Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3 | 4 | 5 | 6
5500 posts

Uber Geek

Trusted
Lifetime subscriber

  # 1789065 27-May-2017 10:45
6 people support this post
Send private message

Now for my next big scam: Good evening, I'm calling from Huawei. It appears your modem is causing some security issues on the internet. I need to urgently remote into your computer to check it out. Yes indeed it is suffering from the T69 virus. I can fix that by loading a special super secure BOT firmware for only $199.




Chorus has spent $1.4 billion on making their xDSL broadband network faster and even more now as they are upgrading their rural Conklins. If your still stuck on ADSL or VDSL, why not spend $195 on a master filter install to make sure you are getting the most out of your connection?
I install - Naked DSL, DSL Master Splitters, VoIP, data cabling and general computer support for home and small business.
Rural Broadband RBI installer for Ultimate Broadband and Full Flavour

 

Need help in Auckland, Waikato or BoP? Click my email button, or email me direct: [my user name] at geekzonemail dot com


3 posts

Wannabe Geek


  # 1790256 27-May-2017 15:00
Send private message

So this is much the same as the article in PCworld 2014 (can't post links but article called "Many home routers supplied by ISPs can be compromised en masse, researchers say")... and it is not a security issue? How so.

 

 


 
 
 
 


4321 posts

Uber Geek


  # 1790270 27-May-2017 15:48
Send private message

Gonna play the devils advocate here.

 

I'm not an expert in this, but is it possible a rogue employee could alter customer network settings to enable man-in-the-middle attacks on a customers passwords and banking details? 

 

It would be tricky to trace too.

 

Employees do go rogue.

 

Unless I read this wrong and there is no possible issue, from a human or technical vector?

 

 


3 posts

Wannabe Geek


  # 1790273 27-May-2017 15:51
Send private message

Not just "go rogue" but have a make that is interested in hacking etc to have the info shared...


Mr Snotty
8764 posts

Uber Geek

Moderator
Trusted
Lifetime subscriber

  # 1790282 27-May-2017 16:12
One person supports this post
Send private message

And then we look at the ISP's Facebook pages and find customer like this posting:

 


 

Ugh.





690 posts

Ultimate Geek

Trusted

  # 1790287 27-May-2017 16:19
One person supports this post
Send private message

Storm in a tea-cup. The first thing I did when I signed up to Snap and was shipped their OEM DSL Router was log into it and review it's config. Remote admin was disabled.

 

 

The first thing when I moved from Snap to Actrix was review the OEM DSL Router config. Remote admin was not enabled - and i knew this because I checked.

 

 

If ISP's disclosed this arrangement and adequately protect it, it's not a bad thing and will be helpful for the majority of customers. The news is in the failure to adequately disclose.




No signature to see here, move along...

Mr Snotty
8764 posts

Uber Geek

Moderator
Trusted
Lifetime subscriber

  # 1790292 27-May-2017 16:25
Send private message

BlakJak: The news is in the failure to adequately disclose.

 

It has been widely known for quite some time that most ISP's had some form of remote management on their routers going back years. My parents routers (they've always used their ISP ones) have always had remote management enabled and even when I was with Snap many moons ago they had remote management on their Fritz!Box.

 

It is more just people not understanding that this remote management is locked down to their ISP only and is for remote support, remote firmware upgrades etc. Settings are only changed with the explicit permission of the account holder unless if it is a break and change fix (for example, a VoIP upgrade).





 
 
 
 




5529 posts

Uber Geek


  # 1790303 27-May-2017 17:09
One person supports this post
Send private message

A rouge employee would no doubt have far easier and more profitable (for want of a better term) ways to use customer's info than dropping a dodgy config into their router.

 

Even if no ISP ever had admin access to CPE, a rouge employee can and will reek havoc. That's a social problem, not a technical problem.


690 posts

Ultimate Geek

Trusted

  # 1790306 27-May-2017 17:15
Send private message

michaelmurfy:

BlakJak: The news is in the failure to adequately disclose.

 

It has been widely known for quite some time that most ISP's had some form of remote management on their routers going back years. My parents routers (they've always used their ISP ones) have always had remote management enabled and even when I was with Snap many moons ago they had remote management on their Fritz!Box.

 

It is more just people not understanding that this remote management is locked down to their ISP only and is for remote support, remote firmware upgrades etc. Settings are only changed with the explicit permission of the account holder unless if it is a break and change fix (for example, a VoIP upgrade).

 

 

How widely known is widely known? I've been out of the ISP support game for a few years but i'm not sure it's well understood outside of the geeks of the world. Is it in ISP T&C or otherwise explicitly explained to people when they join up?




No signature to see here, move along...

Mr Snotty
8764 posts

Uber Geek

Moderator
Trusted
Lifetime subscriber

  # 1790377 27-May-2017 19:05
Send private message

BlakJak: How widely known is widely known? I've been out of the ISP support game for a few years but i'm not sure it's well understood outside of the geeks of the world. Is it in ISP T&C or otherwise explicitly explained to people when they join up?

 

I know with signing up to WXC they said to me that the router was remotely provisioned and updated. With Voyager they did explain to me that there is remote management set up on the router however I can disable it if required (have not though - it is a handy feature for my parents).

 

With Spark I've always known even before I started working for them. Snap/2degrees it is a given as they remotely provision everything on the Fritz. Vodafone was a given as they have to provision voice.

 

It is more people don't understand how this all works. I understand to us geeks it is a given since they can provision routers.





