Hacker News new | ask | show | jobs
by tekeous 998 days ago
I wonder if MikroTik would be compromised- they’re Latvian and don’t necessarily have to bow to the NSA.
9 comments
HideousKojima 998 days ago
I assume by default that any hardware from any NATO nation is compromised by the NSA and other Western intelligence agencies. I also assume that any Chinese or Russian hardware is compromised by their respective intelligence agencies. And I assume that the NSA and other Western agencies are constantly trying to get backdoors into Chinese hardware (and I assume the Chinese are trying the do the same to ours). You're basically screwed no matter what.
link
ok123456 997 days ago
Buy products that are compromised by both, and let them battle it out. Sort of like the inverse of the plot of the movie hackers.
link
pizzalife 998 days ago
There's been plenty of remote 0days in MikroTik's products. At one point people were paying a pretty penny for them.
link
somehnguy 998 days ago
I think it’s worth noting that these vulnerabilities affected devices which had their management page open to the internet, which is universally known as a bad idea. At least the ones I’ve seen.

There is a big difference between an exploit affecting all devices vs a subset which requires a specific not-best-practice configuration. Regardless, still good to be aware they exist.

link
chinathrow 998 days ago
> have to bow to the NSA

You don't have to bow in order to be compromised. You can be compromised without even knowing it.

link
ElectricalUnion 998 days ago
Several MikroTik routers use marvel hardware underneath. So marvel might be compelled to backdoor the hardware for the NSA.
link
some_random 998 days ago
Why would the NSA need to strong arm MikroTik to implement a backdoor when they can pay ~10k for an 0-day to do the exact same thing?
link
irreticent 997 days ago
Because zero day vulnerabilities are usually patched when discovered by the vendor. They're completely different than an intentional backdoor.
link
paganel 997 days ago
> they’re Latvian and don’t necessarily have to bow to the NSA. reply

The majority (I'd say all) of the Eastern-European countries that are also NATO members do in fact bow to the US, and thus to the NSA/FBI/the Secret Service.

link
smolder 998 days ago
MikroTik has come up in their slides before, yes...
link
lowkeyoptimist 998 days ago
Joking? LOL

https://thehackernews.com/2023/07/critical-mikrotik-routeros...

link
greenie_beans 998 days ago
i've always assumed they were the least secure of all my networking hardware
link
greenie_beans 997 days ago
ah shit now i've outed myself to the fbi if they didn't already know this about my network
link