opinion From my apartment in Sydney’s Eastern suburbs my MacBook Pro can usually pick up no less than fourteen Wi-Fi network signals being broadcast in the local area. This number isn’t surprising, given that the area is full of mid-sized apartment blocks.
Of course, some of the names are a little weird — apparently one of our neighbours is a fan of 1980’s British sitcom “The Young Ones”, one network is ironically named “iwantinternet”, and someone has rather laconically described their Wi-Fi signal as “Terry’s Wireless”. The most surprising one is that there’s a Wi-Fi signal somewhere close by labelled “BrokenHillCafe” — a somewhat interesting coincidence, given I spent most of my youth in that town in outback New South Wales.
All of these networks vary in terms of signal strength and label. Some of them are obviously quite distant from our apartment, and others are clearly operated by those who are less technical adept, as they haven’t bothered to change their name from the default — usually referencing Optus, BigPond, or a router manufacturer like D-Link.
However, they all share one thing in common.
Like our own apartment’s Wi-Fi network, they are secured to varying degrees through a combination of mechanisms. Some use lesser-grade WEP encryption (a bold move, given it’s been broken pretty comprehensively), some feature the more powerful WPA family of encryption, and some even go so far as disabling the DHCP function which automatically allocates IP addresses, or even blocking devices which are not approved by MAC address.
There are probably still further networks in the area which we don’t pick up automatically — as their SSID identifier is set not to broadcast.
Enabling these Wi-Fi security features on broadband routers is usually a no brainer. For starters, it stops people piggybacking on your bandwidth for free and downloading whatever they want under your name, but more importantly, it stops them from gaining direct access to your home network and all the goodies — confidential information, for example — that are stored there.
It also stops your data being auto-collected by Google and becoming the subject of a global privacy investigation, but that’s another story.
There are situations where you might want to open up your network, for instance — if you’re troubleshooting something, for instance, or if you want to participate in the global Fon Wi-Fi sharing initiative. But in general, I don’t think Australian society is yet ready for universal open Wi-Fi in residential areas. The risks are simply too great — how do you explain yourself if someone hacks into the CIA from your home wireless network?
However, apparently iiNet doesn’t agree with this fairly standard approach to security. While testing the national broadband company’s new Bob Lite integrated ADSL router yesterday, I became aware that it ships with an extremely insecure default Wi-Fi setup.
For starters, the device ships with its Wi-Fi connection turned on, but with no protection set up — not even the most basic WEP encryption. This means that by default, as soon as you plug the Bob Lite in and turn it on, anyone in your neighbourhood can access it.
But wait; it gets worse.
By default, the Bob Lite also allows Wi-Fi access to its web-based administration interface … where the default password is clearly stated, not once but twice! In other words, as soon as you plug your Bob Lite in and turn it on, it would be trivial for anyone close to your house to log on to the device and do whatever they wanted — even to change the password and lock you out of it, if they so desired. Sniffing packets broadcast over unsecured Wi-Fi connections is also not that hard to do these days.
The seriousness of this problem cannot be understated.
In August 2010, iiNet revealed it had sold some 40,000 units of the Bob Lite’s predecessor by the end of June that year. At that stage the company had some 650,000 ADSL customers, a position that, as its recent extensive advertising campaign has pointed out, places the company as the second-largest provider of ADSL services in Australia (behind Telstra).
With the launch of the full-featured Bob Lite at the low price of $99, or $69 on a contract, iiNet has positioned itself perfectly to take advantage of the fact that every year, tens of thousands of those customers will upgrade their ADSL router. Most of those customers will buy a BoB Lite over the more expensive BoB legacy model — which costs at least twice as much.
What this means is that tens of thousands of BoB Lite routers will be flooding into the Australian market over the next few years — all with the most incredibly insecure setup that you could imagine. And BoB Lite will not usually be sold to technologically savvy users — which means that many of the mums and dads who buy it won’t realise their Wi-Fi access is insecure.
Now, the default security model used by iiNet’s BoB device is not, honestly that unusual — many routers from many different manufacturers ship in a fairly blank state that would allow them to be easily broken in to. However, what makes iiNet’s situation different is both the scale on which it is expected to be deployed — as well as the fact that the company is pitching it as a device which requires very little configuration.
Like Apple does with many of its devices, with its BoB range iiNet is attempting to obscure much of the complex technical workings that underpin its technology, in order that users will find the device easy to use. But this is a dangerous thing to do — when the initial settings are not laid down in a secure manner.
