This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 2.5 License.
The other night I was experiencing issues with playing a YouTube video (terminal buffering) and a link appeared beneath the video offering me an “explaination” for why I was having trouble. That link took me to the Google Video Quality Report.
I’m guessing it’s been around for a while but this is the first I’ve run into it. Basically you’re told how well your ISP handles the various quality levels of YouTube videos along with info on traffic levels throughout the day.
Clicking the “Compare Providers in Your Area” tab gets you a listing of other local ISPs for which you can see their data. In my case I’m trying to “compare” the state’s network to my home ISP and Google points that out to me with a warning that it’s a bit unrealistic.)
It looks like YouTube watching by Nebraska state employees peaks about 2pm, where residents of Lincoln peak about 9pm. Makes sense to me.
Speaking of attacks and “admin” accounts, I found this article yesterday on readwrite.com: Your Next Big Security Headache: Your Wireless Router
For years, manufacturers of home routers have all but ignored security issues, at least when it comes to making sure that consumers update their firmware to close exploitable vulnerabilities. Let’s put it this way: Have you ever updated the firmware on your router? If not, odds are good that it’s got one or more security holes through which a properly motivated hacker could slip.
Attacks on routers aren’t common, partly for logistical reasons that make them uneconomical for hackers. But that could change as technology evolves, criminal incentives shift and security tightens up in other areas. One big potential trouble spot: the embedded Web servers that many routers use for managing their settings — including, of course, security.
Router manufacturers have done a lousy job informing users about firmware updates that would patch security flaws, and are even worse making it easy for users to obtain and install those updates. Such patches are seldom available through automatic services, forcing users to look up the fixes on manufacturer websites.
“These are low-priced, low-power devices,” Tod Beardsley, a researcher with application security vendor Rapid7, said. Manufacturers “may not have the margins on these devices to provide ongoing software support.”
To see what can happen when a flaw remains unpatched, look no further than a major intrusion in Brazil in 2011, when hackers broke into 4.5 million home DSL modems over the Internet. The modems were reconfigured to send users to malware-carrying imposter websites, primarily so thieves could steal their online banking credentials.
Please take a moment to read the full article. I’ll wait…
So, keeping the recent “admin” account-based WordPress attack of late, I went to follow the article’s first piece of advice:
“In your router security settings, make sure you’ve changed any default usernames and passwords. These will be the first things any hacker tries, much the way a burglar jiggles a doorknob to see if it’s unlocked.”
Technically I have two routers: the one from my ISP (Windstream) that only acts as a DSL modem but is still technically a full-blown router, and my NetGear router that actually does the routing on my network.
The Windstream router gave me this:
And the NetGear router gave me this:
In both cases I am not allowed to remove or change the name of the “admin” account!
Granted on the scale of computers issues I currently have to deal with these are on the low end as I’ve disabled any outside access to my routers’ management consoles but this still annoys me to no end. Here’s a case where, as the article mentioned, the companies in question are just being sloppy.
(Yes, I know I could install different firmware, at least on the NetGear, but I don’t actually want to. I’ve got a special one that participates in the SamKnows program and I’d like to keep those features.)
I’ve had my share of cable-based ISPs in the past and let’s just say that they were large faceless corporations that didn’t seem like they were there to help me out. Well, Windstream Communications, my DSL ISP here in Lincoln may be a large corporation but they’re not exactly faceless to me.
Those of you that follow me on Twitter may have noticed that I haven’t’ complained about downtime or slow speeds recently. That’s because the problem was finally solved about two weeks ago. (I wanted to wait a while before telling others lest I jinx the whole thing.) The problem had been going on for months and every time I called yet again. It took a while to be able to skip over the “did you reboot your modem” people and talk to someone who knew what was going on when I called but I persisted and they worked with me at every step.
Ultimately, the problem was actually with the totally crap wiring job the previous owner had done with the phone lines in the house. Not my fault, but not exactly Winstream’s either. But in the end they found the problem and fixed it at no charge. At one point it seemed like they were determined to find and fix the problem, rules about what work they should and should not do in someone’s home be damned, just to get me to stop calling but that’s ok with me. They kept me in the loop about what they were doing and as long as I knew they were addressing my problem to the best of their ability I stayed relatively patient and non-angry.
So, bottom line, thanks to Windstream and especially Ross, Troy, Devon, and Denny, the techs that kept coming to my house and were determined to help me out. It’s been two whole weeks without a single problem and I’m a happy customer. Now, as for when you’re going to get me that 24Mbps connection…