Sprint DSL's Security Hole Easy As 1,2,3,4
An Anonymous reader points to this Wired article, excerpting "Sprint officials acknowledged that remote access to the administrative software embedded in the ZyXel Prestige 642 and 645 modems is by default protected with a password of '1234.' But the company said users are responsible for securing the equipment, which stores login data, including the user's e-mail address and password." Wired found that more than 90% of the modems they polled were using that default password.
Time to change the combo on the luggage again.
Colonel Sandurz: "1-2-3-4-5."
Skroob: "1-2-3-4-5?"
Sandurz: "Yes."
Skroob: "That's amazing! I've got the same combination on my luggage!"
Who needs a social engineer to get the password, when we have the fine folks at Sprint around.
Sometimes I worry that I'll develop Alzheimer's disease, but no one will notice.
Can j00 0wnz0r me now? g0000d!
ZyXel should set it so the password is randomized by default. That way, it might not be possible for the user to get in, but at least it will be more secure. For boosted security, they could make it re-randomize the password every hour.
Jason
ProfQuotes
Maybe you missed it cause it was only posted once.
how exactly do you come to the conclusion that your ISP was "keeping an eye on you"? I mean, what evidence did you see...
.....we... ...are.... .watching. ..you..... [100%]
% wget http://some.site.out.there/foo
--15:23:09-- http://some.site.out.there/
=> `foo'
Connecting to 1.2.3.4:80... connected!
HTTP request sent, awaiting response... 200 OK
Length: 666 [text/html]
0K ->