dslreports logo
 
    All Forums Hot Topics Gallery
spc
uniqs
21
hudiat
join:2011-10-13

hudiat to Big Jimmy

Member

to Big Jimmy

Re: My Beef with WOW Ultra TV internet

You misunderstand my magazine point. The point is the wow advertising of how good they are, is so overpowering, that they even quote bad sources.

The ego over there is so big they brag about that, and are blinded to issues. There is someone else on these forums also having regular issues in my area. When I brought that up they told me he is crying wolf, they checked and checked and found no issues. And now they think the same of me. 2 people in the same city, same issues, and they are just dismissing us as compulsive complainers. There is obviously a localized issue.

I have said before phone support has generally been good for me. It is specific to the Cleveland area that is horrible. Even more so the berea office, the one useful tech I had was based out of independence, I don't think it is coincidence.

So it's great you have good service, can anyone in the general berea area say they have had exceptional service? I'm not talking fixing your issue, but the tech doing something amazing to stand out. Like they advertise.

People I know in the Columbus area say they always have great service, but in the Cleveland area, specific to the berea office, me, and people I know don't experience that same quality.

There have been a few comments in /r/Cleveland over the past few months of people saying they were disappointed in WOW!, meanwhile in the discussion of the knology buy, most people said great things. Not just this forum, another discussion place, and people I know, the general feeling is the Cleveland market is less satisfied than everywhere else.

RootWyrm
join:2011-05-09

1 edit

RootWyrm

Member

said by hudiat:

You misunderstand my magazine point. The point is the wow advertising of how good they are, is so overpowering, that they even quote bad sources.

The ego over there is so big they brag about that, and are blinded to issues. There is someone else on these forums also having regular issues in my area. When I brought that up they told me he is crying wolf, they checked and checked and found no issues. And now they think the same of me. 2 people in the same city, same issues, and they are just dismissing us as compulsive complainers. There is obviously a localized issue.

Yeah. What's extra hilarious?

I can tell them exactly what is wrong in their configuration, and I have gone to great lengths to ensure I am NOT crying wolf. I happen to know a thing or twenty about DOCSIS, as I used to work for an MSO that was 20 times larger than WOW. I've gone so far as to contact the only person there with half a clue and asking him to check RF flap on my port at the CMTS.
Result: no flap. Determination: defective modem firmware shipped by WOW causing lockups on DPC2100r2. Cisco response: known defect, provider needs to upgrade firmware. WOW response: one count of "we don't have a support contract with Cisco," one count of "upgraded firmware failed in testing."
They refuse to respond to my questions about why ICMP is being blocked and why they have yet to implement basic security functionality, otherwise known as BPI+. A friend who is in engineering at a much larger MSO is in disbelief that anyone would even consider the things WOW claims are "normal."

And I will be speaking with them about their slanderous accusations and statements about me. When Mister Lawrence D Walden (LW463-ARIN) has staff that knows how to remove the Arris specific strings from the DPC2100 configuration file and how to NOT send 10net traffic out the L3 and XO interfaces, they can attempt to talk down to me.

The WORST part is that they're saddling their installers, who are [u]generally some of the best I've ever seen[/u] - a point I cannot emphasize enough - with operations and management that would be embarrassing for a tiny regional ISP. I mean seriously. You give me three guys who understand the difference between RG11 and RG6 from the junction and can explain signal loss competently, yet you can't find a single network engineer that knows how pointless and counterproductive blocking ICMP is?

EDIT:
By the way, if you're having network problems and support is being unhelpful?
Try this number. No guarantee on validity, since WOW apparently can't even be bothered to maintain their required POC information with ARIN.
hudiat
join:2011-10-13

hudiat

Member

Not to mention anyone on wow can acces their whole neighboorhoods modems. Including the router portion of combo units. Good security!

RootWyrm
join:2011-05-09

RootWyrm

Member

said by hudiat:

Not to mention anyone on wow can acces their whole neighboorhoods modems. Including the router portion of combo units. Good security!

