dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
8248
share rss forum feed


chosebine

@videotron.ca
reply to InvalidError

Re: [Eng] Router was WEP cracked. $600 in overages. What can we

Bien videotron donne les moyens nécessaires pour vérifier sa consommation au jour le jour. tu peux décider de faire attention ou de t'en sacrer et attendre la prochaine facture. Il y a des notifications par sms d'atteinte de limite, tant qu'a moi c'est suffisant. Il y a quand même une part de responsabilité personnelle la dedans.


Fardoche

join:2010-09-08
kudos:1

Si ton voisin se branche sur sa prise exterieur pour construire sa maison pendant que t'es en vacances et que tu recois un bill $300 plus cher, est-ce que tu vas aller te plaindre a hydro quebec en disant que tu veux pas payer parce que c'est pas de ta faute?



dragonfly

@74.198.164.x

En cas de vol de l'electricite, on n'est pas culpable selon Hydro Quebec, mais merci pour votre contribution au fil


pldube

join:2011-06-11
canada
Reviews:
·Bell Fibe
·TekSavvy Cable
·Videotron
reply to HackedWEP

Sérieux, le WAP2 est aussi facile que le WEP à cracké

WEP = 10 secondes
WEP2 = 5-6 heures si la fonction WPS est activé et que le firmware n'est pas up to date (tout les routeurs en location de Vidéotron on le WPS activé)

edit: sa donne rien de cracké un wifi quand j'ai teksavvy illimité et plus rapide que mes voisins


GRT

join:2007-10-14
canada
reply to ohmer

I fully sympathize with what you are going through and how you feel, however, you don't have much of a case here here's why:

* The user is solely responsible for securing his/her system and any use of the provided services. You have to prove that you took necessary measures to secure your connection, in this case there is clear negligence as the security was downgraded. Even if you argue the reasons, it was your responsibility to frequently check the router's status to detect any intrusion or illegal use of your connection and put a stop to it.

* When you singed up you agreed to the terms of service. The rates ARE indeed excessive and people have been fighting ISPs for so long regarding said policies, but nothing ever stopped them. You were aware of the overage rates and agreed to them and you were aware of your responsibility regarding the use of your connection.

So it all comes down to good faith now from the ISP. One major factor against you is the downgrading your router's security. Not knowing how to properly secure or set up a router or claiming convenience / speed will not hold argument in a court.

There are many ways you COULD have prevented this, so many, including properly securing your router, checking your bandwidth for unusual activity, checking your router's network page to detect any illegal connections and use, etc....... All this arguments will be used by defendants and against you.

When I'm not at home or not using my computer for an extended period I TURN OFF Wi-Fi mode in my router, shut down the function with one click, frequently check the status page and bandwidth for any unusual traffic, select a strong password, which means avoid using words, use letters / numbers, strong password and your router's strongest security settings offered, and I set my router's broadcasting to INVISIBLE, so in short, I am making it very hard to be hacked or detected. The law does NOT cover "I didn't know that".
In fact there is a saying that goes "Law does not protect ignorance" in other words you cannot use the argument that you did not know about it, it won't hold.

Sorry but I think it all comes down to good faith now from Videotron, you don't have much of a case at all considering the tweaking of your router's security which is a big argument against you.


GuiGQc

join:2012-02-22
Gatineau, QC

J'pense qu'on peut tous s'entendre sur le fait que ce n'est pas de la faute de vidéotron, mais bien du client.

Mais ça ne change en rien au fait qu'il peut s'essayer.


Dampier
Phillip M Dampier

join:2003-03-23
Rochester, NY

Videotron's overlimit fees are ludicrously excessive, so I am not buying the reasoning that the customer should be on the hook for illegitimate usage.

The average customer has no idea what web security standards are the most robust and which are insecure, so holding a customer to account for that is not going to go far with me either.

This is why Internet Overcharging schemes are so unconscionable.

Start with a BBB complaint, which should get you hooked into Videotron's executive customer service department. I'd also talk to the local media, who love outrageous overbilling.

