Permanent Denial-of-Service (PDOS)
Posted by n3rvp4in on May 20, 2008
I saw this on slashdot.
http://www.darkreading.com/document.asp?doc_id=154270&WT.svl=news1_1
This is one of those things that could pose a huge problem for users of any type of networking “box”. Things like routers, wireless routers and APs, firewalls, etc. Basically anything that is connected to the network and has its own embedded OS. I have done something similar to this to myself while trying to flash OpenWRT onto a router. The flash failed and the result was a blue box of crap. That was fixable though.
The really scary thing would be the flashing of new firmware onto a router (or other device) that allowed an attacker to monitor traffic for passwords, etc. This could be done without the users knowledge. You could even make the device appear to not be sending traffic when it actually is communicating with nefarious servers. If the methodology of phlashing can be perfected we can all expect to be looking for even more problems on the network.
