dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
1
share rss forum feed


telcodad
Premium
join:2011-09-16
Lincroft, NJ
kudos:15
reply to telcodad

Re: [Bill] Comcast billing issue on the Consumerist site

OK, some more details on this case from the source article:

Bamboozled: Seeing red over blue-movie fees
The Star-Ledger of NJ, NJ.com - April 2, 2012
»www.nj.com/business/index.ssf/20···169.html

An excerpt (which seems to dismiss a lot of my possible explanations):

"Before taking on Hart's case, we had a host of questions about who has access to her home.

"I am the housekeeper, accountant and chef," she said. "I have no one that comes in."

She has no kids. No family members who come and go. She's not having construction at the home, so workers aren't in and out. Her boyfriend of nine years does have access, but he works a full-time job — including times when movies were ordered.

Upon our request, Hart gave us copies of telephone records and datebooks so we could compare Hart’s and her boyfriend’s locations during the times of the porn charges.

It seems there were plenty of times that Hart has evidence that no one was home, or that her boyfriend was working, when movies were ordered.

For example, there were unauthorized charges on Jan. 21 from 12:30 to 9:30 p.m. Cell phone records, datebook records and receipts show that on Jan. 21, Hart was at a 1:45 doctor’s appointment and her boyfriend was at his job, 45 minutes away, from 9 a.m. until 8:14 p.m.

We looked at many other dates, too.

If the skeptics among you think it has to be the boyfriend, consider this: If he’s been with Hart for nine years, why suddenly order porn for the first time? And even if it was him, after Hart discovered the January charges, why continue to order month after month?

Also, it’s customary for service providers to give customers a credit the first time an unexpected or possibly unauthorized charge appears on a bill. But if Comcast’s investigation determined the orders originated in the house, why credit Hart a second time?

We looked online for similar complaints and found many. Customers said they even unhooked their boxes for an entire month, but the porn charges continued to appear.

We took these questions to Comcast, and while it investigated, we talked to a few experts to see if it was technically possible for someone to hack into another customer’s digital system.

For starters, a simple Google search finds all kinds of ways to allegedly hack into cable boxes, but we’re not techies at heart. We asked the experts.

David Maloney, a security researcher at Rapid7, a security assessment company, said it’s hard to give a definitive answer without knowing the specs of Comcast’s system in that area.

Still, while Comcast said it identified which set-top box placed the orders, Maloney said that’s not a foolproof system.

"STBs are usually identified simply by the MAC (Media Access Control) address, which is easily spoofed," Maloney said.

He said spoofing a MAC address hides the actual hardware address, making it look like orders are coming from a different device.

Additionally, he said, many models of set-top boxes can be modified with new operating systems, giving attackers access.

He said companies often make the mistake of believing their STBs are known quantities and they fail to account for the possibility of them being modified.

"This can result in basic safeguards being neglected due to the mistaken assumption that an attacker could never get on that network," he said.

Maloney also said if a malicious user was able to spoof a request from an STB so it appeared that a request was coming from another STB, it would theoretically be possible to purchase programming and charge it to someone else.

Tech analyst Jeff Kagan also said a hack is possible. He said he’s heard these complaints for years, and not just about Comcast, but about all cable providers.

"It may be just like hackers on your computer. They can hack into networks at various points and they can take service," Kagan said. "(Cable companies) don’t talk about it because they don’t want everyone to know there is a problem.""

yhp

join:2006-12-27
Philadelphia, PA

Bamboozled: Seeing red over blue-movie fees
The Star-Ledger of NJ, NJ.com - April 2, 2012

Ah, so she has finally blocked all Comcast PPV. Good for her.

Next stop, netflix!