-------- Original message -------- From: jim bell Date: 6/22/17 11:20 AM (GMT-08:00) To: g2s , cypherpunks@lists.cpunks.org Subject: Re: CIA Inside... Linksys routers. Advisory issued From: g2s [1]http://www.linksys.com/us/support-article?articleNum=263800 from that url >Linksys issues security advisory following discovery of CIA exploitation >Solution >If users believe their router firmware may have been compromised, Linksys recommends that users download the latest available firmware from [2]http://www.linksys.com/support/ and update your router. >After the update, please perform a factory reset to ensure no remnants of the compromise remain. Instructions on how to do a factory reset can be found [3]here. If users are not able to perform a firmware update or receive an error message during the update, please contact customer support for further instructions. [4]Linksys Official Support - Linksys CherryBlossom Advisory ----------------- It isn't clear, but I don't see any indication that these remedial processes actually inform the owner of the router if it has been compromised. Is that an accidental omission, or intentional? Jim Bell Might have a look at the dox attached to the wikileaks page. Linksys is probably just mass patching any possible infected routers and the "whether or not" isn't relevant to the process...imho. Rr >https://wikileaks.org/vault7/#Cherry%20Blossom References 1. http://www.linksys.com/us/support-article?articleNum=263800 2. http://www.linksys.com/support/ 3. http://kb.linksys.com/support-article?articleNum=139791#a 4. http://www.linksys.com/us/support-article?articleNum=263800