Posts Tagged Verizon

Verizon has a sharing attitude.

I have a few friends that are sensitive to conspiracy theories. FEMA camps, chem-trails, government spying are not far from their minds or conversations.

What I have noticed is that all of us (including those mentioned above) have a blind spot when it comes to admitted conspiracies and obvious spying by companies that provide a modicum of services to us.

This came to mind when I read about the change of service terms for Verizon Wireless (link here) that proudly informs Verizon customers that they have 30 days to alter some settings on their online account. If customers don’t change anything, Verizon will provide; Age, Sex, website visits, interests and physical location to third party vendors. (T-mobile and AT&T do the same thing but make it harder to change the default settings. )

The privacy policy comes as a default setting on Verizon phones. Customers that want out of the commercial spying have to go to Verizon’s privacy center. Once there, users have to sign into their accounts and after reading the new policy and given the option, they must choose for their information not to used for commercial marketing purposes.

.
Does it really matter…..? Likely not.
Does Verizon need to collect, archive, share my data to make MORE money off me? Likely not.
Did I change the default privacy settings. Ya!
.

, , ,

No Comments

Verizon FIOS WEP belong to us

I deal with computer security almost every day and just found one of the most shocking lapses in judgment by a major corporation I have ever seen.It will have a huge effect on many of readers of this blogs security for quite a while to come.

Lets boil it down for those non-nerds. If you have Verizon FIOS and they installed your modem/router (comes with the service) your WEP key is being broadcast through out the neighborhood. The secret code to connect to your internet is being sent to everybody in your neighborhood…. wow.

Now for some details. If you have ever fired up your computer in a neighborhood, likely you have seen the new 5 character (example;  H6196, 9RHUN) wireless clouds that pop up anywhere Verizon has FIOS. This SSID is unique and helps you find your wireless cloud. Verizon decided that since they were doing all this work in setting up peoples wireless access points, why not use the MAC address of the modem and generate SSID based on this. This is a OK idea but then ,as per normal for any large corporation, decided to shoehorn the idea into every aspect of the situation. They then used the MAC address to generate the WEP key.

Any user of Network Stumbler or Wireshark knows that the MAC address is broadcast along with the SSID. You take that 5 charicture SSID, run it through the java script WEP calculator at (http://fioswepcalc.webs.com) and you will likely end up with the WEP key of most all your neighbors wireless networks.

Screenshot

Security through Obscurity has been the modus operandi since the start of computers. At some point, if computers systems are to continue, companies that endanger their clients, lose clients data or expose clients to data theft, will have to be held accountable for poor security.

In real life trials, only half of the FIOS WEP keys were valid.

, , ,

No Comments