Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3 | 4 | 5 | 6
5520 posts

Uber Geek

Trusted
Lifetime subscriber

  # 1789065 27-May-2017 10:45
6 people support this post
Send private message

Now for my next big scam: Good evening, I'm calling from Huawei. It appears your modem is causing some security issues on the internet. I need to urgently remote into your computer to check it out. Yes indeed it is suffering from the T69 virus. I can fix that by loading a special super secure BOT firmware for only $199.




Chorus has spent $1.4 billion on making their xDSL broadband network faster and even more now as they are upgrading their rural Conklins. If your still stuck on ADSL or VDSL, why not spend $195 on a master filter install to make sure you are getting the most out of your connection?
I install - Naked DSL, DSL Master Splitters, VoIP, data cabling and general computer support for home and small business.
Rural Broadband RBI installer for Ultimate Broadband and Full Flavour

 

Need help in Auckland, Waikato or BoP? Click my email button, or email me direct: [my user name] at geekzonemail dot com


3 posts

Wannabe Geek


  # 1790256 27-May-2017 15:00
Send private message

So this is much the same as the article in PCworld 2014 (can't post links but article called "Many home routers supplied by ISPs can be compromised en masse, researchers say")... and it is not a security issue? How so.

 

 


 
 
 
 


4341 posts

Uber Geek


  # 1790270 27-May-2017 15:48
Send private message

Gonna play the devils advocate here.

 

I'm not an expert in this, but is it possible a rogue employee could alter customer network settings to enable man-in-the-middle attacks on a customers passwords and banking details? 

 

It would be tricky to trace too.

 

Employees do go rogue.

 

Unless I read this wrong and there is no possible issue, from a human or technical vector?

 

 


3 posts

Wannabe Geek


  # 1790273 27-May-2017 15:51
Send private message

Not just "go rogue" but have a make that is interested in hacking etc to have the info shared...


Mr Snotty
8835 posts

Uber Geek

Moderator
Trusted
Lifetime subscriber

  # 1790282 27-May-2017 16:12
One person supports this post
Send private message

And then we look at the ISP's Facebook pages and find customer like this posting:

 


 

Ugh.





701 posts

Ultimate Geek

Trusted

  # 1790287 27-May-2017 16:19
One person supports this post
Send private message

Storm in a tea-cup. The first thing I did when I signed up to Snap and was shipped their OEM DSL Router was log into it and review it's config. Remote admin was disabled.

 

 

The first thing when I moved from Snap to Actrix was review the OEM DSL Router config. Remote admin was not enabled - and i knew this because I checked.

 

 

If ISP's disclosed this arrangement and adequately protect it, it's not a bad thing and will be helpful for the majority of customers. The news is in the failure to adequately disclose.




No signature to see here, move along...

Mr Snotty
8835 posts

Uber Geek

Moderator
Trusted
Lifetime subscriber

  # 1790292 27-May-2017 16:25
Send private message

BlakJak: The news is in the failure to adequately disclose.

 

It has been widely known for quite some time that most ISP's had some form of remote management on their routers going back years. My parents routers (they've always used their ISP ones) have always had remote management enabled and even when I was with Snap many moons ago they had remote management on their Fritz!Box.

 

It is more just people not understanding that this remote management is locked down to their ISP only and is for remote support, remote firmware upgrades etc. Settings are only changed with the explicit permission of the account holder unless if it is a break and change fix (for example, a VoIP upgrade).





 
 
 
 




5557 posts

Uber Geek


  # 1790303 27-May-2017 17:09
One person supports this post
Send private message

A rouge employee would no doubt have far easier and more profitable (for want of a better term) ways to use customer's info than dropping a dodgy config into their router.

 

Even if no ISP ever had admin access to CPE, a rouge employee can and will reek havoc. That's a social problem, not a technical problem.


701 posts

Ultimate Geek

Trusted

  # 1790306 27-May-2017 17:15
Send private message

michaelmurfy:

BlakJak: The news is in the failure to adequately disclose.

 

It has been widely known for quite some time that most ISP's had some form of remote management on their routers going back years. My parents routers (they've always used their ISP ones) have always had remote management enabled and even when I was with Snap many moons ago they had remote management on their Fritz!Box.

 

It is more just people not understanding that this remote management is locked down to their ISP only and is for remote support, remote firmware upgrades etc. Settings are only changed with the explicit permission of the account holder unless if it is a break and change fix (for example, a VoIP upgrade).

 

 

How widely known is widely known? I've been out of the ISP support game for a few years but i'm not sure it's well understood outside of the geeks of the world. Is it in ISP T&C or otherwise explicitly explained to people when they join up?




No signature to see here, move along...

Mr Snotty
8835 posts

Uber Geek

Moderator
Trusted
Lifetime subscriber

  # 1790377 27-May-2017 19:05
Send private message

BlakJak: How widely known is widely known? I've been out of the ISP support game for a few years but i'm not sure it's well understood outside of the geeks of the world. Is it in ISP T&C or otherwise explicitly explained to people when they join up?

 

I know with signing up to WXC they said to me that the router was remotely provisioned and updated. With Voyager they did explain to me that there is remote management set up on the router however I can disable it if required (have not though - it is a handy feature for my parents).

 

With Spark I've always known even before I started working for them. Snap/2degrees it is a given as they remotely provision everything on the Fritz. Vodafone was a given as they have to provision voice.

 

It is more people don't understand how this all works. I understand to us geeks it is a given since they can provision routers.





