newview
Ex .. Ex .. Exactly
Premium
join:2001-10-01
Parsonsburg, MD
| So you wanna' know why I don't want to install Comcast's CD?
I haven't seen this posted here yet . . .
quote:
Flaws in tech support tools open PCs to attack
By Joris Evers
Staff Writer, CNET News.com
Published: February 26, 2007, 1:07 PM PST
Multiple flaws in commonly used technical support tools can open Windows PCs to cyberattack, security experts have warned.
The vulnerable tools are often used by Internet service providers, PC makers and others to provide support functions such as remote assistance, the U.S. Computer Emergency Readiness Team said in an alert published Thursday. The tools, provided by SupportSoft, contain multiple vulnerabilities, it warned.
US-CERT lists nearly 40 companies and other organizations that have shipped the affected software. Some have addressed the problem, while others are still listed as vulnerable or unknown. Those that have yet to fix the SupportSoft issue include IBM and Internet access providers BellSouth, Comcast and Time Warner, it said.
»news.com.com/Flaws+in+tech+suppo···278.html
--
Ö¿Ö
The Rules of Spam | Maryland's Newest Anti-Spam Law
Where are we going? And what's with the hand basket? |
|
gar187er
Premium Alcoholic
join:2006-06-24
Dover, DE
| reason to disable remote access in windows....
love how you left out also symantec also has the same flaw!!!
read the whole article.....the fix is out there...its up to users to apply it....
quote:
SupportSoft has published its own advisory on the issue. The company offers a step-by-step guide to fix the problem, beginning with searching a PC's hard drive for the vulnerable file (tgctlsi.dll) and applying a fix.
|
|
newview
Ex .. Ex .. Exactly
Premium
join:2001-10-01
Parsonsburg, MD
1 edit | I read the whole article.
One comment:
Have you heard ANYTHING from Comcast about this? |
|
cb4492
join:2002-10-09
Westminster, MD | reply to newview
I don't think disabling remote assistance will fix the issue. This has been labeled as High Risk by some company's. I would hope for some sort of official announcement soon and also I believe this story is front page worthy to get it to the masses. |
|
Johkal
Cool Cat
Premium,MVM
join:2002-11-13
Happy Valley
clubs:
 ·Comcast Digital Vo..
 ·Comcast
·Vonage
1 edit | It was noted in Morning Bytes.
»/nsearch?o=r&p···o+attack
--
Write me up a 125.......I Can't Drive 55 »redrocker.com/ »cabowabo.com/ |
|
cb4492
join:2002-10-09
Westminster, MD | Oops, I missed the small print. At least now it's in BIG letters to see better  |
|
perspective
@comcast.net | reply to newview
I wonder which software poses a bigger risk?
An ISP's install disk or your average p2p software everyone seems to be running these days.
And if you download some software from someone you don't know, how safe is that executable file? |
|
sedorox
join:2006-06-23
Williamsport, PA
clubs:
| reply to newview
This is why when I had Comcast installed at the beginning of the school year, I had the installer run it in a VMWare Machine (XP SP2.. etc..). Was funny, as he took the details of the system.. he opened up the network card, and was like 'I'm not writing all that' and just wrote VMWare on it. This worked perfectly fine as the modem was directly to the ethernet, and I had the interfaces bridged. To this day I still have yet to fire up that VM... I keep it around just in case they need me to 'troubleshoot'.
I will also do the same thing for anyone who asks me to help with their comcast install. It sucks that you HAVE to pretty much run the software (without getting the run-a-round), so I just do this to keep it separated from the main system. I've actually done this for some time, even with Verizon's software, when I'm gonna be adding a router in the mix. |
|
rody_44
Premium
join:2004-02-20
Quakertown, PA | reply to newview
like i always said, just run it and exit out of it as soon as the modem is provisioned. nothing gets installed. |
|
zja
join:2007-01-25
| reply to gar187er
said by gar187er  :reason to disable remote access in windows.... love how you left out also symantec also has the same flaw!!! read the whole article.....the fix is out there...its up to users to apply it.... quote:
SupportSoft has published its own advisory on the issue. The company offers a step-by-step guide to fix the problem, beginning with searching a PC's hard drive for the vulnerable file (tgctlsi.dll) and applying a fix.
It's up to users to find out the program is vulnerable and patch it when Comcast are the ones who want to install it on your computer? That doesn't seem to make sense. |
|
gar187er
Premium Alcoholic
join:2006-06-24
Dover, DE
| reply to newview
comcast didnt make the software....they are using another company's software....
christ its not like a big red flag is flying in front of everyones house saying, "heres my IP address, and heres the open port number!!!!"
this is a lot smaller threat then that of p2p that was mentioned earlier.... |
|
newview
Ex .. Ex .. Exactly
Premium
join:2001-10-01
Parsonsburg, MD
| Most Comcast subscribers are being told they HAVE to use the Install CD . . . we KNOW this isn't true. The truth is that Comcast doesn't want to be bothered with manually provisioning new subscribers, so they "AOL"-ized provisioning and support software from SupportSoft on CD. To keep the marketing droids happy, the software also rebrands Internet Explorer & Outlook Express with the Comcast logo, to remind their new subscribers how "Comcastic" everything is.
