Results 1 to 9 of 9

Thread: When Will UK ISP's Learn?

  1. #1
    Junior Member SWFu64's Avatar
    Join Date
    Jan 2010
    Posts
    97

    Default When Will UK ISP's Learn?

    What with BT Shipping all home hubs with only wep, and now Sky:

    Sky Broadband advises customers to consider changing their default Wi-Fi passwords - because the apparently random network keys are guess-able.

    The ISP issues customers with a wireless router that is pre-configured with wireless security switched on, and an apparently random network key. This sounds like a good plan. However, the key is based on the router's MAC address, which is broadcast "in the clear" - i.e in unencrypted form.

    Reg reader James, who brought the issue to our attention, said that getting the MAC address is trivial and working out the algorithm that links it to a network key is "not exactly rocket science".

  2. #2
    Senior Member
    Join Date
    Jan 2006
    Posts
    1,334

    Default

    Well I suppose it's still a step in the right direction, compared to most ISP's and wireless router manufacturers, worldwide, shipping wireless routers absolutely wide open!

  3. #3
    Member
    Join Date
    Nov 2007
    Posts
    220

    Default

    I was under the impression all the SKY routers shipped were WPA by standard?
    wtf?

  4. #4
    Senior Member
    Join Date
    Jan 2006
    Posts
    1,334

    Default

    Quote Originally Posted by Andy90 View Post
    I was under the impression all the SKY routers shipped were WPA by standard?
    Yes, they are.
    What the report is saying is that Sky use a simple algorithm to generate a WPA passphrase based upon the mac address.

    It's an unfortunate method to choose, but it's still got to be better than a "factory default" wide open box like most manufacturers and ISP's provide to the market.......

    They also use custom firmwares which remove the login details section from the manufacturers web-based config utility.
    The only way to obtain the username or password (even for the owner) is through an html injection technique.

  5. #5
    Member
    Join Date
    Nov 2007
    Posts
    220

    Default

    Right yes sorry, I read that thread to say "BT ship only WEP and now do so sky", sorry my bad read it wrong.
    wtf?

  6. #6
    Junior Member SWFu64's Avatar
    Join Date
    Jan 2010
    Posts
    97

    Default

    A friend of mine is waiting on her Sky router to come in the post, I'll see if I can figure it out.

  7. #7
    Just burned his ISO
    Join Date
    Oct 2006
    Posts
    24

    Default

    man here ISP recommend against any security so the noobies can leave their helpdesk alone of "i cant figure this out.." calls

  8. #8
    Just burned his ISO
    Join Date
    Feb 2008
    Posts
    19

    Default

    Hi

    I have got 2 spare sky routers which i am prepared to give the mac address and wpa key to someone if they think they can work the algorithm out

  9. #9
    Member
    Join Date
    Aug 2007
    Posts
    468

    Default

    Have a search for the Eircom WEP key issue, that did the same thing.
    Used weak cypher of the MAC + SSID + quote from a Jimmy Henriks IIRC.


    */

    I'm to tired to find the link, but will edit in the morning.

    /*

    Quote Originally Posted by woody565 View Post
    Hi

    I have got 2 spare sky routers which i am prepared to give the mac address and wpa key to someone if they think they can work the algorithm out

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •