newview
Ex .. Ex .. Exactly
Premium
join:2001-10-01
Parsonsburg, MD
| reply to TraumaJunkie
Re: So you wanna' know why I don't want to install Comcast's CD?
said by TraumaJunkie  :Move on...the instructions are out there how to patch from the SOFTWARE VENDOR.
So it's OK for Comcast to insist that potential subscribers install faulty software, and then fail to patch it, huh? It's Comcast's responsibility to patch their software and notify their distributed base of users as to the availability of a patch.
said by TraumaJunkie :Either do it or be quiet. Sheesh.
I think you're the one who needs to see the forest for the trees.
--
Ö¿Ö
The Rules of Spam | Maryland's Newest Anti-Spam Law
Where are we going? And what's with the hand basket? |
|
TraumaJunkie
Premium
join:2004-03-05
Knoxville, TN
| reply to newview
said by newview :It's been almost two weeks. Absolutely no movement from Comcast to patch this. Move on...the instructions are out there how to patch from the SOFTWARE VENDOR. Either do it or be quiet. Sheesh.
--
I'm not really sure what I am doing, but I'm doing it anyway! |
|
newview
Ex .. Ex .. Exactly
Premium
join:2001-10-01
Parsonsburg, MD | reply to newview
It's been almost two weeks.
Absolutely no movement from Comcast to patch this. |
|
theelviscerator
join:2000-11-16
Elkhart, IN | reply to newview
If you must intall the sw, set a restore point, then go back once modem is up. |
|
pstation
Premium
join:2003-06-23
Indianapolis, IN
| reply to Obliteration
The self activation thing has been worthless for me in past experiences, but i've been able to activate using »https://actsvr.comcastonline.com/Comcast···home.cmd without installing any additional software. Note that you would need to be behind the walled garden for that page to display correctly. |
|
Obliteration
Premium
join:2005-09-18
Somewhere
| reply to perspective
said by perspective :
I wonder which software poses a bigger risk?
An ISP's install disk or your average p2p software everyone seems to be running these days.
And if you download some software from someone you don't know, how safe is that executable file?
Pretty safe assuming you know the rough file size and aren't one of the morons who downloads a 2KB .exe file. After that you can scan it. It is actually quite safe. |
|
newview
Ex .. Ex .. Exactly
Premium
join:2001-10-01
Parsonsburg, MD
| reply to newview
From Jason1, moderator at the Comcast Security Forum:
quote:
We are taking this issue seriously and are working closely with the SupportSoft team to develop and release a patch to resolve this issue. Once the patch is completed, it will be pushed out to all customers who have the Desktop Doctor installed.
As a side note, the vulnerability mentioned here will only affect someone if you visit a malicious site that exploits the vulnerability, particularly phishing sites. So we would like to encourage all Comcast customers (whether you have the SupportSoft tools installed or not) to make sure you are using an up-to-date browser like IE 7 which includes an anti-phishing solution that can help to significantly reduce the chances of being exploited.
We'll post more details as we get them.
»forums.comcast.net/comcastsuppor···id=55337
--
Ö¿Ö
The Rules of Spam | Maryland's Newest Anti-Spam Law
Where are we going? And what's with the hand basket? |
|
studioboy
join:2006-01-31
Mchenry, IL | reply to newview
I wouldn't let that Comcast cd touch my computer. |
|
impulse101
join:2007-01-30
Beachwood, NJ | reply to CableTool
When they come to install just have your PC hidden in a different room and say your new PC isnt here yet. Problem solved. |
|
CableTool
Poorly Representing MYSELF.
Premium
join:2004-11-12
| reply to newview
said by newview : The truth is that Comcast doesn't want to be bothered with manually provisioning new subscribers, Our local Tac, and most areas, are taxed as it is. When techs do not use the disk they get an earful from TAC because it takes a phone call and hold time and all sorts of trickle down shit. If a tech isnt using the disk he needs to explain why and some areas require a sup approval before TAC will provision.
To be honest, most techs do not even use the disk. They will download the wizard from the walled garden.
Having the tech come to your house to make a phone call doenst make much sense. You are involving two parties in your modem installation. Anything else like pre-provisioning is a security issue.
If you want to avoid the disk and are doing a self install just say you got HSI for XBOX live or some crap or download the wizard and do it yourself without the disk.
--
CableFAQ.org/Technicians Unplugged
|
|
gar187er
Premium Alcoholic
join:2006-06-24
Dover, DE
| reply to gallowsroad
quote:
I have that file ( tgctlsi.dll ) in two different places on my system.