BDFL - Memuneh
64517 posts

Uber Geek

Administrator
Trusted
Geekzone
Lifetime subscriber

  # 1790381 27-May-2017 19:22
7 people support this post
Send private message

There's no technical problem here. People are going over for nothing.

 

The protocol exists so that if something goes wrong then the telco can update the config of millions of modems automatically, without having to either send a technician to every home or wait for customers to send the modems in. It is also useful for remote maintenance and troubleshooting.

 

Rogue employees would make a lot more money if they simply lift credit card numbers (as was happening a few years ago, remember TelstraClear call centre overseas?)

 

If a so-called "security expert" was anything but then he'd be happy to put his name on the paper. 





Mr Snotty
8835 posts

Uber Geek

Moderator
Trusted
Lifetime subscriber

  # 1790384 27-May-2017 19:23
One person supports this post
Send private message

freitasm:

 

 

 

If a so-called "security expert" was anything but then he'd be happy to put his name on the paper. 

 

Couldn't agree more.





3339 posts

Uber Geek


  # 1790412 27-May-2017 23:02
Send private message

For an outlet that LOVES quoting 'NZ IT enthusiasts' (From GZ) They sure fall short asking for input and or checking with the likes of Juha for backstory investigation.

 

 

 

I was thinking the other day, the day of 'investigative journalism' is all but dead. They take stories from Facebook posts these days with absolutely no backing and then do the leg work to find out the goss only to look a little red-faced post fact (recent 'explosions' in Auckland - police training....)


20 posts

Geek


  # 1790841 28-May-2017 22:11
Send private message

Interesting that a few current and former employees of NZ telco's are so confidant in the security of their networks and infrastructure :) Now I must admit I have only encountered a few former russian software engineer's from Vodafone but their coding/general security awareness left a lot to be desired and they were just generally dodgy. Now these were software engineers not infra guys but I'm not convinced their employee screening process is without flaws. Therefore I would not consider it a 0% risk of a rogue employee compromising their ACS server and it going unchecked.

 

I certainly was not made aware of any remote maintenance capability when I signed up with both Spark and Vodafone. The one good thing this article has done despite it's flaws is made people more aware of the fact so they can then educate themselves on the matter and then make an informed decision on whether to disable any remote access capability to their modem.


Mr Snotty
8835 posts

Uber Geek

Moderator
Trusted
Lifetime subscriber

  # 1790850 28-May-2017 23:25
Send private message

jeffory123:

 

Interesting that a few current and former employees of NZ telco's are so confidant in the security of their networks and infrastructure :) Now I must admit I have only encountered a few former russian software engineer's from Vodafone but their coding/general security awareness left a lot to be desired and they were just generally dodgy. Now these were software engineers not infra guys but I'm not convinced their employee screening process is without flaws. Therefore I would not consider it a 0% risk of a rogue employee compromising their ACS server and it going unchecked.

 

I certainly was not made aware of any remote maintenance capability when I signed up with both Spark and Vodafone. The one good thing this article has done despite it's flaws is made people more aware of the fact so they can then educate themselves on the matter and then make an informed decision on whether to disable any remote access capability to their modem.

 

Chances of ACS server (in production) getting owned by an employee? 0%. It'll require a change process to be accepted and followed and everything will be monitored during that process.

 

It isn't just Spark and Vodafone, it is essentially all ISP's since it is one of the most secure ways of managing and maintaining security and settings on a fleet of routers - if they update their VoIP infrastructure then how do they roll out changes to their customers? Tell them in an email to update things manually? No, they roll it out over TR-069. There is nothing to be concerned about with this sort of thing and the NZH article is woefully incorrect on so many levels. If you're reading it as to disable TR-069 then think twice as it is enabled for a reason - it isn't a backdoor and is an essential part of ensuring your internet access and ISP provided services runs to its full potential and your router is fully updated.





1 | 2 | 3 | 4 | 5 | 6
Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic



Switch your broadband provider now - compare prices


Twitter and LinkedIn »



Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Facebook Portal to land in New Zealand
Posted 19-Sep-2019 18:35


Amazon Studios announces New Zealand as location for its upcoming series based on The Lord of the Rings
Posted 18-Sep-2019 17:24


The Warehouse chooses Elasticsearch service
Posted 18-Sep-2019 13:55


Voyager upgrades core network to 100Gbit
Posted 18-Sep-2019 13:52


Streaming service Acorn TV launches in New Zealand with selection with British shows
Posted 18-Sep-2019 08:55


Bitcoin.com announces partnership with smartphone manufacturer HTC
Posted 16-Sep-2019 21:30


Finalists Announced for Microsoft NZ Partner Awards
Posted 16-Sep-2019 19:37


OPPO Showcases New CameraX Capabilities at Google Developer Days China 2019
Posted 15-Sep-2019 12:42


New Zealand PC Market returns to growth
Posted 15-Sep-2019 12:24


Home sensor charity director speaks about the preventable death which drives her to push for healthy homes
Posted 11-Sep-2019 08:46


Te ao Maori Minecraft world set to inspire Kiwi students
Posted 11-Sep-2019 08:43


Research reveals The Power of Games in New Zealand
Posted 11-Sep-2019 08:40


Ring Door View Cam now available in New Zealand
Posted 11-Sep-2019 08:38


Vodafone NZ to create X Squad
Posted 10-Sep-2019 10:25


Huawei nova 5T to be available 20th September
Posted 5-Sep-2019 11:55



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.