What would it cost iiNet to rectify this situation? Almost nothing. All the company would have to do to fix the security on its BoB Lite modems would be to disable the wireless by default, and set the Wi-Fi to be secure by default unless the user specifically wanted it open. The BoB Lite already comes with a series of user friendly manuals; the extra steps necessary could easily be added in to them. We’ve asked iiNet to respond to the issue, but the company hasn’t yet commented.
The alternative is that iiNet’s BoB Lite range will become notorious in Australia’s internet security community … for all the wrong reasons.
Image credit: Atilla Kefeli, Creative Commons
As you have rightly pointed out, the issue is that Bob is a product that is marketed towards the “I don’t care, I want to plug it in and it works” target audience, and if it doesn’t set up WPA-PSK by default (which is what it should be doing) then that is a problem
I just bought a linksys router (WRT610N) which auto sets up a wireless WPA-PSK password (like you open the router box, you put in the install CD and the installation automatically does it for you). In terms of the packaging on the router, there is the usual “PUT THE INSTALLATION CD INTO THE COMPUTER BEFORE INSTALLING” which auto sets up the password
As for Bob, I am not really sure how that could work without an external CD (which kinda goes against the “plug it in and it works mantra”). I assume that its open so people can just easily connect wirelessly, where as if its using encryption, it would auto create a password, which the router needs to somehow display that password to you, which it can’t do because it doesn’t have a display (and you obviously can’t display the password to the computer because you need to access the wireless network in the first place using that password!). I mean it could display that password to you if you have a computer connected to the router via ethernet, but what if you don’t (like you have everything connected wirelessly to BoB).
This is essentially security, and you can’t make it “plug and play” easy for the user without making the wireless encryption pointless. I guess this is the issue of marketing the product in such a way
As others have pointed out, this whole problem would be solved if router manufacturers simply set up their devices by default with a randomised password and WPA2 encryption, then printed that random password on a piece of paper and shipped it with each router. Then that same password could be used to both log in to the wireless, and also to the router’s administration page.
Once logged in, as per instructions on the same piece of paper, the router could automatically ask the user to change the password to their own choice. If you factory reset the router, it would go back to the default password — or, if you lost the piece of paper with that password, you might be able to reset it further somehow to get a new password.
I guess I don’t have all the answers — but what I am sure of is that iiNet’s approach is at the bad end of the scale.
Agreed, it’s not a great idea.
However, what about a the customer that gets their Bob, and tries to get online with their iPad. Oh, the wireless is turned off and I need to connect via an ethernet cable in order to configure it?
I’ll just use my MacBook Air then. Oh, what, no ethernet either? Hmm.
Yes, it’s a far fetched situation, but with more people buying tablets, who knows?
Surely there’s a big sticker on the Bob though, advising people to secure their wireless.
The BoB does come with documentation about Wi-Fi setup. But there’s no ‘big sticker’ … and when the router ‘just works’ by default, there really is no incentive for a user to secure their network if they’re a n00b and don’t know any better.
I don’t personally believe there are many people who would buy an ADSL router who wouldn’t have a device in their house with an Ethernet connection. However, there may be more of these people in future. Still, this just means the router should have the Wi-Fi active by default — it doesn’t mean it should have the WPA2 encryption turned off as well.
The BoB lite already ships with the user’s ADSL username and password printed clearly on a sheet of paper. Perhaps a random password can be set at the factory and it can be printed on that sheet of paper too?
+1
Yeah I found that out recently and thought how bad that was. Anyone in the chain of logistics/delivery could have got my login and password, found out lots of my personal details from my accounts page and also access my emails.
Do like hundreds of other manufacturers and print a random generated default wpa key on the sticker on the router.
Done.
Uh, I don’t know of any wireless providers that do that (almost all of them, as I know of, have an install CD that sets up the wireless password or tell you how to do it through a manual)
However it shouldn’t really be an issue for iiNet, that have vertical integrated control over the bob router
Telstra do, especially with their NextG/WiFi pills.
Printing on the router is silly for obvious reasons. An install CD is not good enough as more and more people just have wireless for their netbook/phone/tablet.
A little slip of paper with the router will do the job.
Yeah, I’m a fan of the slip of paper idea. It’s easy and obvious to the user and it ensures security is tied to the physical location of the device.
Actually — printing on the router isn’t that terrible a situation.
If you have to be inside my house to read the password – you are either a trusted guest or you’ve broken in and I have bigger problems.
