disturbing, deeply perverted idea of security. Not only`
			`is this a severe privacy concern (all internet traffic passes through your`
			`router), but it's a deep security concern---what if a cracker is able to`
			`figure out Verizon's password scheme, intercept the communication with your`
			`router or otherwise?`

			`I recommend that you (a) use your own router, (b) change its default password if`
			`you have not yet done so and (c) disallow remote access. Furthermore, I`
			`recommend using a free (as in freedom) firmware such as [DD-WRT][1] if supported`
			`by your hardware.`

			`[1]: http://dd-wrt.com/`