Is it safe to delete it? I long ago uninstalled the Comcast software, but these remain.
you shouldnt have any problems once they are gone...i mean they arent needed to run your interent connection....read the article..theres a lnk to more info about this... |
|
gar187er
Premium Alcoholic
join:2006-06-24
Dover, DE
| reply to gallowsroad
quote:
Or . . . Comcast can just bite the bullet and admit that the software is unnecessary, intrusive, resource intensive and NOW a security risk, and just come up with a more reasonable provisioning process.
it is necessary....you know how many extra reps would be needed in order to provision everyones EMTA....hundreds just the extra surge of calls...
intrusive? its not a data miner!!!
resource intensive? ummmm no....no extra processes are being run on your computer once self provisioning is done...
bad choice of words there....is it a pain...yes...but hell it is necessary when it comes to how the business is run...they just cant handle having to self provision everyone... |
|
gallowsroad
join:2004-08-09
Tulsa, OK
| reply to gar187er
said by gar187er : quote:
SupportSoft has published its own advisory on the issue. The company offers a step-by-step guide to fix the problem, beginning with searching a PC's hard drive for the vulnerable file (tgctlsi.dll) and applying a fix.
I have that file ( tgctlsi.dll ) in two different places on my system.
Is it safe to delete it? I long ago uninstalled the Comcast software, but these remain.
--
Ha ha haaaaaaa....ever get the feeling you've been cheated?
- John Lydon, last Sex Pistols show |
|
newview
Ex .. Ex .. Exactly
Premium
join:2001-10-01
Parsonsburg, MD
| reply to gar187er
Most Comcast subscribers are being told they HAVE to use the Install CD . . . we KNOW this isn't true. The truth is that Comcast doesn't want to be bothered with manually provisioning new subscribers, so they "AOL"-ized provisioning and support software from SupportSoft on CD. To keep the marketing droids happy, the software also rebrands Internet Explorer & Outlook Express with the Comcast logo, to remind their new subscribers how "Comcastic" everything is.
Right now, all we can do is LIE when we call up and have our new accounts provisioned by telling the reps that we have Linux or a Mac, or we can do the uninstall / "Restore" dance to eliminate the software that we didn't want in the first place.
Or . . . Comcast can just bite the bullet and admit that the software is unnecessary, intrusive, resource intensive and NOW a security risk, and just come up with a more reasonable provisioning process.
--
Ö¿Ö
The Rules of Spam | Maryland's Newest Anti-Spam Law
Where are we going? And what's with the hand basket? |
|
gar187er
Premium Alcoholic
join:2006-06-24
Dover, DE
| reply to newview
comcast didnt make the software....they are using another company's software....
christ its not like a big red flag is flying in front of everyones house saying, "heres my IP address, and heres the open port number!!!!"
this is a lot smaller threat then that of p2p that was mentioned earlier.... |
|
zja
join:2007-01-25
| reply to gar187er
said by gar187er :reason to disable remote access in windows.... love how you left out also symantec also has the same flaw!!! read the whole article.....the fix is out there...its up to users to apply it.... quote:
SupportSoft has published its own advisory on the issue. The company offers a step-by-step guide to fix the problem, beginning with searching a PC's hard drive for the vulnerable file (tgctlsi.dll) and applying a fix.
It's up to users to find out the program is vulnerable and patch it when Comcast are the ones who want to install it on your computer? That doesn't seem to make sense. |
|
rody_44
Premium
join:2004-02-20
Quakertown, PA | reply to newview
like i always said, just run it and exit out of it as soon as the modem is provisioned. nothing gets installed. |
|
sedorox
join:2006-06-23
Williamsport, PA
clubs:
| reply to newview
This is why when I had Comcast installed at the beginning of the school year, I had the installer run it in a VMWare Machine (XP SP2.. etc..). Was funny, as he took the details of the system.. he opened up the network card, and was like 'I'm not writing all that' and just wrote VMWare on it. This worked perfectly fine as the modem was directly to the ethernet, and I had the interfaces bridged. To this day I still have yet to fire up that VM... I keep it around just in case they need me to 'troubleshoot'.
I will also do the same thing for anyone who asks me to help with their comcast install. It sucks that you HAVE to pretty much run the software (without getting the run-a-round), so I just do this to keep it separated from the main system. I've actually done this for some time, even with Verizon's software, when I'm gonna be adding a router in the mix. |
|
perspective
@comcast.net | reply to newview
I wonder which software poses a bigger risk?
An ISP's install disk or your average p2p software everyone seems to be running these days.
And if you download some software from someone you don't know, how safe is that executable file? |
|
cb4492
join:2002-10-09
Westminster, MD | reply to Johkal
Oops, I missed the small print. At least now it's in BIG letters to see better  |
|