BBB: »www.bbb.org/ottawa/business-revi···qc-17699

--
Phillip M. Dampier
Editor, Stop the Cap!
»stopthecap.com



swintec
Premium,VIP
join:2003-12-19
Alfred, ME
kudos:5
Reviews:
·Time Warner Cable
·VoicePulse
·Sprint Mobile Br..
·RapidVPS

said by Dampier:

The average customer has no idea what web security standards are the most robust and which are insecure

They certainly will be as this becomes more common.

Also, how does the OP know a bunch of torrenting was done, after the fact?
--
Usenet Block Accounts | Unlimited Accounts

dragonfly

join:2012-09-04
reply to HackedWEP

Hey everybody, I'm the OP. I wanted to respond to a few things.

First, it's no question that Videotron provides tools to monitor usage online. We were aware of this, but since we subscribed to TGV60 in March of 2011, all of us had been keeping track of our usage fairly well, and there were few if any overages until now. Quite simply we were already being responsible in our usage and there was no need to keep an active check on things beyond our monthly bill (or so we thought).

The account is in my (ex)-roommate's name, not mine, so she's the one dealing with Videotron CS. They've been stonewalling her insisting that we pay the entire thing because "since the router was secured, it's obviously our fault". They implied that if we had lied and said our router was unencrypted, there would have been some leniency. Apparently WEP is good enough for Videotron and we are simply liars.

To talk about the usage pattern, it is abnormal in two ways. One, discrete start and stop dates where our usage jumped to a daily 4-5x of normal and stayed there. Second, for almost every day, the upload is more than the download. We assume this is due to torrenting.

Broadly, we feel that, since a bank or credit card company is quick to call and warn you about increased/abnormal usage on your account, since Videotron is evidently assigning us a $600 credit line on our bill, they should take the same precautions. We can't think of a single reason why anyone would legitimately decide a given usage (of a few gigabytes) is worth paying $600 in overages.

Everything is on the table including a small claims challenge. Again, we would argue that, since Videotron receives daily updates as to subscriber usage, they should share in some of the responsibility for damage control. A user account that exceeds normal cap usage by 4-5x should be setting off some flags somewhere.

I may be able to scan a redacted copy of the bill and usage to give you guys an idea of what happened exactly.

Thanks



swintec
Premium,VIP
join:2003-12-19
Alfred, ME
kudos:5
Reviews:
·Time Warner Cable
·VoicePulse
·Sprint Mobile Br..
·RapidVPS

said by dragonfly:

Broadly, we feel that, since a bank or credit card company is quick to call and warn you about increased/abnormal usage on your account, since Videotron is evidently assigning us a $600 credit line on our bill, they should take the same precautions. We can't think of a single reason why anyone would legitimately decide a given usage (of a few gigabytes) is worth paying $600 in overages.

A bank or cc calls you because they are protecting their interests because they stand to lose cash. If you want to stick with that reasoning, you check your bank and cc usage on a regular basis to minimize risk, you should take the same precautions here like you expect videotron to do??

I go days at a time using less than a gig a day and then one day I will slam through 80 gigs at once...Iwould be annoyed if my isp called me to check.

I'm not sure what sort of case you have with small claims...you would have to prove some sort of damages, I don't see any here. All I see is a case where a customer does not like the price of something after it has been consumed.
--
Usenet Block Accounts | Unlimited Accounts

zorxd

join:2010-02-05
Quebec, QC
Reviews:
·Acanac
reply to dragonfly

A lot of people do a lot a abnormal usage. 4-5x the daily average is very common for me. It's normal that Videotron do not call you. I think you can set email warnings when you reach, say, 50% of your monthly cap. You choose to not use it. How is it videotron's fault?
Also it's 600$. It's bad, but it is much less a problem than if your credit card was stolen. That's why credit card company NEED higher security features than Videotron.

You chose a company with bad overcharge fees with no maximum. And yes, WEP sucks. Almost as much as having no encryption.

If you could just cancel your bill, any customer downloading too much would do the same as you and pretend that their wifi router was hacked.