My neighbours can’t see what’s written on the side of my router from their apartment.
Bigger concern is getting the username and password.
Can change your plan, sign up new plans, read your email, etc. etc.
Makes it much easier to facilitate identity fraud.
I don’t know if the BoB or BoB Lite suffers from this, but most routers also allow you to suck out the ADSL username and login details, by viewing source on the page where are displayed with ******. In some cases you need a bit more work, but usually you can discover them within about 15 mins of trying.
I’m not sure if you could do this on the BoB … from memory it and most other routers don’t actually display the password when you enter it, so it should be a little harder to suck that out. Of course, if the wireless wasn’t secure and the password was entered via Wi-Fi then it could be packet sniffed. This, no doubt, would definitely happen if you had an unsecured Wi-Fi connection at Black Hat, but I’m not sure how often it would happen to a home-based Wi-Fi setup ;)
Right click on the password page, view source.
Search for the text of your username, or the word username. see if the password is nearby.
If it looks like gibberish, it may be base64 encoded. paste it into a base64 decoder to recover it.
I had a Telstra supplied modem that required a more complex recovery, but in the end someone had made a little javascript thing you could just copy/paste in
Haven’t found a modem yet that doesn’t save it somewhere easily web accessible.
On many billion routers ( at least many of the previous models) you just simply download a ‘backup of configuration’ file, open it in notepad then search for the password ISP username – the password is just afterwards.
I’ve used it many times to recover my own, or clients ISP login details.
There is good and a bad side to this, the bad side is obvious, the good side is less obvious.
I have helped a number of people in the past setup new routers/modems or setup their ISP provided email; the problem is almost all of these people have forgotten their passwords and not taken note of it, not kept the papers their ISP gave them. Calling their ISP is a long process, first you have the waiting queues then the verification – most ISPs won’t let you call on behalf of someone and trying to get some people on the phone (particularly seniors) can be a nightmare, since they don’t understand the problem.
In cases like this, having the ability to retrieve the password is a Godsend.
“Do like hundreds of other manufacturers and print a random generated default wpa key on the sticker on the router. ” Like Bigpond you mean? However you can never generate random number, there has to be a seed to generate the number. Bigpond used a hardware serial and the ssid to generate the random number, which turned out to be not so random at all and is easily deduced from the ssid, and yet there are now millions of these devices around that appear secure to the user but are actually easily broken.
There us no practical way to produce a random serial number to be stuck to the bottom of millions of routers and have those routers ship with that password already installed, just needs a bit of logical thinking to realise that. far better to allow the end user to set it up when they receive the item, that way it would never be tied to the hardware and therefore vulnerable.
As long as the key isn’t derived from anything linked to the router then nearly-random is good enough.
“There us no practical way to produce a random serial number to be stuck to the bottom of millions of routers and have those routers ship with that password already installed”
Hmm … I’m fairly sure there is — I suggest a mathematician would find this fairly trivial. And you’d be surprised what they can do in router factories these days.
Some previous attempts to do this have been very badly done.
Telstra’s Speedtouch modems WPA was easy to crack just a year ago, because the SSID (access point name) and the WPA key were derived from the same place and you could generate a small set of possible WPA-Keys if you knew the SSID
http://www.itwire.com/business-it-news/security/30338-every-bigpond-speedtouch-router-wifi-password-vulnerable?start=1
Home wireless devices are easy to crack and the value of the data is high for anyone interested in identity theft. It’s a vulnerability that will come to cost us more as time goes on.
Uh, you could just use something else as a random seed. Like the internal customer number represented by the ISP, or something
But thats even assuming you know what algorithm was used to generate the random number in the first place….
Im pretty damn sure thats really not an issue
If they can program the router with its serial number and stick a label with its serial number to the unit, why is it a problem to print a piece of paper that goes with it?
It doesn’t need to be printed at the same time, it doesn’t have to be stuck to the unit. when you program the router with the serial number you put in an initial random password and key, store these in a database and print them out when the device is packaged.
The other thing is these do not have to be the default values, they could be initial values without being defaults.
lol, so true. I have a bob original and it came with wifi turned on, with no password and web interface access though wifi. Sure it made it easy for me to set the thing up (which I must admit was super easy) but its very easy for any one to setup a computer to listen to new bob’s and configure the 2nd wifi network for back door access.
While I don’t expect them to print a new password with every bob, disabling default web admin console over wifi is the bare minimum they can do.
