
Warning as 4G Hotspots Are Hacked - walterbell
https://www.pentestpartners.com/security-blog/reverse-engineering-4g-hotspots-for-fun-bugs-and-net-financial-loss/
======
joecool1029
I buy cheap Motorola phones, put LineageOS on them, and pick the security
patches as they come along. This is a better way to go about it as it's
unlikely any of these standalone units will get firmware updates.

Two benefits:

1\. I get many security holes patched.

2\. I get a hotspot on a phone plan, which is usually cheaper and can be used
as a second phone.

------
CKN23-ARIN
It's usually not hard to get a root shell on these things from the user-facing
web management page, in my experience. It's not surprising to learn that
they're remotely-exploitable too.

------
ronnier
I strictly use my iPhone to tether. I keep it updated with the latest updates
but I still worry about it being remotely exploitable but I feel a lot more
safe with it than these other devices.

~~~
snaky
If all your hotspot does, be it iPhone, Linux box or anything else, is
forwarding VPN traffic between your devices and your cloud instance (your VPN
exit node), why should you care about hotspot vulnerabilities?

~~~
yjftsjthsd-h
The device running the VPN is still exposed to the attacker-controlled device.
Now, on a decently-configured system this is probably fine (your workstation
doesn't allow password-based SSH, right?), but it's still not great.

~~~
throwaway_391
Seems silly to care so much about your tethered connection when the average
home network has a bunch of computers, random IOT kit, a end-of-lifed smart
TV, friends mobile devices and the random MAC addresses in your DHCP lease
pool that you can't even account for.

Network security is unmaintaniable. Start caring about defensible boundaries
instead.

~~~
yjftsjthsd-h
To some extent, sure; seriously, you _should_ be okay exposing your laptop to
an attacker-controlled hotspot. I'm actually pretty sure my machines _would_
be fine exposed like that. But that doesn't mean that you shouldn't minimize
that exposure if possible:)

Also, I really do question the premise; it _is_ possible to be selective with
what you let on your network. You shouldn't rely on it, of course, but again,
better to minimize exposure.

------
gsich
Unfortunately those issues have nothing to do with LTE (or similar). Would
have liked some analysis of the radio interface.

------
aussieguy1234
Better not to buy ZTE, until they fix their procedures

------
gsich
Well, most of those run Linux (Android, because cheap and easy).

------
1023bytes
Here's the original source, it's not linked directly in the article:
[https://www.pentestpartners.com/security-blog/reverse-
engine...](https://www.pentestpartners.com/security-blog/reverse-
engineering-4g-hotspots-for-fun-bugs-and-net-financial-loss/)

~~~
wronglebowski
Thanks, this should really be the post. I didn’t find the Forbes article did
anything but excessively quote the source material.

~~~
roywiggins
People really need to adjust to Forbes being nothing more than a content mill
nowadays. They'll publish almost anything.

[https://www.nytimes.com/2019/07/21/business/media/jeffrey-
ep...](https://www.nytimes.com/2019/07/21/business/media/jeffrey-epstein-
media.html)

~~~
sohkamyung
I usually read Starts With A Bang [1] and GrrlScientist [2] on Forbes. The
former writes well grounded articles on particle physics and cosmology while
the latter presents good summaries of recent findings in biology.

[1]
[https://www.forbes.com/sites/startswithabang/](https://www.forbes.com/sites/startswithabang/)

[2]
[https://www.forbes.com/sites/grrlscientist/](https://www.forbes.com/sites/grrlscientist/)

------
PaulHoule
I guess that's a reason you need a 5G hotspot

~~~
bigiain
Yeah, because nobody would ship a cheap 5G hotspot with a known exploitable
2.7 kernel vintage linux on it, right? /s

"IoT": The Internet of Unpatched Linux Devices...

~~~
WrtCdEvrydy
The S in IoT stands for Security.

