Two Birds – One Post (Motion To Quash Prenda Subpoena & Wireless Firewall/Router Vulnerabilities)

8 May 13 – Update

On 7 May 13, Judge Bolton issued an order directing the Plaintiff (Prenda Law) to file a corporate statement (required by FRCP 7.1 & 7.1.1) by 21 May 13.   CorpDiscl_Order_00030(AZ)   The judge also ordered the following.

In addition to the information required by F.R.Civ.P. 7.1 and LRCiv. 7.1.1, the Disclosure Statement shall also contain a list of each member of each LLC.Failure to file the Corporate Disclosure Statement and a list of the members of the LLCs shall result in sanctions being imposed.

DTD :)

—————————————————————————————————–

26 Apr 13 – Update

On 25 Apr 13, Judge Susan R. Bolton, granted Movant DieTrollDie leave to file an oversize memorandum in support of the motion to quash the subpoena to Wild West Domains.   Doc11_00030(AZ)

DTD :)

—————————————————————————

I have two topics of interest here for you today.  The first one I will refrain from making any analysis or comment for obvious reasons.  Motion to quash a Prenda Law Inc., subpoena to Wild West Domains (2:13-mc-00030).  Thank you to everyone who has provided any support.  I look forward to hearing what you think of it.  The second topic concerns a report that many of the home/small office Wireless Firewall/Routers (WFR) are vulnerable to compromise.

1. On 17 Apr 13, the following documents were filed in the district of Arizona concerning a subpoena seeking DieTrollDie’s identity and contact information maintained by Wild West Domains.  The case number is 2:13-mc-00030-SRB, Prenda Law Inc., v. Paul Godfread, Alan Cooper, and John Does 1-10.  Archive Docket

MTQSubpWWD_00030(AZ)   MTQSubpWWD_-1_00030(AZ)   MTQSubpWWD_-2_00030(AZ)   SupptoMTQ_00030(AZ)   Decl_Cardozo_00030(AZ)   Decl_Cardozo_Exhibits_00030(AZ)   ReqJudNotice_00030(AZ)   ReqOversized_00030(AZ)   ReqOversized_-1_00030(AZ)

Enjoy the read.  Also here is an EFF article - EFF Moves to Quash Subpoena in Copyright Troll’s Retaliatory Lawsuit.

2. Exploiting SOHO Routers

Just recently, the Independent Security Evaluators (ISE) released the results of a study into security vulnerabilities found in various small office/home office (SOHO) routers and wireless access points.   Report   ISE assessed 13 commonly available off-the-shelf devices and concluded:

ISE researchers have discovered critical security vulnerabilities in numerous small office/home office (SOHO) routers and wireless access points. We define a critical security vulnerability in a router as one that allows a remote attacker to take full control of the router’s configuration settings, or one that allows a local attacker to bypass authentication and take control. This control allows an attacker to intercept and modify network traffic as it enters and leaves the network.

- All 13 routers evaluated can be taken over from the local network
- 4 of these attacks require no active management session.
- 11 of 13 routers evaluated can be taken over from the WAN
- 2 of these attacks require no active management session.

SIGYO2The report goes into some detail on the vulnerabilities, the impact, mitigation steps, as well as why you should care.  As of the release of the report, ISE only disclosed eight of 13 vulnerable devices.  ISE provided all the device vendors with details on what they discovered.  I hope the vendors take steps to fix these vulnerabilities, as ISE plans to conduct a repeat evaluation of the 13 devices six months from now.  ISE also stated half of the routers with network attached storage (NAS) capability were found to be accessible by a remote adversary (full details will be disclosed in a future article).

As far as why you should care, these devices play such a central role in our Internet access while at home or at a small business location.  A compromise of one of these devices could allow people to access your Internet connection, your network, the connected systems, as well as the communication that traverses it.  As most people have a “set-up and forget about it” mentality with these devices, once compromised, it could stay that way for a significant period.  The report also makes it clear that it only takes a moderately skilled person to exploit these vulnerabilities.  General mitigation steps are in the reports, but the WFR vendors are the ones who need to provide update/patches for their devices.

DieTrollDie :)

GYW1

About DieTrollDie

I'm one of the many 'John Does' (200,000+ & growing in the US) who Copyright Trolls have threatened with a civil law suit unless they are paid off. What is a Copyright Troll? Check out the Electronic Frontier Foundation link - http://www.eff.org/issues/copyright-trolls
This entry was posted in dietrolldie, Paul Duffy, Prenda Law Inc. and tagged , , , , , , , , , , , , , , , , , , , , , , , , . Bookmark the permalink.