BTW bob’s been the best router I’ve had so far! No need to restart daily or even weekly. Actaully never had to restart it for about 3 months now and I have 2 laptops, 2 phones and a xbox sharing it.
Interesting to hear the original BoB had the same problem.
It will be interesting to see if the BoB Lites can match the same quality as the original BoB — to my knowledge Belkin made the original, while iiNet designed the BoB Lite itself and had factories in Asia manufacture it — it will be interesting to see whether there is any difference in build quality and reliability. Typically I place my trust in Linksys — even more so now that they’re owned by Cisco. But I have been known to buy NETGEAR, D-Link, and even Netcomm, in my time.
if people are too stupid to read the manual before setting up their router, its their own fault.
The problem with the BoB Lite is that there is no way to secure it straight away — even if you do read the manual, it will switch on the unsecured Wi-Fi as soon as you switch it on. Even an advanced user can get hacked in the first minute or so of the router’s life.
Not a fair comment. Average Joe doesn’t deserve to be exposed to identity theft, have bank details stolen, and family photos deleted, just because he didn’t read a manual.
WEP ENCRYPTION is better than none at all
The argument tends to be WEP is weak don’t use it because easy to crack open. Yes this is true and however you need a tools, knowledge and purpose to crack into somebody WEP enabled network
Frankly it’s better than none at all and quite uncommon for you to be living with timmy the amateur script kiddie and next store neighbour.
I know when internode configure their customer purchased CPE devices. Wireless is turned off and never enabled
Sorry, I don’t agree WEP encryption is better than none at all. That’s like saying we might as well send our 1940’s-style tanks into a fight with a modern cruise missile. Sure, you could argue it’s better than sending men on foot. But the reality is it won’t make a single jot of difference.
WEP encryption is like Telnet: An obsolete and insecure technology that nobody should be using or encouraging others to use in 2011.
A Padlock is old technology too. You can easily break them with a padlock, hammer or bolt cutter and finally axel grinder
However people still use a whole range of quality vs cost
If WEP was a padlock. It would be the one for 3 bucks at the local super market and give you basic protection needed against theft. However its very rare for a seedy man to want to break the lock with “lock breaking tools” and then visit the local cash converters
Fair point. But your analogy is still a little flawed … there is a difference in price between different types of padlocks. Both WEP and WPA are completely free.
WEP is actually more expensive if you happen to have one of those nasty laptop hackers bumming off your net and taking your quota ;)
If any wireless router manufacturer is setting a wireless encryption as default, and its WEP, they should be shot in a dignified manner
“If any wireless router manufacturer is setting a wireless encryption as default, and its WEP, they should be shot in a dignified manner”
Or undignified; I’m fine with undignified ;)
WEP be the cheaper padlock and lower class/quality lock
WPA/WPA2 are more expensive or high class locks.
WEP will provide someone with the basis protection to keep anyone from just connecting to their network. However as I keep explaining you need the software to sniff/crack it and reason to breaking
I’ve previously worked on Internode help-desk and they sell billion modems or now the frizbox to customers. All the customers would normally call the help-desk to configure a wireless router and always you’d try to set it to WPA/WPA2. As I explained before WIFI is always turned off!
I would assure this would happen in IINET with the BoB light. Customers would be expected to normally call into the helpdesk for helping to configuring wifi with WPA/WPA2 security instead of WEP
Even when they do connect via WEP. The network would reset when the configurations are saved and different SSID
“Hmm … I’m fairly sure there is — I suggest a mathematician would find this fairly trivial.”
There are no random numbers, and if a mathemetician found it trivial he will almost certainly not be generating random numbers or keys, there’s always a pattern, it may be complex, but that’s what computers are good at, cracking complex number puzzles.
The only way to generate true random numbers is with a physical process, ie dice tossing, coin flipping etc, any process a computer uses to generate random numbers are basically psuedo-random numbers, or in other words they fit into the category of “not really random, but random enough to fool most people”. If a computer is generating random numbers, it is using an algorithm to generate it, the algorithm needs a seed, and therefore it isn’t random.
hey mate, I don’t have the theoretical mathematics knowledge to argue with you about this. But I know there is a certain amount of computer-generated randomness inherent in encryption — and there are encryption standards which nobody can break — except if they had amounts of computer processing power and time which are impossible by today’s standards. And I know that random elements are also introduced into computer-fuelled gambling devices like poker machines — and that mathematicians are employed to make sure the element of randomity is sufficient to pass any test that matter.