Yes. WOW was notified privately, due to the severe risk associated with this, in December of 2011. They not only declined to address it, they denied that this was a security issue in a network with BPI+ actively disabled. I found it during troubleshooting. It's much, much worse than just that.

They were also notified in no uncertain terms that full access to a customer's modem could be obtained by attackers using known exploits and methods which are in the wild, as well as the fact that the Cisco DPC2100's were running a firmware version with a known security problem - specifically, CVE-2010-2025 and CVE-2010-2026. Contrary to WOW's claims, customer DPC2100's remain vulnerable. Go ahead. Test it.

I identified and privately informed them of no less than five major security or safety issues associated with their network and configurations, all of which have the potential to expose customer data and information. A NOC primate by the name of Mike who doesn't even know what a "DSL Access Module" is yet lists being an 'expert' with "D slam" on his resume basically replied that MITRE and Cisco and six CCIEs all had no clue.

To this day, a rogue modem can STILL take out or take over an entire region accidentally, to say nothing of intentionally. And no, you do not want to know just how dangerously vulnerable the UltraTV boxes are. Arris refuses to participate in the normal security community - including reporting to CERT or MITRE CVE - after being embarrassed by a vulnerability that let attackers take out the C3 at will, so there are vulnerabilities in the wild that you don't know about but attackers do. (Which frankly, is true of most anything.) ProTip: HMAC-MD5 does NOT protect sufficiently against orange Motos and bored kids with Google.

Suffice to say, anybody with actual malicious intent would have NO trouble taking over WOW's equipment and networks, and WOW would have absolutely no idea it was going on. Any customer on the network can access infrastructure gear in a number of extremely dangerous ways, because it's configured with insecure and unsafe defaults.

Yeah. I'm really crying wolf and complaining about dangerous security problems that they refuse to acknowledge despite having exact attack profiles explained is "chronic complaining."
richkut
join:2012-02-10
Cleveland, OH

richkut to hudiat

Member

to hudiat
I, too, am in the Greater Cleveland area (east side, serviced by the Valley View Office). I am sorry to hear that you are having such problems, but have you even tried to talk to local management about this? They always have been very receptive to me, so if the Techs are not living up to your expectations why don't you work your way up the chain of command? If this fails, perhaps you might consider the alternative carriers in town (AT&T, other cable providers, satellite providers or just over-the-air + web channels). Good luck, and please let us know if this works for you.
baess
join:2011-01-28

baess to RootWyrm

Member

to RootWyrm
said by RootWyrm:

Yes. WOW was notified privately, due to the severe risk associated with this, in December of 2011. They not only declined to address it, they denied that this was a security issue in a network with BPI+ actively disabled. I found it during troubleshooting. It's much, much worse than just that.

They were also notified in no uncertain terms that full access to a customer's modem could be obtained by attackers using known exploits and methods which are in the wild, as well as the fact that the Cisco DPC2100's were running a firmware version with a known security problem - specifically, CVE-2010-2025 and CVE-2010-2026. Contrary to WOW's claims, customer DPC2100's remain vulnerable. Go ahead. Test it.

Hackers are usually aware of such things. And if not, if they read this they certainly will be now. Maybe you could have been a little more discrete.

RootWyrm
join:2011-05-09

RootWyrm

Member

said by baess:

Hackers are usually aware of such things. And if not, if they read this they certainly will be now. Maybe you could have been a little more discrete.

You might want to check the dates on things. It was reported to Cisco in January 2010, and Cisco delivered a fix in May of 2010, at which point it was publicly disclosed because a fix was available from the vendor and had been delivered.

The firmware delivered by WOW to the DPC2100r2's is from March 2006. It's so old, it still says Scientific Atlanta. Customers cannot update the firmware, as WOW overwrites with v2.0.2r1256-060303. WOW has been aware of this since before December 2011, and variously claims that they "do not have access" to fixed firmware and that the fixed firmware "failed validation."