7 Responses to Two Birds – One Post (Motion To Quash Prenda Subpoena & Wireless Firewall/Router Vulnerabilities)

  1. couldn't get any easier these days... says:

    for a more comprehensive list and details see:

    http://nvd.nist.gov/

    “NVD is a product of the NIST Computer Security Division and is sponsored by the Department of Homeland Security’s National Cyber Security Division.”

    “NVD is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance. NVD includes databases of security checklists, security related software flaws, misconfigurations, product names, and impact metrics.”

    p.s. some hackers (wardrivers, piggybackers, etc…) and most security & intrusion experts have utilize this database

    and remember there’s an “app for that” http://tipsbyharsha.blogspot.com/2013/02/best-free-wifi-hacking-tools.html and http://www.youtube.com/watch?v=mnkvVCVV1Ag and http://www.appszoom.com/android_applications/free+wifi+hack.

    these tools do not require any special skills or equipment; just a laptop, smart phone or even a tablet.

    software for wardriving is freely available on the Internet, notably NetStumbler, InSSIDer or Ekahau Heat Mapper for Windows; Kismet or SWScanner for Linux, FreeBSD, NetBSD, OpenBSD, DragonFly BSD, and Solaris; and KisMac for Macintosh. There are also homebrew wardriving applications for handheld game consoles that support Wi-Fi, such as sniff_jazzbox/wardive for the Nintendo DS/Android, Road Dog for the Sony PSP, WiFi-Where for the iPhone, G-MoN, Wardrive, and Wigle Wifi for Android and WlanPollution for Symbian NokiaS60 devices. There also exists a mode within Metal Gear Solid: Portable Ops for the Sony PSP (wherein the player is able to find new comrades by searching for wireless access points) which can be used to wardrive. Treasure World for the DS is a commercial game in which gameplay wholly revolves around wardriving.

  2. thatbalddude says:

    I think that despite all the hard work they’re doing, EFF is actually taking some satisfaction (if not outright joy) in shooting down Prenda’s complaints and courtroom antics. I certainly am, and kudos to the EFF team for stepping up and handling this.

    • that anonymous coward says:

      Well they have been called all sorts of nasty names for daring to actually stand up for the law and peoples rights…

  3. DieTrollDie says:

    Was reading a PC World review of a Linksys WFR (http://www.pcworld.com/article/2020148/linksys-ea6500-review-a-user-friendly-802-11ac-router-with-decent-performance.html) and the article stated.

    “Wireless security is disabled by default, but you’re warned of this at the outset, and establishing security is one of the first steps in both of the assisted setups. If you’re installing the router on your own, you’ll have to hunt for the security settings, because they don’t reside under the Security tab where you would expect to find them (you must click the Wireless tab, instead).”

    No big surprise to me, but it refutes what Plaintiff’s expert was claiming. This is on one of newer WFRs from a major manufacturer. Wireless security is disabled by default and it is not very straight forward to change unless you use the set-up utility.

    Also of note: There is a possibility that during a prolonged power outage or WFR system reboot, the security setting you have in-place could revert to the factory default. Unless you notice the changes, your systems will be able to use the WFR (Open & Unsecured) and everything will seem fine. This isn’t the most common of occurrence, but I have had WFRs revert to default settings in the past.

    DTD :)

  4. Need we say more? Seriously though - do we need to say anymore???? says:

    Vulnerabilities –

    Hardware:
    Wi-FI Routers – http://securityevaluators.com/content/case-studies/routers/soho_router_hacks.jsp

    Top Wi-Fi routers easy to hack, says study -http://news.cnet.com/8301-1009_3-57579981-83/top-wi-fi-routers-easy-to-hack-says-study/

    DEFCON 17: Attacks Against 2wire Residential Gateways- http://www.youtube.com/watch?v=yTtQGPdSIfM

    2Wire Broadband Router Session Hijacking Vulnerability- http://seclists.org/fulldisclosure/2010/Aug/105

    Brute force tools crack Wi-Fi security in hours, millions of wireless routers vulnerable- http://blogs.computerworld.com/19518/brute_force_tools_crack_wifi_security_in_hours_millions_of_wireless_routers_vulnerable

    Software:

    http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager09.html

    http://cwe.mitre.org/top25/

    CWE™ International in scope and free for public use, CWE provides a unified, measurable set of software weaknesses that is enabling more effective discussion, description, selection, and use of software security tools and services that can find these weaknesses in source code and operational systems

  5. Pingback: Fall-Out from Prenda Law Sacntions (Judge Wright) Starts in AZ – AF Holdings LLC v. Harris – 2:12-cv-02144 (AZ) | DieTrollDie

  6. Pingback: Update on AZ Case (2:13-mc-00030) – Motion to Quash Prenda Law Subpoena – Subscriber Information From Wild West Domains (DieTrollDie) | DieTrollDie

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s