Given this, the statement that it would be impossible to produce a decently random admin password for a router is incorrect, by my lights.
Few things wrong . While it’s true a computer algorithm can’t produce a true random number, it is possible to generate random numbers using electrical and mechanical noise found in chaotic physical systems that can be tapped and used as a source of true randomness.
The thing is though, it’s not needed. High quality algorithms are by far sufficient enough for even the most cryptographic applications. But in this specific case, you don’t even need random numbers just some long password.
Just set the router password a to 10+ character, non repeating letters and numbers and increment it for each router. ie. router N pw = 125395BND323 then router N+1 pw = 125395BND324
And loop when you get to the end. It doesn’t matter that the passwords are predictable, as long as they aren’t based on the router in anyway and they are long enough that they can’t be brute forced in a reasonable amount of time they are secure enough for any normal use.
Telstra ship their gear just as insecurely – motorola modem with totally insecure wifi enabled by default.
Can’t say I’m surprised :(
It’s harder to blame Telstra because they didn’t manufacture the modem.
Given that Bob Lite (like BOB) is TR69 enabled, i think it’s easily possible that something like this can be fixed to a degree by iinet. In fact, it would be trivial to secure the wireless with the same password that the customer is provided for their internet connection.
The real cost of securing wifi on domestic routers is that a) it can make setup more complicated and b) it will make more people call (= more cost)
The problem with securing it at the factory is you don’t know what customer is going to get it, so the seed has to be specific to the router. Make the wrong decision, you are Telstra and you get negative press. You also have to commit to one strategy for 40,000 units.
The problem with securing it by TR69 is that it is unsecured until the internet connection is provisioned, or for a few minutes after the customer plugs it in, making the instructions incorrect, sometimes. The experience is confusing – one minute you are on wifi, the next you are not.
Simple issue with complex solutions. Have a go anyway Renai, I’m sure you got that one for free :) But at least iinet have the option of building someting in TR69 so keep the pressure up, I’m sure someone will get a whipping and it will be rolled out on a friday afternoon :)
True — iiNet could secure it from their end automatically. But I think this would confuse the customer — if they connected their modem up and then turned it on, and iiNet then synchs the Wi-Fi password with the ADSL password, how do they then get access to the router’s admin interface, without calling iiNet? I guess in most cases they would already know the broadband password — as iiNet emails it out to new customers when their connection goes live. But it still seems a little complicated and over-engineered.
Also, I agree with this, in this case: “The problem with securing it by TR69 is that it is unsecured until the internet connection is provisioned”. What if the customer doesn’t immediately connect their router to the ADSL, or what if it takes too long to synch, and some breaks in in that 60 seconds?
Also, with respect to the Bob Lite and getting it for free — actually we didn’t. It was a review unit which is being picked back up by iiNet tomorrow (Tuesday). Delimiter’s ethical policy prohibits staff from receiving gifts worth more than $300 — except for occasional vendor-sponsored travel to conferences etc. We want to stay clean ;)
1) Its not hard to connect to the admin interface and fix this.
2) Windows itself warns you before you connect to a unsecured network. These casual users should pick up on the fact that the network is unsecure.
3) If someone locks you out of the Bob lite, you can reset to factory defaults surely… Then secure the network.
Paper slip idea = bad,
I’d reckon 1 in 5 people would throw it in the bin and not even realize :) also I would think from the manufacturing point of view it would be a nightmare getting the right slip put in with the matching modem at the time of Packaging.
or put a big warning sign on the box “this unit will not have any security setup when turned on and your private information could be at risk” lol.
this is a big screwup on iiNet’s part… or is it? by introducing routers with no security as default, they nthen have arguments against things like pesky lawsuits where ‘iiNet customers’ allegedly downloaded civilly infringing content.
The biggest issue is, and this will become less of an issue as time goes on, is that some machines just don’t handle wireless encryption schemes very well.
A classic example is Mac OS 10.4. Prior to 10.4.5 it didn’t handle WEP encryption very well at all. Further, it also struggles with WPA2 even at 10.4.11.
Windows XP SP1 also has problems regarding certains types of wireless encryption from experience. And this is why iiNet isn’t shipping with wireless security enabled by default. They have to cater for the fact that some people will have old PC’s and won’t be able to connect to the things wirelessly to administer them in the first place.
After all, people with these kinds of machines are also going to be the people who won’t connect to it via ethernet because it’s a wireless access point.
Sadly it’s a lowest common denominator situation that has no secure method of resolving.
