Mike Gerwitz

Free Software Hacker+Activist

Verizon router backdoors

2012-10-16

A very disturbing article makes mention of a Verizon TOS update for its Internet service customers:

Section 10.4 was updated to clarify that Verizon may in limited instances modify administrative passwords for home routers in order to safeguard Internet security and our network, the security and privacy of subscriber information, to comply with the law, and/or to provide, upgrade and maintain service.

…what? This is deeply disturbing, deeply perverted idea of security. Not only is this a severe privacy concern (all internet traffic passes through your router), but it’s a deep security concern—what if a cracker is able to figure out Verizon’s password scheme, intercept the communication with your router or otherwise?

I recommend that you (a) use your own router, (b) change its default password if you have not yet done so and (c) disallow remote access. Furthermore, I recommend using a free (as in freedom) firmware such as DD-WRT if supported by your hardware.