Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: [Braillenote] Warning: BrailleNote Apex Offers Read/Write FTP And Telnet Access To All Comers
From: crazy-shawty aka everything you're muther wanted you to be but you aint quite turned out like me? <crazy-shawty () ukfreeisp co uk>
Date: Sat, 02 Oct 2010 11:56:28 +0100

I dont no y u r so stressed out. my home network has never been secure 
and i have never!!! had a problem.

On 01/10/2010 22:31, Sabahattin Gucukoglu wrote:
BrailleNote Apex offers telnet and FTP access on the standard ports, with read/write privilege on the entire file 
system, to all comers.  No authentication is required.  BrailleNote is unsafe on any network whose devices you are 
not in full charge of, and which (by NAT or firewall) does not protect BrailleNote from the Internet.

I am happy and sad.  In a chance port scan of my entire network looking for interesting services and protocols that 
were not accounted for by visible configuration options in all my devices, I found this disaster staring me in the 
face on the least likely candidate of them all.  On the one hand, now I don't need ActiveStink in order to access my 
files, over the network, from my Mac.  I want these services running, for sure (maybe just FTP) but dammit, 
authentication first!  On the other hand, there is no doubt my trust in HumanWare is badly dented, as I was clearly 
optimistic that they would, and did, do the right thing and secure the device firmware before shipping it.  Anonymous 
FTP and telnet are obvious, easily found and effectively exploited.  If it isn't configurable, it shouldn't be 
enabled.  I am quite sure this was the case before now.  The most likely explanation is a build with a test 
configuration and services for development still in use on the newest model; t
he USB vendor string is further evidence of this.  Note to self: that popular expression about assumptions turns out to 
be true.

KeySoft version 9.0.2 build 756, Windows CE 6.0, with telnet and FTP services.

While we await an update that either disables the services or allows the user to specify the authentication 
credentials, do not use your BrailleNote Apex on any untrusted network, or if you are network administrator, 
temporarily prohibit these devices from connecting to your networks.  If "Bad guys" are on your network, the 
BrailleNote Apex is, alas, easy meat.


Replies to this message will go directly to the sender.
If your reply would be useful to the list, please send a
copy to the list as well.

To leave the BrailleNote list, send a blank message to
braillenote-unsubscribe () list humanware com
To view the list archives or change your preferences, visit

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]