Time Warner Cable customers would do well to poke their heads under their desks and see what sort of hardware has been attached to their computers. It seems that individuals who’ve been stuck with a certain cable modem/Wi-Fi router combo may be at risk. 65,000 Time Warner Cable Customers At Risk Considering that this problem relates to some hardware, we’ll cover the good news first: there’s no melting or fire hazard. The lights on the SMC8014 series device in question shouldn’t even blink more, increasing your electric bill. So at least everything’s safe enough on the physical front. Kim Zetter outlined the real issue. “[David] Chen, founder of a software startup called Pip.io, said he was trying to help a friend change the settings on his cable modem and discovered that Time Warner had hidden administrative functions from its customers with Javascript code. By simply disabling Javascript in his browser, he was able to see those functions, which included a tool to dump the router’s configuration file.” Then, “That file, it turned out, included the administrative login and password in cleartext. Chen investigated and found the same login and password could access the admin panels for every router in the SMC8014 series on Time Warner’s network - a grave vulnerability, given that the routers also expose their web interfaces to the public-facing internet.” Hackers could in fact effectively point users towards any malicious site they pleased. It’s estimated that the vulnerability could affect about 65,000 of Time Warner Cable’s customers. The company’s issued a temporary patch, and is working on getting out a permanent fix in response, although it hasn’t set any sort of release date. Since there appears to be a sort of race against potential hackers taking place, though, Time Warner Cable customers might remember that they can always buy new hardware on their own time instead of wait.
See the rest here:
65,000 Time Warner Cable Customers At Risk
You must be logged in to post a comment.