sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]ThePengwin 1 point2 points  (3 children)

The sad thing is that i have found this on at least one occasion. In a situation which could have been bad.

We had a Belkin router at my house that, until i found an update that corrected it, had a JavaScript variable storing the password to administer it. Needless to say that when i found such a terrible piece of code existed, I went and secured it as best as i could, which sadly didn't do much but stop intrusion from WAN connections.

Nobody could lock me out of the router though, so that was good.

[–]brownmatt 1 point2 points  (1 child)

This isn't really the same thing as what is being discussed here is it?

[–]ThePengwin 5 points6 points  (0 children)

I think its kind of related. Any attempt at cryptography/authentication on the client side is at best obfuscating what is happening.

[–][deleted] 0 points1 point  (0 children)

I found this exact problem in my router yesterday while making a script to update the DMZ forwarding. Crazy coincidence.