If I were you I'd just change to an other ISP. Some are unlimited or have much lower over limit fees.


Ahuacamolli

join:2001-11-30
Rancho Santa Fe, CA
Reviews:
·Charter
·Pacific Bell - SBC

1 edit
reply to HackedWEP

It seems to me that you are the victim of a theft. A theft most likely committed by someone who lives within 300 feet or so of your router. Given the amount of bandwidth consumed with a wireless connection to your router, that someone is probably even closer than 300 feet. Perhaps even someone you know.

Did you report the theft to your local law enforcement agency with jurisdiction? They just might have ongoing, or future investigation that could use your input/evidence. Without a lawful warrant, your provider can't/won't provide documentation they might have in the way of logs evidencing what MAC addresses were used to make connections on the internet via your router and internet service. Such a warrant would be a part of an investigation by law enforcement instigated by the filing of a report with law enforcement by you.

Some of the actions you can take to prevent such thefts in the future include:

1. Regularly changing your WEP password, and not using simple passwords
2. If your router has the ability to allow wireless connections from only approved MAC addresses, setup your router to only allow wireless connections from only those MAC addresses.
3. If you router allows you to maintain a log of connections made through your router, enable such logging, and check that log from time to time.
4. If your router provides a list of active connections, check that list whenever your internet connection seems to be slower than usual.
5. Turn off, or disconnect the power from your router when it's not in use.
6. Unless you access your router using wireless connections from outside your home, paint the walls of your home using paint that blocks wireless traffic. Think long and hard about this solution as it's difficult to remove the paint. And remember that windows and glass doors would remain unpainted.



swintec
Premium,VIP
join:2003-12-19
Alfred, ME
kudos:5
Reviews:
·Time Warner Cable
·VoicePulse
·Sprint Mobile Br..
·RapidVPS

said by Ahuacamolli:

Without a lawful warrant, your provider can't/won't provide documentation they might have in the way of logs evidencing what MAC addresses were used to make connections on the internet via your router and internet service.

1. Regularly changing your WEP password, and not using simple passwords

Why would the ISP see any other MAC address besides the device connected to his modem, which in this case was the router?

Also, do not use WEP at all, why even leave that as an option? He also admitted to having the security type changed to WEP, which, IMO is a mistake that cost him $600.
--
Usenet Block Accounts | Unlimited Accounts

Tig

join:2006-06-29
Carrying Place, ON
Reviews:
·voip.ms
·TekSavvy DSL
reply to Ahuacamolli

said by Ahuacamolli:

6. Unless you access your router using wireless connections from outside your home, paint the walls of your home using paint that blocks wireless traffic. Think long and hard about this solution as it's difficult to remove the paint. And remember that windows and glass doors would remain unpainted.

Can you please post a link to this wireless blocking paint product. I'm intrigued.

LEKO

join:2010-09-28
Montreal, QC
reply to Cesco

said by Cesco:

Just to make sure: did you slap your roomie upside the head for downgrading the router's security to WEP (unless there was valid reason for doing so)??

^
There is NO reason to use WEP. WEP is no better than leaving the WiFi unsecure.

GuiGQc

join:2012-02-22
Gatineau, QC

said by LEKO:

WEP is no better than leaving the WiFi unsecure.

Well, I think your pushing it a little. It still blocks over 95% of the population.

LEKO

join:2010-09-28
Montreal, QC

said by GuiGQc:

said by LEKO:

WEP is no better than leaving the WiFi unsecure.

Well, I think your pushing it a little. It still blocks over 95% of the population.

I'm not pushing a little...
It's the last 5% we want to block, so WEP is useless to block them.

Why do you lock your door at home? It's not the average joe, it's for the small fractions of bad guys.

GuiGQc

join:2012-02-22
Gatineau, QC

The difference is that every kid with a laptop can try to use your wifi to download movies. Not every kid with a laptop will have the nerves to go steal your TV.


dragonfly

join:2012-09-04
reply to HackedWEP

An update for those interested:

After about 7 hours combined on the phone, we were able to have the overage charge reduced from $600 to ~$200, but we're still out $200.

