We seek to understand and document all radio transmissions, legal and otherwise, as part of the radio listening hobby. We do not encourage any radio operations contrary to regulations. Always consult with the appropriate authorities if you have questions concerning what is permissable in your locale.

Author Topic: KiwiSDR backdoor  (Read 244 times)


Offline NJQA

  • Full Member
  • ***
  • Posts: 235
  • Virginia
    • View Profile
Re: KiwiSDR backdoor
« Reply #1 on: July 16, 2021, 1305 UTC »
Check to see that your KiwiSDR is updated to V1.461.

www.kiwisdr.com

Offline ChrisSmolinski

  • Administrator
  • Marconi Class DXer
  • *****
  • Posts: 27943
  • Westminster, MD USA
    • View Profile
    • Black Cat Systems
Re: KiwiSDR backdoor
« Reply #2 on: July 16, 2021, 1655 UTC »
https://arstechnica.com/gadgets/2021/07/for-years-a-backdoor-in-popular-kiwisdr-product-gave-root-to-project-developer/

On Wednesday, users learned that for years, their devices had been equipped with a backdoor that allowed the KiwiSDR creator—and possibly others—to log in to the devices with administrative system rights

FWIW, this has been public knowledge since at least 2017, not just since Wednesday. We're better off without this 'feature' as it was implemented, but I'm not sure we need to get the pitchforks out either :)

And yes, update to 1.461.
« Last Edit: July 16, 2021, 1701 UTC by ChrisSmolinski »
Chris Smolinski
Westminster, MD
eQSLs appreciated! csmolinski@blackcatsystems.com
netSDR / AFE822x / AirSpy HF+ / KiwiSDR / 900 ft Horz skyloop / 500 ft NE beverage / 250 ft V Beam / 58 ft T2FD / 120 ft T2FD / 400 ft south beverage / 43m, 20m, 10m  dipoles / Crossed Parallel Loop / Discone in a tree

Offline syfr

  • Hero Member
  • *****
  • Posts: 634
    • View Profile
Re: KiwiSDR backdoor
« Reply #3 on: July 20, 2021, 0304 UTC »
Agree entirely, Chris.

The auto update brought my Kiwis up to the recommended rev.
Kiwsdr x 2. TenTec Paragon/NRD535