nanog mailing list archives
Re: Open Letter to D-Link about their NTP vandalism
From: "John Underhill" <stepnwlf () magma ca>
Date: Tue, 11 Apr 2006 13:07:53 -0400
As I replied in a comment offline, auto updating firmware is nothing new.. my cellphone updates itself, as does my satellite receiver, and many other devices as well, (the best of which, perform these tasks without our notice or appreciation). There is of course the potential for a bug causing some unforeseen catastrophy, but much of the risk could be mitigated with a bit of planning and a well designed system, (ex. old image is stored, and boot failure loads that image.. image is first downloaded, test md5, then flashed etc). Servers have been using these technologies for quite a while now, all tested and true. Also, one would expect the vendors to release updates only when necessary, with some serious QA before a release, (but if they did that in the first place, we wouldn't be having this discussion ;o)
Just a thought. John----- Original Message ----- From: "Steven M. Bellovin" <smb () cs columbia edu>
To: "John Underhill" <stepnwlf () magma ca> Cc: <simon () darkmere gen nz>; <nanog () nanog org>; <mike () sentex net> Sent: Tuesday, April 11, 2006 12:24 PM Subject: Re: Open Letter to D-Link about their NTP vandalism
On Tue, 11 Apr 2006 10:28:32 -0400, "John Underhill" <stepnwlf () magma ca> wrote:It seems to me, that the only *real* solution is for these manufacturers toimplement a [responsible] strategy of automatic firmware upgrades, as it pertains to these (simple eu type) devices. How difficult would it be to have the router test a server periodically, (say once a month), and in the case of a critical flaw in the software, silently update the device?I suspect it is cost/benefit skepticism that is keeping them from doing justthat.It would be a disaster. My (cable modem) ISP does that to my cable modem/NAT box. A few months ago, a buggy update made the NAT part drop all connections after 30 minutes. It took me a week or so to get enough data to nail down the problem precisely. I then had the fun of trying to get through the phone droids to reach someone who understood what "NAT" or "TCP" meant. What unusual combination of features will random upgrades break? By the way, since we're talking about D-Link, it's instructive to read the warnings on their firmware update pages. Do NOT upgrade firmware on any D-Link product over a wireless connection. Failure of the device may result. Use only hard-wired network connections. This firmware is engineered for US products only. Using this firmware on a device outside of the United States will void your warranty and may render the device unusable. Other warnings I've seen include warnings that all configuration options will be reset, version incompatibilities, and the suggestion that one should connect to a UPS before doing the upgrade, just in case. (Hmm -- there's a vicious thunderstorm approaching, and the lights are flickering. And it's time for the monthly autoupgrade!)--Steven M. Bellovin, http://www.cs.columbia.edu/~smb
Current thread:
- Re: Open Letter to D-Link about their NTP vandalism, (continued)
- Re: Open Letter to D-Link about their NTP vandalism Tony Finch (Apr 12)
- Re: Open Letter to D-Link about their NTP vandalism Robert E . Seastrom (Apr 12)
- Re: Open Letter to D-Link about their NTP vandalism Alain Hebert (Apr 12)
- Re: Open Letter to D-Link about their NTP vandalism Martin Hannigan (Apr 12)
- Re: Open Letter to D-Link about their NTP vandalism Steve Sobol (Apr 12)
- Re: Open Letter to D-Link about their NTP vandalism Alain Hebert (Apr 12)
- Re: Open Letter to D-Link about their NTP vandalism Valdis . Kletnieks (Apr 11)
- Re: Open Letter to D-Link about their NTP vandalism Mike Tancsa (Apr 11)
- Re: Open Letter to D-Link about their NTP vandalism John Underhill (Apr 11)
- Re: Open Letter to D-Link about their NTP vandalism Steven M. Bellovin (Apr 11)
- Re: Open Letter to D-Link about their NTP vandalism John Underhill (Apr 11)
- Re: Open Letter to D-Link about their NTP vandalism Steve Sobol (Apr 12)
- Re: Open Letter to D-Link about their NTP vandalism Chris Kuethe (Apr 12)
- Re: Open Letter to D-Link about their NTP vandalism goemon (Apr 12)
- Re: Open Letter to D-Link about their NTP vandalism John Dupuy (Apr 11)
- Re: Open Letter to D-Link about their NTP vandalism Alexei Roudnev (Apr 11)
- Re: Open Letter to D-Link about their NTP vandalism Eric Pancer (Apr 11)
- Re: Open Letter to D-Link about their NTP vandalism Michael Froomkin - U.Miami School of Law (Apr 11)
- Re: Open Letter to D-Link about their NTP vandalism Alexei Roudnev (Apr 12)
- Re: Open Letter to D-Link about their NTP vandalism tony sarendal (Apr 12)
- Re: Open Letter to D-Link about their NTP vandalism Stephen Sprunk (Apr 12)