A Broadband and ADSL forum. BroadbanterBanter

Welcome to BroadbanterBanter.

You are currently viewing as a guest which gives you limited access to view most discussions and other FREE features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload your own photos and access many other special features. Registration is fast, simple and absolutely free so please, join our community today.

Go Back   Home » BroadbanterBanter forum » Newsgroup Discussions » uk.telecom.broadband (UK broadband)
Site Map Home Register Authors List Search Today's Posts Mark Forums Read Web Partners

uk.telecom.broadband (UK broadband) (uk.telecom.broadband) Discussion of broadband services, technology and equipment as provided in the UK. Discussions of specific services based on ADSL, cable modems or other broadband technology are also on-topic. Advertising is not allowed.

O2 don't seem to care about security!



 
 
Thread Tools Display Modes
  #1  
Old August 29th 09, 09:13 AM posted to uk.telecom.broadband
Bob Eager
external usenet poster
 
Posts: 2,472
Default O2 don't seem to care about security!

O2 broadband users might like to read this (especially if you have a
Wireless Box II or a Wireless Box III):

http://www.jibble.org/o2-broadband-fail/
--
[ 7'ism - a condition by which the sufferer experiences an inability
to give concise answers, express reasoned argument or opinion.
Usually accompanied by silly noises and gestures - incurable, early
euthanasia recommended. ]
  #2  
Old August 29th 09, 10:20 AM posted to uk.telecom.broadband
Richard Tobin
external usenet poster
 
Posts: 278
Default O2 don't seem to care about security!

In article ,
Bob Eager wrote:
O2 broadband users might like to read this (especially if you have a
Wireless Box II or a Wireless Box III):

http://www.jibble.org/o2-broadband-fail/


Is there any independent verification of this? Does the problem apply
to all TG585n routers? If so, what is Thomson's response?

Anyone can put up a web page saying "there's a vulnerability but I'm
not going to say what it is".

-- Richard
--
Please remember to mention me / in tapes you leave behind.
  #3  
Old August 29th 09, 10:56 AM posted to uk.telecom.broadband
Mark Carver
external usenet poster
 
Posts: 461
Default O2 don't seem to care about security!

Richard Tobin wrote:
In article ,
Bob Eager wrote:
O2 broadband users might like to read this (especially if you have a
Wireless Box II or a Wireless Box III):

http://www.jibble.org/o2-broadband-fail/


Is there any independent verification of this? Does the problem apply
to all TG585n routers? If so, what is Thomson's response?

Anyone can put up a web page saying "there's a vulnerability but I'm
not going to say what it is".


I wish I knew what it was, because I've struggled and repeatedly failed to
find out how you can access O2's router remotely !

--
Mark
Please replace invalid and invalid with gmx and net to reply.

www.paras.org.uk
  #4  
Old August 29th 09, 12:11 PM posted to uk.telecom.broadband
Nick
external usenet poster
 
Posts: 43
Default O2 don't seem to care about security!

Mark Carver wrote:
Richard Tobin wrote:
In article ,
Bob Eager wrote:
O2 broadband users might like to read this (especially if you have a
Wireless Box II or a Wireless Box III):

http://www.jibble.org/o2-broadband-fail/


Is there any independent verification of this? Does the problem apply
to all TG585n routers? If so, what is Thomson's response?

Anyone can put up a web page saying "there's a vulnerability but I'm
not going to say what it is".


I wish I knew what it was, because I've struggled and repeatedly failed
to find out how you can access O2's router remotely !

So have I. Well same router for BE.

I think he is referring to a wireless insecurity though.
  #5  
Old August 29th 09, 03:02 PM posted to uk.telecom.broadband
bod43
external usenet poster
 
Posts: 105
Default O2 don't seem to care about security!

On 29 Aug, 11:11, Nick wrote:
Mark Carver wrote:
Richard Tobin wrote:
In article ,
Bob Eager wrote:
O2 broadband users might like to read this (especially if you have a
Wireless Box II or a Wireless Box III):


http://www.jibble.org/o2-broadband-fail/


Is there any independent verification of this? *Does the problem apply
to all TG585n routers? If so, what is Thomson's response?


Anyone can put up a web page saying "there's a vulnerability but I'm
not going to say what it is".


I wish I knew what it was, because I've struggled and repeatedly failed
to find out how you can access O2's router remotely !


So have I. Well same router for BE.

I think he is referring to a wireless insecurity though.


From the description seems to me like remote mamagement
is enabled over the ADSL link.

If it was a wireless issue then it would seem unlikely to be
vulnerable as described.
"it allows anybody in the world to gain access"

Anyone got one I can have a probe at
  #6  
Old August 29th 09, 08:44 PM posted to uk.telecom.broadband
Clive
external usenet poster
 
Posts: 42
Default O2 don't seem to care about security! RUBBISH


"Bob Eager" wrote in message
...
O2 broadband users might like to read this (especially if you have a
Wireless Box II or a Wireless Box III):

http://www.jibble.org/o2-broadband-fail/
--


He is going on about the preset router SSID and the WPA key provided. The
key can
easily be generated using a program which is widely available. If you
noticed someone
local using the SSID "O2 Broadband 7e52h" for example, you could enter
that and get
the key and then connect. You can do it with BT HomeHub too.
The other thing he is confused about is the access logging in with
"SuperUser" and the
already known password of o2broadband which uses letters and numbers!
There is no way you can connect in to the wireless box from just having an
IP numbers and
trying remotely. The only way in is wireless, but most sensible users will
change their
SSID and WPA2 key immediately and also the password access for
Administrator.

