nanog mailing list archives

RE: 600,000 routers bricked

From: "Howard, Lee via NANOG" <nanog () nanog org>
Date: Mon, 3 Jun 2024 13:27:27 +0000

In the second paragraph, he cites his source: https://blog.lumen.com/the-pumpkin-eclipse/

Lumen’s Black Lotus Labs detected the event; the post answers all of your concerns. Further, they remark that this was 
an especially sophisticated infection, that hid its tracks well.

Lee

From: NANOG <nanog-bounces+leehoward=hilcostreambank.com () nanog org> On Behalf Of Tom Beecher
Sent: Sunday, June 2, 2024 4:23 PM
To: Dave Taht <dave.taht () gmail com>
Cc: NANOG <nanog () nanog org>
Subject: Re: 600,000 routers bricked

This message is from an EXTERNAL SENDER - be CAUTIOUS, particularly with links and attachments.

That post from Mr. Perens about this is honestly really shitty.

1. Is he right that Lumen has to shoulder blame for not keeping CPE updated with exploit free software? Certainly.
2. Making a claim that all 600k of these routers were being used as botnet zombies without any supporting evidence is 
really poor form.
3. Even if we assert that 50% of these devices were exploited for botnet activity, that means 50% WEREN'T.  We 
shouldn't be applauding 300k people/businesses that just had their internet connectivity yeeted away from them through 
zero fault or their own.
4. "I've never heard of these router manufactures" is exceptionally ignorant. ActionTec has been around since the early 
90s. Sagemcom wasn't someone I've heard of before , but so what.

Yes, CPE provided by ISPs can be a problem. But applauding asshats who bricked all this stuff as some noble event that 
should be "applauded" as he says is really, really stupid. It's not going to meaningfully move the needle with how ISPs 
handle this stuff, and all it did was inconvenience a LOT of end users.

On Sun, Jun 2, 2024 at 4:04 PM Dave Taht <dave.taht () gmail com<mailto:dave.taht () gmail com>> wrote:

https://www.linkedin.com/pulse/600000-families-using-one-internet-provider-have-routers-bruce-perens-geedc/

--
https://www.youtube.com/watch?v=BVFWSyMp3xg&t=1098s Waves Podcast
Dave Täht CSO, LibreQos

Current thread:

600,000 routers bricked Dave Taht (Jun 02)
- Re: 600,000 routers bricked Josh Luthman (Jun 02)
  - Re: 600,000 routers bricked Dave Taht (Jun 02)
  - Re: 600,000 routers bricked Alan Buxey (Jun 03)
- Re: 600,000 routers bricked Tom Beecher (Jun 02)
  - RE: 600,000 routers bricked Howard, Lee via NANOG (Jun 03)
    - Re: 600,000 routers bricked Tom Beecher (Jun 03)
- Re: 600,000 routers bricked Matthew Petach (Jun 03)
  - Re: 600,000 routers bricked Matt Erculiani (Jun 03)
    - Re: 600,000 routers bricked Christopher Morrow (Jun 03)
    - RE: 600,000 routers bricked Robert Jacobs (Jun 03)
    - Re: 600,000 routers bricked John Levine (Jun 04)