32 Years of the Digest ... founded August 21, 1981

The Telecom Digest
Copyright © 2014 E. William Horne. All Rights Reserved.


The Telecom Digest for August 10, 2014
Volume 33 : Issue 133 : "text" format

Messages in this Issue:
Re: Verizon defends wireless data download slowdowns(Dave Garland)
Re: Security expert calls home routers a clear and present danger(Fred Goldstein)
Re: Security expert calls home routers a clear and present danger(Doug McIntyre)

We must fight spam for the same reason we fight crime: not because we are naive enough to believe that we will ever stamp it out,
but because we do not want the kind of world that results when no one stands against crime.  - Geoffrey Welsh


See the bottom of this issue for subscription and archive details.


Date: Fri, 08 Aug 2014 23:27:10 -0500 From: Dave Garland <dave.garland@wizinfo.com> To: telecomdigestsubmisssions@remove-this.telecom-digest.org. Subject: Re: Verizon defends wireless data download slowdowns Message-ID: <ls4819$quj$1@dont-email.me> On 8/6/2014 8:08 PM, Barry Margolin wrote: > In article <lrts0k$nr8$1@remove-this.dont-email.me>, > Dave Garland <dave.garland@remove-this.wizinfo.com> wrote: > >> On 8/6/2014 10:17 AM, Barry Margolin wrote: >>> In article <b1fbc15d-a57b-44d8-a813-8f5ac27c8239@remove-this.googlegroups.com>, >>> hancock4@remove-this.remove-this.bbs.cpcn.com wrote: >>> >>>> IMHO, it seems pretty sleazy to offer an "unlimited" service plan and then >>>> fail to provide it. >>> >>> What's unlimited is the volume, not the throughput. Even if they didn't >>> throttle that artificially, it would still be inherently limited by the >>> capacity of the network. >>> >> >> If you limit the throughput, ultimately you are limiting the volume. > > Technically, you're right. There's some huge amount of data that if you > tried to download it at the limited rate, it might take so long that > it's useless by the time you're done. But in realistic terms that's > highly unlikely. They're not throttling by an order of magnitude, are > they? It's probably at worst 50%, so you'll still be able to get all you > need, you'll just have to be more patient. Maybe. But if I'm using the cellphone data collection to download a few Linux ISOs. I'd bet that I'd hit it. > > It would only be eggregious, IMHO, if they throttled so much that video > didn't play properly. > >> It's not that they don't provide infinite speed and volume, it's that >> they intentionally limit them. IMHO "unlimited" is false advertising, >> unless they add "unless you're in the top 5%" in type at least as big >> and prominent as the word "unlimited". > > It's unlimited in the same sense that a salad bar is bottomless, or a > buffet is all-you-can-eat. If you're not full when closing time comes, > they're going to kick you out. Good luck trying to sue them for false > advertising because of that. So when does the cell phone network close? Do they advertise that, or at least have a sign on the door as you go in? > Anyway, there's probably some clause in the actual contract that > qualifies "unlimited" in such a way that this is legal. > That may be. But I want to see the same clause in their advertising, at least as prominent as the claim of "unlimited". If it's limited, they shouldn't be able to deceive people by claiming otherwise.
Date: Fri, 08 Aug 2014 21:52:11 -0400 From: Fred Goldstein <fg_es@ionaryQRM.com.telecom-digest.org> To: telecomdigestsubmisssions@remove-this.telecom-digest.org. Subject: Re: Security expert calls home routers a clear and present danger Message-ID: <ls3us6$ea2$1@dont-email.me> On 8/8/2014 10:52 AM, Barry Margolin wrote: > In article <p06240830d008af91ca4d@[172.16.42.2]>, > Telecom Digest Moderator wrote: > >> I'm surprised that Mr. Geer didn't mention that most of the risk may >> be ameliorated simply by turning off Internet access to the router's >> control panel. > > I think most of the routers I've used have it disabled by default. And > when you enable it, it doesn't use the same default username/password as > is available from the LAN. > But that's not the exploit. The problem is that the consumer routers may have bugs that allow attacking from outside (e.g., via strangely-formed packets that overflow a buffer), and their software is usually not patched once the model is no longer current. I use MikroTik routers now. They're not expensive, and they are incredibly powerful for small machines. And they keep updating the software, which runs across a wide range of current and older models. However, they're also not designed for consumer installation; they're not well documented, and all that power assumes serious expertise. Even with the decent GUIs they now have. They're mostly installed by ISPs; someone there usually becomes expert at MikroTik's software, RouterOS, and comes up with a configuration. We use also RouterOS as a serious firewall, the kind with lots of custom rules, not the simple home kind.
Date: Fri, 08 Aug 2014 20:55:42 -0500 From: Doug McIntyre <merlyn@dork.geeks.org> To: telecomdigestsubmisssions@remove-this.telecom-digest.org. Subject: Re: Security expert calls home routers a clear and present danger Message-ID: <dISdnTXUa6oD4njOnZ2dnUU7-IOdnZ2d@giganews.com> >***** Moderator's Note ***** > I'm surprised that Mr. Geer didn't mention that most of the risk may > be ameliorated simply by turning off Internet access to the router's > control panel. That may not be enough, experienced ample enough times, with "hidden" back doors (until the hacker discovers them) with no user control over who can access what, and/or hard coded admin username/passwords with no user control or view that they exist. This is addition to test-ports that are baked into ADSL routers, like the telco spec TR-067 where the ISP can remotely trigger firmware updates, testing, etc. -- Doug McIntyre doug@themcintyres.us

TELECOM Digest is an electronic journal devoted mostly to telecom- munications topics. It is circulated anywhere there is email, in addition to Usenet, where it appears as the moderated newsgroup 'comp.dcom.telecom'.

TELECOM Digest is a not-for-profit educational service offered to the Internet by Bill Horne.

The Telecom Digest is moderated by Bill Horne.
Contact information: Bill Horne
Telecom Digest
43 Deerfield Road
Sharon MA 02067-2301
339-364-8487
bill at horne dot net
Subscribe: telecom-request@telecom-digest.org?body=subscribe telecom
Unsubscribe: telecom-request@telecom-digest.org?body=unsubscribe telecom

This Digest is the oldest continuing e-journal about telecommunications on the Internet, having been founded in August, 1981 and published continuously since then. Our archives are available for your review/research. We believe we are the oldest e-zine/mailing list on the internet in any category!


Finally, the Digest is funded by gifts from generous readers such as yourself. THANK YOU!

All opinions expressed herein are deemed to be those of the author. Any organizations listed are for identification purposes only and messages should not be considered any official expression by the organization.


End of The Telecom Digest (3 messages)

Return to Telecom Digest Home page ** Older Issues