If the person knew what he was talking about, had some computer knowledge
and stopped
trying to lie to everyone by not stating all of the facts - he would find
there is no real story.

There is only one way in to the router and that is via o2, so unless you are
within the o2
building or misuse o2 computers, you don't stand a chance. Even on remote
access there
are only certain functions o2 can perform. They can see connection stats
and change
wireless channels, but can't do anything to the SSID, password or access
controls. I have
watched it done. The interesting thing is that they can see the SSID of
other local WiFi
users and channels in use, it's a shame that doesn't show in a screen on the
router!

I would say forget the very misleading story - he is after publicity.


  #7  
Old August 29th 09, 08:51 PM posted to uk.telecom.broadband
Bob Eager
external usenet poster
 
Posts: 2,472
Default O2 don't seem to care about security! RUBBISH

On Sat, 29 Aug 2009 18:44:53 UTC, "Clive" wrote:


"Bob Eager" wrote in message
...
O2 broadband users might like to read this (especially if you have a
Wireless Box II or a Wireless Box III):

http://www.jibble.org/o2-broadband-fail/


He is going on about the preset router SSID and the WPA key provided. The
key can
easily be generated using a program which is widely available. If you
noticed someone
local using the SSID "O2 Broadband 7e52h" for example, you could enter
that and get
the key and then connect. You can do it with BT HomeHub too.
The other thing he is confused about is the access logging in with
"SuperUser" and the
already known password of o2broadband which uses letters and numbers!
There is no way you can connect in to the wireless box from just having an
IP numbers and
trying remotely. The only way in is wireless, but most sensible users will
change their
SSID and WPA2 key immediately and also the password access for
Administrator.

If the person knew what he was talking about, had some computer knowledge
and stopped
trying to lie to everyone by not stating all of the facts - he would find
there is no real story.


You must be psychic if you believe that is the whole story.
--
[ 7'ism - a condition by which the sufferer experiences an inability
to give concise answers, express reasoned argument or opinion.
Usually accompanied by silly noises and gestures - incurable, early
euthanasia recommended. ]
  #8  
Old August 29th 09, 08:51 PM posted to uk.telecom.broadband
Clive
external usenet poster
 
Posts: 42
Default O2 SPAM


"Bob Eager" wrote in message
...
O2 broadband users might like to read this (especially if you have a
Wireless Box II or a Wireless Box III):

http://www.rubbish.org/o2-broadband-fail/



The site is littered with links through doubleClick, so by posting to a
newsgroup
and putting total rubbish, he is making a lot of money when people go near
his
site.

Add doubleclick to your hosts list and stop the parasites making money!


  #9  
Old August 29th 09, 09:00 PM posted to uk.telecom.broadband
Maurice Batey
external usenet poster
 
Posts: 78
Default O2 don't seem to care about security!

On Sat, 29 Aug 2009 08:20:12 +0000, Richard Tobin wrote:

Does the problem apply to all TG585n routers?


My Plusnet router is a "Thomson TG585 V7".

Is that vulnerable?

--
/\/\aurice
(Replace "nomail.afraid" by "bcs" to reply by email)

  #10  
Old August 29th 09, 10:40 PM posted to uk.telecom.broadband
[email protected]
external usenet poster
 
Posts: 7
Default O2 don't seem to care about security!

On 29 Aug 2009 07:13:52 GMT, "Bob Eager" wrote:

O2 broadband users might like to read this (especially if you have a
Wireless Box II or a Wireless Box III):

http://www.jibble.org/o2-broadband-fail/



oh dear. Someone's found the backdoor which allows O2 support to
remotely manage the box. That's not to say anybody can access it
remotely, just that there is a secure route to allow O2 to gain
access. it's a a little knowledge and a healthy dose of paranboia
methinks

I like the line "apparently, O2 is able to remotely apply firmware
updates to all of their Wireless Boxes". It doesn't take an Einstein
to figure out how they do that
 




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
golden care [email protected] uk.telecom.broadband (UK broadband) 0 November 10th 07 07:24 PM
golden care [email protected] uk.telecom.broadband (UK broadband) 0 November 9th 07 01:28 AM
moving to Sky, NTL don't care Peter Lynch uk.telecom.broadband (UK broadband) 10 September 21st 06 03:21 PM
Does anyone actually care? Graham in Melton uk.telecom.broadband (UK broadband) 103 December 5th 04 04:24 AM
Bulldog - anyone care to comment? Peter uk.telecom.broadband (UK broadband) 3 June 12th 04 11:43 AM


All times are GMT +1. The time now is 06:09 PM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.Content Relevant URLs by vBSEO 2.4.0
Copyright 2004-2019 BroadbanterBanter.
The comments are property of their posters.