Archive for March 9, 2017

BREAKING: Rogers Ignite Internet Down Across Southern Ontario

Posted in Commentary with tags on March 9, 2017 by itnerd

Rogers appears to have widespread and severe issues across Southern Ontario where Ignite Internet users are intermittently unable to surf the Internet and ping rates that are through the roof. Reports first surfaced on DSLReports of this at 5PM and were later confirmed by Canadian Outages as per this map that I took a screen shot of:

Screen Shot 2017-03-09 at 7.08.07 PM.png

That is not a small piece of real estate. I can confirm that these problems exist and they are serious. As I type this, Rogers appears to not be admitting that they have an issue despite the fact that they clearly do. This will only add to the frustration of Rogers users who have suffered through their rather problematic rollout of DOCSIS 3.1 which I have documented here since late last year. Myself included.

Updates as they come.

UPDATE: A reader pointed me towards this Tweet where Rogers seems to be admitting that there is a problem. But they seem to be minimizing the impact:

Screen Shot 2017-03-09 at 7.18.28 PM

UPDATE #2: According to a post on DSLReports, this appears to have started at 1:45PM. I took a screen shot of the post in question where you can see when the trouble began:

Screen Shot 2017-03-09 at 7.26.00 PM

UPDATE #3: Rogers has finally publicly admitted on their Twitter feed that there is an issue:

UPDATE #4: At 3:30 AM this morning (Friday March 10th) the issue was apparently resolved. A modem reboot may be required to restore full functionality. But based on the e-mails and the odd Tweet that I have received, this might have been the last straw for Rogers customers who have been frustrated with issues that the provider has had over the last couple of months. Rogers retention department is going to be a very busy place today I suspect.

UPDATE #5: This appears to not be fixed. Please click here for a new story on this issue.


Flaw In D-Link Router Allows For Remote Pwnage Of Said Router

Posted in Commentary with tags on March 9, 2017 by itnerd

If you have a D-Link DIR-850L router, you should pay attention to this CERT notification. Apparently there’s a flaw in the firmware of this router that allows a remote attacker to run commands on the router. Effectively pwning the device. Now this becomes a really big deal is remote administration is enabled as anyone on the Internet can pwn the router. At present, D-Link has released beta firmware that apparently addresses this issue. However, I would take note of what CERT had to say about that:

The vendor has publicly disclosed the issue along with beta firmware releases (versions 1.14B07 h2ab BETA1 and 2.07B05 h1ke BETA1, depending on the device’s hardware revision), which are available from the product information page, but it is unclear whether the beta releases should be considered a proper solution.  

I don’t consider beta anything to be a proper solution. Thus if you have one of these routers, the best that you can do is disable remote administration if you enabled it for whatever reason and wait for D-Link to come out with a proper solution to this.

Tech Giants To Get Access To CIA Hacking Arsenal

Posted in Commentary with tags on March 9, 2017 by itnerd

One of the things that I have said is that it’s not good that the WikiLeaks dump of the CIA’s hacking tools could give the bad guys a head start in terms of using these exploits to do really bad things. WikiLeaks seems to have thought of this and Julian Assange said that he’ll give first crack at seeing these exploits to the likes of Apple and Google via a press conference streamed on Periscope on Thursday that I watched.

My thoughts on this are that this is good. However, those who I will call the forces of evil don’t need the actual exploits to cause problems for the rest of us. That’s because just reading the documents and seeing what’s in them can give someone enough ideas to reverse engineer whatever the CIA did. That’s bad.

What’s worse is that even if WikiLeaks does this, it doesn’t mean that you’ll get a fix for whatever exploits the CIA has. For example, Android users have to deal with the fragmentation of that platform due to how many companies make Android phones and how many cell carriers tweak them for their networks. That means that it takes forever to get fixes out to users. If they ever appear at all. Users of iOS don’t have this problem as Apple pushes OS updates to every iDevice from 1 Infinite Loop. But they along with users of other platforms may be faced with the fact that some of the exploits that the CIA use aren’t easily or quickly fixable. Add to that the nightmare that is potentially out there for makers of IoT gear who have to rely on users to update their gear (which for the most part they don’t), which of course assumes that these companies actually will provide updates as many don’t, and you have a major problem that’s brewing.

I for one will be watching closely to see how this plays out. It may not be pretty.