cancel
Showing results for 
Search instead for 
Did you mean: 
1

Ask

2

Reply

3

Solution

Vodafone connect router vulnerable to Meltdown & Spectre

hi
3: Seeker
3: Seeker

Is the vodafone connect routers processors or OS potentially susceptible to the Meltdown, Spectre or other industry wide vulnerabilities ?

2 REPLIES 2

TJ
Community Manager (Retired)
Community Manager (Retired)

@hi As far as I'm aware they're known to affect intel/ AMD chips, so it's unlikely 👍

hi
3: Seeker
3: Seeker

Hi TJ thanks for the lightning swift response!

Unfortunately other processors such as the ones used in Routers and Mobile phones are also affected. If for instance you look at the ARM website there is a list https://developer.arm.com/support/security-update of their affected processors.

 

I don't know which processor or processors the Vodafone Connect Router uses as the information pages on the router do not appear to list this (maybe I just wasn't looking in the right place?)

 

There are some ARM based devices such as particular models of RasberryPi which are reported (by the owning brand) not to be affected by these two vulnerabilities. This blog from the maker of RasberryPi gives one of the clearer rundowns that I have seen. https://www.raspberrypi.org/blog/why-raspberry-pi-isnt-vulnerable-to-spectre-or-meltdown/

 

So I guess it might be possible to use a RasberryPi with a usb adsl or cable modem attached and run the routing software on the RasberryPi as a novel way to create a non vulnerable albiet sluggish connect that can then onwards route to the lan via a switch or wireless ap. This does also make the assumption that the OS has had any related problems also removed. I haven't read yet if some of the vulnerabilities are actually in OS to the extent that they could make vulnerable a non vulnerable device.

 

Hopefully though there are routers that use similarly 'said to be unaffected' processors so maybe that's the answer? Question though is what's the situation with the Connect Router here. Does it have a processor that is affected and is the os it's running patched already for this stuff?

 

Thanks to errant and uncoordinated reporting no one is really getting a clear message so we are reliant on the supplier. This is more serious for Vodafone in that we are locked to your routers (as I have understood it) we do not have the option of using another router such as the hypothetical thing I suggested above.

 

Sounds like my graphics card gpu, computer processor, mobile phone, possibly router, and probably even my playstation 2's super scalar cpu are all vulnerable - based on the articles I have looked at so far.