NX-1200 hidden backdoor

tdewildtdewild Junior MemberPosts: 49
Media devices sold to feds have hidden backdoor with sniffing functions.
Highly privileged account could be used to hack customers' networks, researchers warn.

Source:
http://arstechnica.com/security/2016/01/media-devices-sold-to-feds-have-hidden-backdoor-with-sniffing-functions [h=1][/h]

Comments

  • viningvining X Member Posts: 4,323
    Well that's one way to get name recognition. :).
  • sentry07sentry07 Junior Member Posts: 39
    Now I'm really curious about what exactly that account has access to.
  • annuelloannuello Junior Member Posts: 294
    Ironic, given that I've asked for many years to be able to get access to Layer 2 packets to see CDP/LLDP packets for fleet management.
  • vincenvincen Junior Member Posts: 526
    Excellent publicity for AMX, and bad to hear that with that backdoor they are still not able to release some good firmwares (Did you see that NX controlers still reboot when you just ping them in IPV6, bug of first day and still there 2 years later......)
  • tdewildtdewild Junior Member Posts: 49
    Official statement AMX Kevin Morrison, Senior Vice President, Enterprise Solutions, HARMAN Professional

    (also in my mailbox today)

    http://www2.amx.com/webmail/18552/977039865/45af04684d551938785060106d7d3af9
  • vincenvincen Junior Member Posts: 526
    tdewild wrote: »
    Official statement AMX Kevin Morrison, Senior Vice President, Enterprise Solutions, HARMAN Professional

    (also in my mailbox today)

    http://www2.amx.com/webmail/18552/977039865/45af04684d551938785060106d7d3af9
    Yep never too late to remove a backdoor in product that exists since ten years :( The big question is to know if it was just a non-existent QRA department inside AMX that allowed such things to exist or if it was done on purpose (NSA....) ?? or both.....
  • ericmedleyericmedley Senior Member - 3709 Posts Posts: 4,119
    Oddly enough, In the systems I work on that are the highest security for the govt. I don't know if it'd be of any consequence... Those networks are isolated anyway. It's a pain in the arse to even work on them due to their lack of connection to things.
  • viningvining X Member Posts: 4,323
    ericmedley wrote: »
    Oddly enough, In the systems I work on that are the highest security for the govt. I don't know if it'd be of any consequence... Those networks are isolated anyway. It's a pain in the arse to even work on them due to their lack of connection to things.
    I would think most gov and a lot of corporate systems in sesnsitive areas are completely localized with no wan connection at all, let alone behind firewalls, asa, acl,s so it is mostly smoke without flames but it's not good for AMX non the less. Statements don't have to be accurate or legitimate to do damage.
  • ericmedleyericmedley Senior Member - 3709 Posts Posts: 4,119
    vining wrote: »
    I would think most gov and a lot of corporate systems in sesnsitive areas are completely localized with no wan connection at all, let alone behind firewalls, asa, acl,s so it is mostly smoke without flames but it's not good for AMX non the less. Statements don't have to be accurate or legitimate to do damage.


    I cannot comment one way or another on this - as I am under agreements not to. :)

    I agree on the "bad optics" I the first place I expect to see it amplified is in Cr3st0n circles. It's unfortunate, but a sad fact of working in the world today. (and it isn't like other manufacturers do the same thing...) I cannot say who, but I've actually caught a manufacturer of a well known media server "walking the network" with an SNMP snooper and called them out. This was when i worked at CCS a while back.
  • viningvining X Member Posts: 4,323
    ericmedley wrote: »


    I cannot comment one way or another on this - as I am under agreements not to. :)

    I agree on the "bad optics" I the first place I expect to see it amplified is in Cr3st0n circles. It's unfortunate, but a sad fact of working in the world today. (and it isn't like other manufacturers do the same thing...) I cannot say who, but I've actually caught a manufacturer of a well known media server "walking the network" with an SNMP snooper and called them out. This was when i worked at CCS a while back.

