Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×

Comment: Re:Ummm...try changing the password! (Score 1) 545

by Vampo (#33107452) Attached to: Verizon Changing Users Router Passwords

That port is allowing access to the "Connection Request" page which is only a trigger for the CPE to initiate communications with the ACS server it already knows. Unless the CPE has been hijacked and the ACS server location has been tampered with, the only thing that an unsecured Connection Request page could cause, is a DDoS attack on their servers by someone requesting connection from all their CPE's in the field.

The two ways that I can imagine TR-069 being exploited are DNS spoofing (CPE talks to the wrong server - someone could mess up the settings on the CPE but won't get any passwords) and access to the LAN side pretending to be a TR-069 client (could get access to any passwords sent to the "CPE" from the server).

What should be read from the CPE and what should be set on the CPE is subject to discussion on a daily basis (just did an ACS implementation at work) but the protocol itself is not the problem.

Comment: Re:Breaking News! (Score 1) 192

by Vampo (#27938725) Attached to: Greece Halts Google's Street View

I'm Greek and I'll be the first to admit that the police can be bandits (putting it mildly) at times as the OP mentioned.

While plain spotting is a well documented hobby, there is no excuse for taking pictures of airplanes in areas where there are more "no photography" signs than "no smoking" signs. On top of that, noting the plain numbers in crossword puzzles is not exactly "openly" collecting data.

As for spies, i don't thing they all drive Aston Martins, wear black suits and sunglasses.

I'm not trying to defend the actions of the police. They should have let them go with a warning, perhaps confiscate any cameras or film rolls if they wanted to cover their backs, but lets call a spade a spade. These guys hadn't done their homework. They went on holiday to a place where photographing military installations (most airports in Greece are classed as that) is prohibited, they found out they shouldn't take the pictures but they went ahead anyway thinking they can get away with it.

All great ideas are controversial, or have been at one time.

Working...