betabug... Sascha Welter

home english | home deutsch | Site Map | Sascha | Kontakt | Pro | Weblog | Wiki

13 February 2007

ADAE / ΑΔΑΕ are you listening?

So... this Solaris telnet exploit tells us *what* about Vodafone?

It was forever and a day ago that I wrote about rumours about a telnetd root Backdoor in Vodafone's Ericsson Systems. Now like a puppy peeing on an old carpet, around comes this gem from the 80s: Solaris Telnet 0day or Embarrassment. Apparently a "hole" of embarrassing simplicity is still there since the 80s in the telnetd on Sun's Solaris systems, enabled by default.

No, I don't know if Vodafone and/or Ericsson has these Solaris based systems configured with telnetd left open. But according to said rumour I highly suspect it. Frankly I believe that these people have no interest whatsoever in the privacy of their customers. Maybe the phat fine Vodafone will likely have to pay will change that, but I doubt it. More likely it will just make sure that the next time something like this happens, nobody won't say a word.

Don't get me started about "closing access to telnet on the perimeter firewall" and "telnet should be fine on a secure network". Can anybody make sure that all of Ericsson's and all of Vodafone's employees are trusted on the level of their top system administrators (even the guy they send around for getting coffee and watering the plants)? So, ADAE are you listening?


Posted by betabug at 10:47 | Comments (1) | Trackbacks (0)
ch athens
Life in Athens (Greece) for a foreigner from the other side of the mountains. And with an interest in digital life and the feeling of change in a big city. Multilingual English - German - Greek.
Main blog page
Recent Entries
Best of
Some of the most sought after posts, judging from access logs and search engine queries.

Apple & Macintosh:
Security & Privacy:
Misc technical:
Athens for tourists and visitors:
Life in general:
<< Wish You Were in Athens | Main | ZWiki Code Contributions >>
Comments
Re: ADAE / ΑΔΑΕ are you listening?

What kind of fine will ever be payed, since one whole year after the phone tapping scandal was unveiled, and the whole process has stuck in the swamp? There are many people (the PM also, victim also of this affair) who would like to sweep it under the carpet. Since most of the evindences point to our overseas allies, nobody wants to mess up with them, despite the occasional good will statements of the Minister of the Foreign Affairs and the furious ones of the Minister of Public Order. As it was revealed on the newspaper Το Ποντίκι, one of the ADAE 's board was a regular salaried high ranking officer in Ericsson. So, the tracks are getting a little daunting. Who is the hunter, who is the victim?

Posted by: Libero at February 14,2007 13:30
Trackbacks
You can trackback to: http://betabug.ch/blogs/ch-athens/548/tbping
There are no trackbacks.
Leave a comment