We're still very much considering a small claims action. Our opinion is that the bandwidth notification should be enabled by default, opt-out not opt-in, and that if Videotron insists on "the sky's the limit" overages, it should be more proactive in notifying its customers when something is seriously amiss.

Just to remind everyone, the original overage charge represents 7x our monthly fee. Videotron had the technical ability to warn us at every day we were over the cap, by $100, by $200, by $400, by $600, but chose not to, because it meant more money for them. That's called a conflict of interest. Quebec has consumer protection laws for exactly this reason, and we intend to leverage them.

Anyway, thank you all for your input so far. We did reference DSLReports to Videotron and we felt it gave us some leverage. I would warn all Videotron customers to set up these bandwidth notifications immediately or risk immense bills due to the actions of others.



Hyrules

join:2006-07-19
Gatineau, QC
kudos:1
reply to HackedWEP

a good thing to use if you aren't already is VBMon. it's a gadget for windows vista / 7 that monitor your videotron bandwidth.
--
- Technicien en informatique [A+]
- Chasseur d'orage


LEKO

join:2010-09-28
Montreal, QC
reply to GuiGQc

said by GuiGQc:

The difference is that every kid with a laptop can try to use your wifi to download movies. Not every kid with a laptop will have the nerves to go steal your TV.

I do really hope is not the kind of advice you give. It's like recommending people using password 1234. Yes, it's a password, but it is not secure.

Think about it: do you want to pay that 600$ bill?

LEKO

join:2010-09-28
Montreal, QC
reply to dragonfly

said by dragonfly:

Anyway, thank you all for your input so far. We did reference DSLReports to Videotron and we felt it gave us some leverage. I would warn all Videotron customers to set up these bandwidth notifications immediately or risk immense bills due to the actions of others.

AND do not use WEP!

dragonfly

join:2012-09-04

Well now that's a given My friend who switched the encryption to WEP is not exactly a computer guy. Still, that shouldn't be enough to cost anyone $600.


GuiGQc

join:2012-02-22
Gatineau, QC

Reduction from 600$ to 200$ is even better than we thought! We were expecting half the price. Let us kniow if you manage to drop it even lower!


Melk

join:2007-10-30
Longueuil, QC
reply to HackedWEP

Congrats on lowering the charges. I do admit that $200 is still much though.

I use this tool to monitor my usage. It's great because it adds a button Firefox with the monthly % used during the billing period -- very easy to see right away at what % you are every time you open FF. So every time I use the Internet, I know exactly where my usage is.

Here's the link to the website itself.. you can also use the Addons FF option to find it although I use the direct site to make sure I get the latest version.

»netusage.iau5.com/

I even talked to the guy maintaining it when it stopped working with Videotron last year (the tool is for a lot of ISP around the world), and he fixed it within days. Donated to him after that

I know it's a bit late in the game, but IF anything unusual happens to your bandwitdh in the future (to you or anyone else reading this), this tool will let you know within hours.

gluck


LEKO

join:2010-09-28
Montreal, QC

Just installed it on Chrome, works fine!

TH47

join:2005-10-29

Looks good indeed!


InvalidError

join:2008-02-03
kudos:5
reply to dragonfly

said by dragonfly:

We're still very much considering a small claims action.

Unless you are unemployed or can take a day off to go to court, this will likely cost you more than the $200 bind you are trying to wiggle out of since the court probably won't grant you any collateral damages.

While the court might agree that Videotron's rates are excessive and Videotron should do a better job at notifying customers about usage charges, I would not be surprised if it concluded that Videotron has already made a reasonable effort to "make things right" and that it was still ultimately your responsibility to keep tabs on usage.

GuiGQc

join:2012-02-22
Gatineau, QC

Don't go to small claims. You'll lose and they might even charge you the whole 600$.


zorxd

join:2010-02-05
Quebec, QC
reply to dragonfly

I agree that you should accept the 200$. Videotron is doing you a favor. Don't go to court you will loose.
If you are still unhappy, switch to an other ISP however.