Right now, all we can do is LIE when we call up and have our new accounts provisioned by telling the reps that we have Linux or a Mac, or we can do the uninstall / "Restore" dance to eliminate the software that we didn't want in the first place.
Or . . . Comcast can just bite the bullet and admit that the software is unnecessary, intrusive, resource intensive and NOW a security risk, and just come up with a more reasonable provisioning process.
--
Ö¿Ö
The Rules of Spam | Maryland's Newest Anti-Spam Law
Where are we going? And what's with the hand basket? |
|
gallowsroad
join:2004-08-09
Tulsa, OK
| reply to gar187er
said by gar187er : quote:
SupportSoft has published its own advisory on the issue. The company offers a step-by-step guide to fix the problem, beginning with searching a PC's hard drive for the vulnerable file (tgctlsi.dll) and applying a fix.
I have that file ( tgctlsi.dll ) in two different places on my system.
Is it safe to delete it? I long ago uninstalled the Comcast software, but these remain.
--
Ha ha haaaaaaa....ever get the feeling you've been cheated?
- John Lydon, last Sex Pistols show |
|
gar187er
Premium Alcoholic
join:2006-06-24
Dover, DE
| quote:
Or . . . Comcast can just bite the bullet and admit that the software is unnecessary, intrusive, resource intensive and NOW a security risk, and just come up with a more reasonable provisioning process.
it is necessary....you know how many extra reps would be needed in order to provision everyones EMTA....hundreds just the extra surge of calls...
intrusive? its not a data miner!!!
resource intensive? ummmm no....no extra processes are being run on your computer once self provisioning is done...
bad choice of words there....is it a pain...yes...but hell it is necessary when it comes to how the business is run...they just cant handle having to self provision everyone... |
|
gar187er
Premium Alcoholic
join:2006-06-24
Dover, DE
| reply to gallowsroad
quote:
I have that file ( tgctlsi.dll ) in two different places on my system.
Is it safe to delete it? I long ago uninstalled the Comcast software, but these remain.
you shouldnt have any problems once they are gone...i mean they arent needed to run your interent connection....read the article..theres a lnk to more info about this... |
|
CableTool
Poorly Representing MYSELF.
Premium
join:2004-11-12
| reply to newview
said by newview : The truth is that Comcast doesn't want to be bothered with manually provisioning new subscribers, Our local Tac, and most areas, are taxed as it is. When techs do not use the disk they get an earful from TAC because it takes a phone call and hold time and all sorts of trickle down shit. If a tech isnt using the disk he needs to explain why and some areas require a sup approval before TAC will provision.
To be honest, most techs do not even use the disk. They will download the wizard from the walled garden.
Having the tech come to your house to make a phone call doenst make much sense. You are involving two parties in your modem installation. Anything else like pre-provisioning is a security issue.
If you want to avoid the disk and are doing a self install just say you got HSI for XBOX live or some crap or download the wizard and do it yourself without the disk.
--
CableFAQ.org/Technicians Unplugged
|
|
impulse101
join:2007-01-30
Beachwood, NJ | When they come to install just have your PC hidden in a different room and say your new PC isnt here yet. Problem solved. |
|
studioboy
join:2006-01-31
Mchenry, IL | reply to newview
I wouldn't let that Comcast cd touch my computer. |
|
newview
Ex .. Ex .. Exactly
Premium
join:2001-10-01
Parsonsburg, MD
| reply to newview
From Jason1, moderator at the Comcast Security Forum:
quote:
We are taking this issue seriously and are working closely with the SupportSoft team to develop and release a patch to resolve this issue. Once the patch is completed, it will be pushed out to all customers who have the Desktop Doctor installed.
As a side note, the vulnerability mentioned here will only affect someone if you visit a malicious site that exploits the vulnerability, particularly phishing sites. So we would like to encourage all Comcast customers (whether you have the SupportSoft tools installed or not) to make sure you are using an up-to-date browser like IE 7 which includes an anti-phishing solution that can help to significantly reduce the chances of being exploited.
We'll post more details as we get them.
»forums.comcast.net/comcastsuppor···id=55337
--
Ö¿Ö
The Rules of Spam | Maryland's Newest Anti-Spam Law
Where are we going? And what's with the hand basket? |
|
Obliteration
Premium
join:2005-09-18
Somewhere
| reply to perspective
said by perspective :
I wonder which software poses a bigger risk?
An ISP's install disk or your average p2p software everyone seems to be running these days.
And if you download some software from someone you don't know, how safe is that executable file?
Pretty safe assuming you know the rough file size and aren't one of the morons who downloads a 2KB .exe file. After that you can scan it. It is actually quite safe. |
|