Poorly informed, very opinionated article.
It is far and away most common for Broadband routers to have open wireless by default. It’s the easiest way to get connected. Default user name and password sets are also common for the web interface of a router, again it’s a matter of simplicity.
I’ve worked in tech support for a number of years also at several ISP’s and the number one issue is always wireless passwords, usually ones that the user set up in the first place and forgot about.
Having passwords on by default would be an expensive exercise for iiNet and it’s call centers. Not to mention the user experience would be a lot more complicated.
So before you sledge iiNet for standard industry practices, take off your tinfoil hat and check out any Linksys, DLink, Netgear router, the all have open wireless on by default.
Besides, I’ve had a open wireless for over 2 years and on several occasions I’ve had people come up and say thanks for the access, and I’ve never had any negative experiences with doing so.
Fear mongering articles like this are the reason my grandparents are scared to do anything online. Shame on you.
A few points with this article.
” how do you explain yourself if someone hacks into the CIA from your home wireless network?”
Well since hacking someone’s WiFi to gain access is generally a lot easier than hacking into a secured server… I’d say that Johnny Hacker would have no problems with the former.
“This means that by default, as soon as you plug the Bob Lite in and turn it on, anyone in your neighbourhood can access it.”
Yes, for the minute or two while you set it up, it is open. But if you are stupid enough to tell the neighbourhood “I’m setting my unsecured WiFi up on Wednesday at 11:55” so that they can be scanning for access at that exact time, then you deserve to lose the bit of bandwidth that the guy next-door will steal while you set up the device.
This does appear to be a storm in a teacup. I know I never noticed the CIA hackers using my WiFI while I followed the steps and secured my BoB. Possibly because it never occurred.
BoB and BoB Lite both come with setup CDs what setup the wireless network specifically and uses WPA.
Wow shouldn’t goto lunch and then comment before refreshing.
And seriously much to the disappointment of imagination, there aren’t hordes of ‘hackers’ waiting to crack into your wireless network every other second.
Take BoB out of box, plug BoB in, run CD. Done.
Bob is not the only Router to come with no security set up. I have had several Dlink andBillion routers that I have set up for myself and friends and they have always had wifi on, wireless Security Off.
Sounds like you just want to bag out iinet!
I do enjoy bagging out iiNet :) But I still think shipping this device with such an insecure default install is dodgy.
Like I said IINET could of done it intention. Because most customers should call thru to helpdesk for setting the modem up properly anyway
Ok, I have nothing constructive to say post… Just wanted to say I’ve been a reader of delimiter for a long time and I had no idea you were from Broken Hill (or lived here)!
Hehe to be sure, Yoshi — my family is actually quite well known in Broken Hill. If you’re ever at Broken Hill High School, go and check out the dux board — you’ll see my name under ‘1998’ ;)
I was wondering about the name LeMay. I had a teacher at school called LeMay, any relation?
Both my parents are teachers. What class was it for? :)
The guy that I had as a teacher was at central school, I think he was a reading teacher for the kids with learning disabilities, but when I had him as a teacher it was when he filled in for my teacher a few times when she was away. And I also know his wife was a relief teacher. So I’m guessing that they are your parents?
Small world O_o
Yeap that’s them! lol such a small world! :)
Haha yeah it sure is.
Do you reckon you’ll ever move back here? Everyone I know who moves away always end up coming back here. It’s a curse lol
No way; I hate it and will never go back :) Sydney is my home.
Haha fair enough, though that’s what everyone says before the curse hits them and they move back here :p
I don’t blame you though. I hate it here too and I’d love to move, but I have a really good web development job which is long term and I don’t want to throw that away :( Maybe when my “10 years on the job” milestone comes I’ll consider getting away from here…
It’s true – the bob lite does not come with security by default. They do it this way to make it easy to set up for the non-techies. However the manual and web interface are exceptionally well made and simple to follow. They clearly tell you why it is important to set up security and they make it very easy to do so. Furthermore, of all the ISP’s I have dealt with iiNet provide the best phone support by a long shot. They are well trained, very helpful and even the sales representative knew to instruct me about setting up security as soon as it was connected. I kid you not – I once had a Telstra technical support officer tell me “Security is not important for home networks.”
All in all I am thrilled with my BobLite and I do not think that the claim ‘they are insecure by design’ is at all correct. I argue that they are more secure than many other products because they make security easy for non technical users. Security analysts easily forget that the average user does not know what they are talking about.
Comments are closed.