tschmidt
Premium,MVM
join:2000-11-12
Milford, NH
 ·Hollis Hosting
 ·Verizon Online DSL
·Fairpoint Communic..
| reply to RayW
Re: Wiggle
said by RayW  : AT&T telling the US gov that the "Blue Box" was impossible? Interesting quote.
AT&T know when they decided on using in-band signalling rather then out-of-band for long distance it was vulnerable to hacking. They chose it because it was cheaper. Remember back in those days telephone computing was done with relays.
/Tom |
|
en102
Canadian, eh?
join:2001-01-26
Valencia, CA
 ·RoadRunner Cable
·DSL EXTREME
| reply to RayW
Just because investigating these holes are against TOS, doesn't mean they don't exist. Some are big enough to drive a truck through, and if companies aren't aware, less 'benign' hacking in the form of awareness can cause issues with much more impact. |
|
RayW
Premium
join:2001-09-01
Layton, UT
clubs:
·XMission
| reply to en102
said by en102 :Does anyone remember back in the Windows NT4 days when a hacker exposed the TCP buffer issues in Windows which caused a BSOD, and spawned the nice app known as 'WinNuke'? Microsoft dismissed this originally. Or even earlier, AT&T telling the US gov that the "Blue Box" was impossible?
We can come up with all sorts of 'head in the sand' stories down through history, all in the name of money, power, or loss of face.
--
I am not lost, I find myself every time. |
|
en102
Canadian, eh?
join:2001-01-26
Valencia, CA | reply to RayW
Does anyone remember back in the Windows NT4 days when a hacker exposed the TCP buffer issues in Windows which caused a BSOD, and spawned the nice app known as 'WinNuke'? Microsoft dismissed this originally. |
|
RayW
Premium
join:2001-09-01
Layton, UT
clubs:
·XMission
| reply to bigunk
But the question is, is it just his password, or do they use it on ALL the routers as a backdoor? AUP specifies you keep your passwords safe, I do not know how that applies if it is a global password that Bubba down the street can use against all users of BeThere or if British law even allows a differentiation between the two concepts.
--
I am not lost, I find myself every time. |
|
bigunk
Gort, Klattu Birada Nikto
join:2001-02-10
Santa Clarita, CA
·AT&T Yahoo
| reply to RayW
said by RayW :"According to our investigation, the modem vulnerability did not exist prior to his accessing without permission and then publishing certain confidential passwords which were not otherwise available to Be* members," says BeThere Managing Director Dana Pressman. The vulnerability did not exist prior to....? Makes no sense. Pardon me if you think I am parsing words, but saying something didn't exist prior to it being accessed is a real head-in-the-sand approach to all this. In a warped kind way, he might have done them a favor. For all we know, he might have found the problem and told them but was dismissed by the almighty ISP techs. So he went public with the info to show there was indeed something that needed attention.
We have seen multiple instances of this behavior. If you will recall, there was that guy, Mike Lynn I think, who did that to Cisco. Cisco screamed bloody murder and subverted the legal process to get what they wanted.
What I am getting at is there are people with both good and bad intentions out there, and both should be listened to.
--
There is not a man in the country that can't make a living for himself and family. But he can't make a living for them AND his government, the way his government is living. What the government has got to do is live as cheap as the people.
- Will Rogers |
|
RayW
Premium
join:2001-09-01
Layton, UT
clubs:
·XMission
| "According to our investigation, the modem vulnerability did not exist prior to his accessing without permission and then publishing certain confidential passwords which were not otherwise available to Be* members," says BeThere Managing Director Dana Pressman.
I wonder if the password is the same on all units? If so, then I suspect that there is grounds for a lawsuit since anyone with that router can gain that information. If it is unique to each Router, then he does not have a leg to stand on. Granted backdoors are bad, but if it is a unique password then it falls under the AUP
--
I am not lost, I find myself every time. |
|
