Wired News reports on a security problem affecting cable customers’ data privacy:
A vulnerability in a Time Warner cable modem and Wi-Fi router deployed to 65,000 customers would allow a hacker to remotely access the device’s administrative menu over the internet, and potentially change the settings to intercept traffic, according to a blogger who discovered the issue.
Time Warner acknowledged the problem to Threat Level on Tuesday, and says it’s in the process of testing replacement firmware code from the router manufacturer, which it plans to push out to customers soon. […]
But blogger David Chen, writing at chenosaurus.com, recently discovered he could easily gain remote access to an administrative page served by the router that would allow him greater control of the device. […]
“From within your own network, an intruder can eavesdrop on sensitive data being sent over the internet and even worse, they can manipulate the DNS address to point trusted sites to malicious servers to perform man-in-the-middle attacks,” Chen wrote on his blog. “Someone skilled enough can possibly even modify and install a new firmware onto the router, which can then automatically scan and infect other routers automatically.”