fsebugoutzone.org:9999

       Post Ahv5o1teVUxwHRfX96 by thirstybear@agilodon.social
 (DIR) More posts by thirstybear@agilodon.social
 (DIR) Post #Ahv5nulb13MWAQqV7I by thirstybear@agilodon.social
       2024-04-27T19:07:44Z
       
       0 likes, 0 repeats
       
       I’m looking at getting fibre to the home connected - it has finally arrived in the village where I live! - and one of the providers says they can “manage my wifi for me”.*Really?* 🤨 So they can get into my router from outside my network, into my mesh nodes and monitor performance/change config remotely?They say it’s “a service”. I say the Gigaspire Blast routers they are offering have been backdoored 🚩Thoughts?
       
 (DIR) Post #Ahv5nvtQpPDxf1WGy8 by thirstybear@agilodon.social
       2024-04-27T19:14:59Z
       
       0 likes, 0 repeats
       
       Mmm….seems the router manufacturers use this as a selling feature…“Every GigaSpire BLAST system is managed by your service provider so they can fix issues before they occur and ensure a simple, amazing experience.”(Right beside “Fully Secure”…oh the irony!)https://www.blastwifi.com/blast-u6/
       
 (DIR) Post #Ahv5nwRSmsRjMZRS0u by thirstybear@agilodon.social
       2024-04-28T14:50:06Z
       
       0 likes, 0 repeats
       
       I can’t seem to get a straight answer out of the ISP, so I hunted around the router manufacturer site. Seems that yes, ISP support *can* connect into the router at will and tinker with settings.“the Wi-Fi systems that you provide for your managed WiFi service can be managed remotely by your customer support team.”IMO this is not a feature, it is a big, fat security #fail. I won’t be attaching one of these to my network any time soon. https://aem-web-dev.calix.com/content/dam/calix-com/assets/solutions/roles/report/subscriber-experience-managed-wifi.pdf
       
 (DIR) Post #Ahv5nytte8NWzKlBbs by thirstybear@agilodon.social
       2024-04-28T14:53:49Z
       
       0 likes, 0 repeats
       
       Also I am getting the impression that this family of routers (Gigaspire Blast) don’t let mere paying customers change the advanced settings. It’s for ISPs who don’t trust their customers with settings like DNS resolvers,  open ports, routing tables, subnets etc. “Nanny knows best” #fail
       
 (DIR) Post #Ahv5o1teVUxwHRfX96 by thirstybear@agilodon.social
       2024-04-30T04:58:05Z
       
       0 likes, 0 repeats
       
       Finally the fog begins to clear, and I received a technical answer to my queries. There is an open standards protocol TR-069 that allows this kind of tinkering without needing full router access.I’m still not entirely sure about how I feel about it, but 1. AFAICS on initial quick look it’s not ssh access, and2. Embarrassingly, I have noticed that my current provider has TR-069 &amp; TR-369 access into my current router, and has for years 😳https://en.wikipedia.org/wiki/TR-069