Friendly forums for passionate Dems!
More than 91 million posts since 2001
Home Latest Greatest Videos Forums Hide ads Join up!
Home Latest Greatest
Videos Forums Help
Hide ads Join up!
Latest Discussions»General Discussion»Verizon FiOS Quantum Rout...
Welcome to DU! The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards. Join the community: Create a free account Support DU (and get rid of ads!): Become a Star Member Latest Breaking News General Discussion The DU Lounge All Forums Issue Forums Culture Forums Alliance Forums Region Forums Support Forums Help & Search

General Discussion

Related: Editorials & Other Articles, Issue Forums, Alliance Forums, Region Forums

TheBlackAdder

(28,209 posts) Thu Mar 7, 2019, 06:10 PM Mar 2019

Verizon FiOS Quantum Router Advisory: Updates Pulled MAC Authentication, Bricking Those Devices

Last edited Thu Mar 7, 2019, 07:34 PM - Edit history (1)

.


In this day of security exposures, Verizon is taking leaps backwards in securing their clients.


1) They violated the first principal of router security. They force all router userids to 'admin'

2) They store all router configuration information on their website, probably in some unsecured cloud storage. This includes your WPA-2 keys, you know... the shit that you are supposed to keep private.

3) They just performed a firmware update, which pulled user's ability to secure devices by MAC Address.


The problem with #3 is that this was an untested patch, that removed the MAC Address Filtering option, but at the same time, orphaned router code is now denying all of the devices that were being filtered. Somewhere, a sticky bit is no longer being set to allow a MAC address.

This might require performing a Factory Reset on your router to gain access to those devices again.


====


So, if you have Verizon FiOS and all of a sudden all of your MAC filtered devices fail to connect, you might have been subject to this untested patch that essentially bricks your wifi devices until a reset is performed. When it comes back, you will still be unable to perform MAC filtering.


UPDATE: I performed a factory reset, and guess what I found now? They weakened the encryption key standards back to 2010!

They no longer accept: Less than, greater than, single quote, double quote, percent sign, semi-colon, left paren, right paren, And sign, plus sign, tilde and the squiggly above the tab key.

Now I have to update 12 devices to retrograde them.

.

InfoView thread info, including edit history TrashPut this thread in your Trash Can (My DU » Trash Can) BookmarkAdd this thread to your Bookmarks (My DU » Bookmarks) 11 replies, 1516 views
ShareGet links to this post and/or share on social media AlertAlert this post for a rule violation PowersThere are no powers you can use on this post EditCannot edit other people's posts ReplyReply to this post EditCannot edit other people's posts Rec (6) ReplyReply to this post
11 replies = new reply since forum marked as read
Highlight: NoneDon't highlight anything 5 newestHighlight 5 most recent replies
Verizon FiOS Quantum Router Advisory: Updates Pulled MAC Authentication, Bricking Those Devices (Original Post) TheBlackAdder Mar 2019 OP
Renting a router from your Evil Giant Corporation Internet Service Provider is nuts. hunter Mar 2019 #1
Does Verizon allow your own router? I rent the modem from Cablevision because... TreasonousBastard Mar 2019 #2
I bought this thing. I'm thinking about getting my own Linux Router so Verizon can't get past it. TheBlackAdder Mar 2019 #3
I dont understand this Mosby Mar 2019 #4
Good question-- I think it's a hybrid, now that they're getting out of the phone biz. TreasonousBastard Mar 2019 #6
Cell phone, voice, television, internet phone, copper land line, etc. Check out my update! TheBlackAdder Mar 2019 #7
They've been doing the hard sell for people to buy them. I did. It was around $125. TheBlackAdder Mar 2019 #5
You could still put a router you have full control over downstream. hunter Mar 2019 #8
Yep. That's what I am planning to do, since this thing is essentially wifi bricked. TheBlackAdder Mar 2019 #9
Calling support, and it sounds like an off-shore call center, not in this hemisphere. TheBlackAdder Mar 2019 #10
Sounds like they got cheaper firmware fescuerescue Mar 2019 #11

hunter

(38,317 posts)
1. Renting a router from your Evil Giant Corporation Internet Service Provider is nuts.
Reply to TheBlackAdder (Original post)
Thu Mar 7, 2019, 06:23 PM
Mar 2019

But they're not going to tell you that.

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post

TreasonousBastard

(43,049 posts)
2. Does Verizon allow your own router? I rent the modem from Cablevision because...
Reply to hunter (Reply #1)
Thu Mar 7, 2019, 06:37 PM
Mar 2019

it's cheap and I'm too lazy to change. And it's just as well they handle any updates.

But a router? No way.

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post

TheBlackAdder

(28,209 posts)
3. I bought this thing. I'm thinking about getting my own Linux Router so Verizon can't get past it.
Reply to TreasonousBastard (Reply #2)
Thu Mar 7, 2019, 06:45 PM
Mar 2019

.

Right now, I have Private Internet Access VPN, and down the road I want to get a VPN-enabled router.

.

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post

hunter

(38,317 posts)
8. You could still put a router you have full control over downstream.
Reply to TheBlackAdder (Reply #5)
Thu Mar 7, 2019, 07:44 PM
Mar 2019

It would add a little latency, but no worries for most users, essentially turning the Verizon router into a dumb modem allowing you the finer control of a router you truly own.

It seems that even if you "buy" this Verizon router they still control it.

My own AT&T system compatible "DSL+" modem, which I own, is as dumb as a rock. It's attached to my router, which I also own, that I have very fine control over. It's set up so Netflix get's first priority on our television, our known home computers and guests second priority, and anyone and everyone else within wifi range can share whatever's left of our limited-only-by-bandwidth internet connection.


TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post

TheBlackAdder

(28,209 posts)
9. Yep. That's what I am planning to do, since this thing is essentially wifi bricked.
Reply to hunter (Reply #8)
Thu Mar 7, 2019, 10:57 PM
Mar 2019

.

Their support sucks, they didn't back off a broken patch.

I can't even get the devices to work if I CAT-5 them to the router. The router is still locking them.

.

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post

fescuerescue

(4,448 posts)
11. Sounds like they got cheaper firmware
Reply to TheBlackAdder (Original post)
Fri Mar 8, 2019, 12:09 AM
Mar 2019

Time Warner did this a few years ago. They replaced the Cisco provided (and licensed) software with their own crappy software. Sounds like what has happened here.

ISP's have a HUGE incentive to develop their own endpoint firmware. If they can save $10 a month per user in license fees, its the same as raising everyone rates $10. It's enough to move the needle on their stock price typically. The problem is, ISPs SUCK AT IT!

As for #1, admin isn't that big a of a deal and hardly hardly the 1st rule of router security. The userid is known as a well known secret. It's the password that is secret. Back when I used to manage security vulnerability response for a well known massive router manufacturer, I wouldn't even issue a psirt/cert advisory on that, but I would tell the development team to make the userid user selectable (where 90% will end up using admin, supervisor, root, etc, and the other 10% using their own standard userid that everyone knows)

#2. Could be a problem. Depends on how they store the credentials. but I don't like it.

#3. Just incompetence. As I mentioned, ISP are rank amateur when it comes to endpoint firmware.

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post
Reply to this discussion
Latest Discussions»General Discussion»Verizon FiOS Quantum Rout...
Home | Latest Discussions | Greatest Discussions | Latest Videos | All Forums

About | Copyright | Privacy | Terms of service | Contact

In Memoriam

© 2001 - 2024 Democratic Underground, LLC. Thank you for visiting.