Depending on your age, you either might or might not have used Telnet to connect to remote computers in the past. But regardless of your age, you would probably not consider Telnet for anything you currently use. SSH has become the de facto standard when it comes to remote shell connection as it offers higher security, data encryption and much more besides.
It is hard to believe, but it is almost half a year since the Omnia campaign started on Indiegogo. In that time, much has changed. Most importantly, we now know that there is a place on the market for a high-end open-source router – we have one million US dollars to prove it :).
About two weeks ago I was on the annual openSUSE Board face to face meeting. It was great and you can read reports of what was going on in there on openSUSE project mailing list. In this post I would like to focus on my other agenda I had while coming to Nuremberg. Nuremberg is among other things SUSE HQ and therefore there is a high concentration of skilled engineers and I wanted to take an advantage of that…
The title, which I took the liberty to borrow from the German site MacLife.de, quite nicely captures the pleasant surprise we experienced during the campaign for Turris Omnia. I admit that the amount of collected money came as a bit of a surprise even to us. Just by the way, in our guessing competition among the team members, the most daring guess was USD 560 thousand, almost USD 300 thousand less than was eventually collected. We perceived this campaign only as a test, whether there is any interest in the market. And now we know there is, especially when we remind ourselves that certainly not everyone would contribute to the crowdfunding. Sending money to some of such campaigns means that the person prefers a pig in a poke to the bird in the hand. It already happened many times that a promising-looking project simply wasn’t finished or that the result didn’t live up to the original promises. Another problem is that businesses do not usually purchase through such campaigns, as it is not simple for them in terms of accounting. This also makes the collected amount a great promise for future.
A crowdfunding campaign for the Turris Omnia router on the portal Indiegogo.com ended after two months collecting 858 thousand dollars, which exceeded the original goal more than eight times. In this post, we’ll look closer at the progress of the campaign with the help of charts and tables.
This Hamletesque question has haunted our team in connection with Omnia for a few months. Turris Omnia was introduced as a home router in a nicely shaped plastic case and for a long time we did not even think of other options. 5 GHz Wi-Fi connection was intended to be provided by three outside antennas and the “older” Wi-Fi at the 2.4 GHz frequency was supposed to be broadcast, sort of obligatorily, with two internal antennas, more or less for backwards compatibility with older devices.
In previous blogposts on the “rom-0” bug in 2014 and earlier this year, I first explained its nature and gave instructions on its patching.
In the previous two blog posts about project Turris, we described how a telnet “minipot” helped us to uncover a possible botnet consisting mainly of home routers from ASUS (1, 2). In this article, we will describe one possible way how these devices might have been compromised.
Three weeks ago we published preliminary results of data analysis of the honeypot for the Telnet protocol, which we have launched in test mode. Today we will look at the situation change after we installed the tool on all the Turris routers.
In the next release of Turris OS, we would like to give our users the possibility to play a more active part in detection of network attacks. The first of the new functions is SSH honeypot which lures the attacker into a virtual environment where we can then observe his activity. This method will be more thoroughly described in a separate blog post planned for the near future. The second addition is less ambitious, but much simpler and still very useful. It is stripped down version of a honeypot which we internally call a “minipot”. In contrast to the normal honeypot which lets any attacker in with any password, our minipot just pretends that there is the possibility of logging in, and collects the supplied user names and passwords.