I hacked my Fritz!Box (yeah, a bad name for a german router) and I'm entirely sure that it has a backdoor integrated too. That's why I wiped and flashed it with an alternative image. That and the Telecom's Speedport router are the most popular routers by far in Germany. And both have backdoors, I know that other router manufacturers also integrate backdoors from a source who works at such a company. A friend can also verify the fact, because a different employee told him the same. Also it's public that the ISP can upgrade, modify, flash and disable features remotely. My friend's router has wifi, but their provider disabled it remotely within the firmware (it even has an antenna) and his ISP wants him to pay 5€/m to re-enable wifi.
I really wonder why nobody complained about that earlier. Also the interesting thing here is that for a very long time, you weren't allowed to use a different router than the one provided by your ISP. Which enforced their surveillance monopoly.
Here's an article about reverse engineering the backdoor in D-Link routers using IDA:
Most likely your ISP is using a technique like TR-069. This enables them to push settings for voip/TV, and in your friends case wifi. A lot of DSL providers are starting to use this for less intrusive (?) goals like measuring noise and attenuation at the clients end once a day, so they can adjust the speed accordingly.
AVM is a very nice company and you should not accuse them without proof. They actually provide an option to disable TR-069 in the page "Provider Services" ("Allow automatic configuration by the service provider" and "Allow automatic updates"). If you don't have this option you could try installing the original firmware from avm.de.
Maybe you are still able to flash the modem with the original firmware from , and configure it yourself?
> AVM is a very nice company and you should not accuse them without proof.
You shouldn't accuse anybody without proof. But since this is Hacker News I'll disagree with the first part of that sentence. AVM is probably the least hacker-friendly company I've ever come across. For example, they're so hell-bent on violating the GPL that they've taken it to court (and lost) [1].
> A lot of DSL providers are starting to use this for less intrusive (?) goals like measuring noise and attenuation at the clients end once a day, so they can adjust the speed accordingly.
Please provide evidence for the alleged backdoor in AVM Fritz!Box routers. Being sure is not convincing … I don't see why you had to hack an AVM router either – you can easily install other firmware and Fritz!Box routers can be directly bought anyway.
That's what I did, I flashed it with a custom firmware (that was after I got aware of the backdoor). I've not "reverse-engineered" the base image of my own router like in the article above, because that's a lot of work. I've worked on an awful lot of routers, hubs, switches of all sorts, enterprise and consumer. Have been network administrator for a large global company and I think that I can trust my sources.
What the new user "blablablaat " mentioned is obvious, I'm not stupid to make something like this up. Of course I have no "Provider Services" or anything remotely similar enabled, but it's still possible to connect to the router and take control over it according to my source and I've seen it back then, when I asked for him/her to show it. Now why, do you expect me to prove that? A security researcher, is more qualified than me to create the convincing report you're asking for, sorry. You can feel free to do it yourself too, if you want. It's not my intention to spread rumors or FUD, but to make you at least aware of that your router ain't secure.
i think it's kinda convenient for companies that they can now blame the nsa for everything. i really think a lot more companies put backdoors into their software without external pressure(sometimes not intentional, just because of laziness or stupidity)
I agree, there are also some laws that force ISPs to do things they don't feel comfortable with. I know it's not entirely their fault.
I've heard of some cases that ISPs tried to stop by going to court, like permanent-storage of all data, but lost the case. It's not just the NSA btw. in Germany there is the Bundesnachrichtendienst (BND), which translates to "Federal Intelligence Service"
I really wonder why nobody complained about that earlier. Also the interesting thing here is that for a very long time, you weren't allowed to use a different router than the one provided by your ISP. Which enforced their surveillance monopoly.
Here's an article about reverse engineering the backdoor in D-Link routers using IDA:
http://www.devttys0.com/2013/10/reverse-engineering-a-d-link...
PoC Available: http://pastebin.com/vbiG42VD