    Apple scares me the most and they require other companies to install little black box chipset into their devices in order to be apple home connect certified. The rise of the machine is not too far in the future and like in iRobot they'll be all interconnected and controlled by Apple. ;)
  • ericmedleyericmedley Senior Member - 3709 Posts Posts: 4,119
    vining wrote: »

    Apple scares me the most and they require other companies to install little black box chipset into their devices in order to be apple home connect certified. The rise of the machine is not too far in the future and like in iRobot they'll be all interconnected and controlled by Apple. ;)


    Ha! the irony of Apple's 1984 - Orwellian first commercial is not lost on me. All us folks over 40 have simply got to get over the whole notion of "Provacy" It simply does not exist nowadays - nor is it an implied right. Digital Communications 1999 pretty much dug the grave and Digital Communications 2001 threw us in and filled in the hole.
  • rynandorynando Junior Member Posts: 68
    ericmedley wrote: »


    I cannot comment one way or another on this - as I am under agreements not to. :)

    I agree on the "bad optics" I the first place I expect to see it amplified is in Cr3st0n circles. It's unfortunate, but a sad fact of working in the world today. (and it isn't like other manufacturers do the same thing...) I cannot say who, but I've actually caught a manufacturer of a well known media server "walking the network" with an SNMP snooper and called them out. This was when i worked at CCS a while back.

    Cr3str0n's sales people are already hitting the streets with this. A large dealer I work with had a Cr3str0n rep on site at 9am telling everyone there (with a straight face) that the White House was "hacked" via AMX products. What might seem laughable to us was enough to have one of the AV company's managers call me to ask if I thought it was true as they sell a ton of AMX to the government.

    The security angle was really one of the last major selling points pushing decision makers towards AMX. While I and most here understand how AV networks are provisioned and how little "surface area" a lapse like this would afford an attacker, I'm sure this revelation will be hugely exaggerated and aggressively marketed by AMX's competition, whose own products would doubtless yield some even more interesting tidbits if placed under the same microscope.
  • ericmedleyericmedley Senior Member - 3709 Posts Posts: 4,119
    rynando wrote: »

    Cr3str0n's sales people are already hitting the streets with this. A large dealer I work with had a Cr3str0n rep on site at 9am telling everyone there (with a straight face) that the White House was "hacked" via AMX products. What might seem laughable to us was enough to have one of the AV company's managers call me to ask if I thought it was true as they sell a ton of AMX to the government.

    The security angle was really one of the last major selling points pushing decision makers towards AMX. While I and most here understand how AV networks are provisioned and how little "surface area" a lapse like this would afford an attacker, I'm sure this revelation will be hugely exaggerated and aggressively marketed by AMX's competition, whose own products would doubtless yield some even more interesting tidbits if placed under the same microscope.


    Hoo boy... I am so tempted to post a response to the first paragraph... Let it suffice to say that the statement made by the sales guy was patently false. AMX (or any other control system for that matter) could not have been "Hacked" It has to do with how the network is setup between all the nodes. unless the electrons can jump a huge air gap - it is not possible. I'm not saying a breathing human being couldn't have done so. but, that's a whole other security matter that has zero to do with a back door.
  • viningvining X Member Posts: 4,323
    ericmedley wrote: »


    Hoo boy... I am so tempted to post a response to the first paragraph... Let it suffice to say that the statement made by the sales guy was patently false. AMX (or any other control system for that matter) could not have been "Hacked" It has to do with how the network is setup between all the nodes. unless the electrons can jump a huge air gap - it is not possible. I'm not saying a breathing human being couldn't have done so. but, that's a whole other security matter that has zero to do with a back door.

    Yeah, they're worried an AMX back door that in sensitive installs is probably isolated with no physical path to a gateway and aren't concerned at all with the holes in their firewall, VPNs, port forwarding and often VNC ports forwarded to an onsite PC which inturn can give hackers access to most things on that network. Having a back door to a house is one thing but having a back door to a bedroom within a house with locked exterior doors is quite another.
Sign In or Register to comment.