BDFL - Memuneh
64237 posts

Uber Geek

Administrator
Trusted
Geekzone
Lifetime subscriber

  # 1790381 27-May-2017 19:22
7 people support this post
Send private message

There's no technical problem here. People are going over for nothing.

 

The protocol exists so that if something goes wrong then the telco can update the config of millions of modems automatically, without having to either send a technician to every home or wait for customers to send the modems in. It is also useful for remote maintenance and troubleshooting.

 

Rogue employees would make a lot more money if they simply lift credit card numbers (as was happening a few years ago, remember TelstraClear call centre overseas?)

 

If a so-called "security expert" was anything but then he'd be happy to put his name on the paper. 





Mr Snotty
8764 posts

Uber Geek

Moderator
Trusted
Lifetime subscriber

  # 1790384 27-May-2017 19:23
One person supports this post
Send private message

freitasm:

 

 

 

If a so-called "security expert" was anything but then he'd be happy to put his name on the paper. 

 

Couldn't agree more.





3281 posts

Uber Geek


  # 1790412 27-May-2017 23:02
Send private message

For an outlet that LOVES quoting 'NZ IT enthusiasts' (From GZ) They sure fall short asking for input and or checking with the likes of Juha for backstory investigation.

 

 

 

I was thinking the other day, the day of 'investigative journalism' is all but dead. They take stories from Facebook posts these days with absolutely no backing and then do the leg work to find out the goss only to look a little red-faced post fact (recent 'explosions' in Auckland - police training....)


20 posts

Geek


  # 1790841 28-May-2017 22:11
Send private message

Interesting that a few current and former employees of NZ telco's are so confidant in the security of their networks and infrastructure :) Now I must admit I have only encountered a few former russian software engineer's from Vodafone but their coding/general security awareness left a lot to be desired and they were just generally dodgy. Now these were software engineers not infra guys but I'm not convinced their employee screening process is without flaws. Therefore I would not consider it a 0% risk of a rogue employee compromising their ACS server and it going unchecked.

 

I certainly was not made aware of any remote maintenance capability when I signed up with both Spark and Vodafone. The one good thing this article has done despite it's flaws is made people more aware of the fact so they can then educate themselves on the matter and then make an informed decision on whether to disable any remote access capability to their modem.


Mr Snotty
8764 posts

Uber Geek

Moderator
Trusted
Lifetime subscriber

  # 1790850 28-May-2017 23:25
Send private message

jeffory123:

 

Interesting that a few current and former employees of NZ telco's are so confidant in the security of their networks and infrastructure :) Now I must admit I have only encountered a few former russian software engineer's from Vodafone but their coding/general security awareness left a lot to be desired and they were just generally dodgy. Now these were software engineers not infra guys but I'm not convinced their employee screening process is without flaws. Therefore I would not consider it a 0% risk of a rogue employee compromising their ACS server and it going unchecked.

 

I certainly was not made aware of any remote maintenance capability when I signed up with both Spark and Vodafone. The one good thing this article has done despite it's flaws is made people more aware of the fact so they can then educate themselves on the matter and then make an informed decision on whether to disable any remote access capability to their modem.

 

Chances of ACS server (in production) getting owned by an employee? 0%. It'll require a change process to be accepted and followed and everything will be monitored during that process.

 

It isn't just Spark and Vodafone, it is essentially all ISP's since it is one of the most secure ways of managing and maintaining security and settings on a fleet of routers - if they update their VoIP infrastructure then how do they roll out changes to their customers? Tell them in an email to update things manually? No, they roll it out over TR-069. There is nothing to be concerned about with this sort of thing and the NZH article is woefully incorrect on so many levels. If you're reading it as to disable TR-069 then think twice as it is enabled for a reason - it isn't a backdoor and is an essential part of ensuring your internet access and ISP provided services runs to its full potential and your router is fully updated.





1 | 2 | 3 | 4 | 5 | 6
Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic



Switch your broadband provider now - compare prices


Twitter and LinkedIn »



Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Intel expands 10th Gen Intel Core Mobile processor family
Posted 23-Aug-2019 10:22


Digital innovation drives new investment provider
Posted 23-Aug-2019 08:29


Catalyst Cloud becomes a Kubernetes Certified Service Provider (KCSP)
Posted 23-Aug-2019 08:21


New AI legaltech product launched in New Zealand
Posted 21-Aug-2019 17:01


Yubico launches first Lightning-compatible security key, the YubiKey 5Ci
Posted 21-Aug-2019 16:46


Disney+ streaming service confirmed launch in New Zealand
Posted 20-Aug-2019 09:29


Industry plan could create a billion dollar interactive games sector
Posted 19-Aug-2019 20:41


Personal cyber insurance a New Zealand first
Posted 19-Aug-2019 20:26


University of Waikato launches space for esports
Posted 19-Aug-2019 20:20


D-Link ANZ expands mydlink ecosystem with new mydlink Mini Wi-Fi Smart Plug
Posted 19-Aug-2019 20:14


Kiwi workers still falling victim to old cyber tricks
Posted 12-Aug-2019 20:47


Lightning Lab GovTech launches 2019 programme
Posted 12-Aug-2019 20:41


Epson launches portable laser projector
Posted 12-Aug-2019 20:27


Huawei launches new distributed HarmonyOS
Posted 12-Aug-2019 20:20


Lenovo introduces single-socket servers for edge and data-intensive workloads
Posted 9-Aug-2019 21:26



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.