Slashdot Mirror

← Back to Stories (view on slashdot.org)

Sprint DSL's Security Hole Easy As 1,2,3,4

Posted by timothy on from the oh-didn't-you-catch-that dept.

An Anonymous reader points to this Wired article, excerpting "Sprint officials acknowledged that remote access to the administrative software embedded in the ZyXel Prestige 642 and 645 modems is by default protected with a password of '1234.' But the company said users are responsible for securing the equipment, which stores login data, including the user's e-mail address and password." Wired found that more than 90% of the modems they polled were using that default password.

11 of 373 comments (clear)

  1. Shit by Anonymous Coward · · Score: 5, Funny

    Time to change the combo on the luggage again.

    1. Re:Shit by deadsaijinx* · · Score: 3, Funny

      can anyone say space balls.
      "tell us the combonations to the air lock."
      "fine, i'll tell. its ... 1 . 2 . 3 . 4 . 5..."
      "1,2,3,4,5?! that's the kind of code an idiot would put on their baggage!" (president scrooge arrives)
      ""so whats the combo"
      "the combo is 1,2,3,4,5."
      "woah, what a coincidence. thats the exact same code i have on my luggage!"

      ----i love that movie ----

      --
      YOU SUCK BALLS!
  2. Obligatory Space Balls Quote... by kenthorvath · · Score: 4, Funny
    President Skroob: "What's the combination?"

    Colonel Sandurz: "1-2-3-4-5."

    Skroob: "1-2-3-4-5?"

    Sandurz: "Yes."

    Skroob: "That's amazing! I've got the same combination on my luggage!"

  3. So, who needs Kevin Mitnick? by Uninvited+Guest · · Score: 4, Funny

    Who needs a social engineer to get the password, when we have the fine folks at Sprint around.

    --
    Sometimes I worry that I'll develop Alzheimer's disease, but no one will notice.
  4. New Sprint Ad by Lord_Slepnir · · Score: 5, Funny

    Can j00 0wnz0r me now? g0000d!

  5. Randomize by Jason1729 · · Score: 2, Funny

    ZyXel should set it so the password is randomized by default. That way, it might not be possible for the user to get in, but at least it will be more secure. For boosted security, they could make it re-randomize the password every hour.

    Jason
    ProfQuotes

    1. Re:Randomize by grub · · Score: 2, Funny


      For boosted security, they could make it re-randomize the password every hour.

      Yes, that makes a lot of sense, randomly change the password and lock out the user after an hour. Or were you suggesting something even more brilliant: change the password and display it on the user's screen?

      Sheeeesh.

      --
      Trolling is a art,
  6. Re:Unrelated, but much more serious security hole by Neon+Spiral+Injector · · Score: 4, Funny

    Maybe you missed it cause it was only posted once.

  7. Re:What is the big deal for Sprint to fix this? by Anonymous Coward · · Score: 1, Funny

    You had three T1 circuits dead for three months, didn't notice, and you are mad at Sprint?

    WTF!

  8. keeping their eye on you? by brer_rabbit · · Score: 2, Funny

    how exactly do you come to the conclusion that your ISP was "keeping an eye on you"? I mean, what evidence did you see...

    % wget http://some.site.out.there/foo
    --15:23:09-- http://some.site.out.there/
    => `foo'
    Connecting to 1.2.3.4:80... connected!
    HTTP request sent, awaiting response... 200 OK
    Length: 666 [text/html]

    0K -> .....we... ...are.... .watching. ..you..... [100%]

  9. Re:As I've always said by Anonymous Coward · · Score: 1, Funny

    people will always be stupid. You can't change that.

    Default setup and settings don't need to (be stupid). That can be changed.

    Okay, I only have only parented *two* children so far, so I don't have as much experience as others here may have. That said, it seems to me that the default settings for people pretty much can only be *stupid*. That said, I will verify that these settings can be changed, but it does takes a while.

    Judging by a few folks I have met in my life, though, it seems that *sometimes* the settings may return to the defaults.