The downside of requiring that firmware updates are signed by the manufacturer is that it becomes impossible to repurpose the devices in the way that NSLU2 (http://nslu2-linux/) and WRT54G (http://openwrt.org/) users have.

The best solution is to require physical access in order to perform a firmware update. For example, a switch that you press to enter "update mode", after which the web interface shows the upgrade dialog. If the cost of an extra switch is too much, just require that the reset button is pressed for 10 seconds when power is applied. The NSLU2 does something like this.

It was only a matter of time before this sort of thing happened. Embedded systems pose a larger risk of infrastructure exploitation because they're embedded, and simpler to predict.

Here's an example: Sky Broadband appear to provide lots of Netgear DG834-series routers to their customers, and assume that a exploit comes out to root a DG834 to run code of the attacker's choosing (DG834s are Lunix).

You have x number of vulnerable systems which can be egged in any way the malware author sees fit. Predictable systems in a predictable IP range, no port scanning required.

It's not a case of batten down the hatches or tin foil hats, but I do reckon it's high time that either the broadband suppliers who issue the kit, and / or hardware manufucturers made automatic updating a little easier, and - in the case of a nasty dev flub, pretty timely indeed.

Shouldn't these things have write-protect jumpers and/or a tiny ROM (normally disabled) for re-flashing purposes?

Just ship kit with all remote access disabled by default. Make the firmware unable to be changed from outside the local network, regardless of security settings. Doesn't seem that hard.

"There's no record of such an attack even occurring and other security watchers are sceptical over whether crackers could make money - the main motive for denial of service attacks - from such an approach."

I though the main motive of a denial of any type of service attack was to deny service? Which in any sevice-based economy would be QuITe a big issue, Virtually the Biggest and quite a disservice?

Although this would not be so useful for blackmailers, this would be a great electronic warfare tool for countries and both state and non-state sponsored terrorists.

Just as I was about to complain about the idiotic over use oph 'ph', i realised everyone else has... Why must everything with an 'ph' now be spelt with a phuking ph?

it gets to the stage where the use oph 'ph' and 'ph' is too diphphicult to diphpherentiate between

Does anyone remember the CIH virus from the mid to late 90's?

Infected computers would overwrite their flash BIOS on certain days of the month.

Honestly I'm surprised that mischief makers haven't realised that they could overwrite firmware on local networks once they infect one machine. Most people leave the default admin passwords on everything from DSL routers to LAN connected printers. Get past the network barrier once, you own it.

"Both H D Moore of Metapolit fame and the Hack a Day blog reckon that exploiting vulnerabilities to plant malware in firmware is a far more insidious and dangerous type of attack than simply destroying systems."

They cannot be serious. Simply destroying systems allows One to entirely replace them with Better Beta Systems of One's Own Making and therefore in Control of Everything.

It doesn't get more Beneficial/Malicious than that....... but IT cannot be done by just any Old Hack with Tired and Worn Out Cracks for it needs AI Live and Agile Mind which can Connect with Much that is Apparently Not Already There but what can be Thought 42XXXXist and Therefore Most Definitely Is.

Such are in the Realms of amfM HyperRadioProActivity which are Regularly Registered here for Reading into dDeeper Understanding/Future Memory.

Spelling Jane with a 'y', I suppose?

Oh, and dotting 'I's with circles, or, hey! we could even draw those circles like tiny flowers!