|
Does Verizon's Voyager stack up to the iPhone? |
|
|
5 IT skills that won't boost your salary 
[1,407]
Women 4 times more likely than men to cough up personal info [589]
Japan's 10 funniest tech-related commercials [Videos] [407]
Throwing away a promo CD is "unauthorized distribution"? [1,265]
Adults too quick to dismiss educational video games [682]
Attack of the iPhone clones [Slideshow] [578]
10 things IT needs to know about AJAX [1,258]
This Year's 25 Geekiest 25th Anniversaries [Slideshow] [409]
|
|
Actually thats not the
Actually thats not the problem and of course neither a solution...
The vulnerability consists in that via a bug inside the configuration wizard and attacker can overwrite the current admin password...
So the victim just need to see a simple image or flash or iframe, etc... and the modem password will be changed without even you notice, obviously after this the attackers send the necessary commands to add the dns resolve routes to the fraudulent bank site.
All this of course without you even notice, cause like i say before you just need to open any website and bang! you will be instantly driving-by-pharming.
So it doesn't bother that you have a 64 digits with alphanumeric + special chars or a really huge pass phrase in other to protect of these attacks, cause this is a flaw in the modem, this is a really major issue inside the 2wire modems and many other manufacturers that have same issues...