On Thu, May 21, 2009 at 5:30 AM, Peter van Houten <[email protected]> wrote: > One of the weak points with domestic-grade ADSL routers is > the fact that they store passwords in plain text.
In order for the router to be able to submit the credentials to the ISP, it has to be able to derive the plaintext from its local configuration. So whatever it stores in its config file has to be plaintext equivalent in any event. Obfuscating the credentials storage might make it a little harder for an attacker, but all it takes is one guy somewhere figuring out whatever the obfuscation is, and then the game is over. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
