

Verizon Knows Your WiFi SSID and Key - iosnews
http://wlanbook.com/verizon-knows-your-wifi-ssid-and-key/

======
tirant
Verizon and hundreds of other ISPs around the world. I've been working for
sometime on firmware development for ISP gateway devices, and most of them
implement remote management protocols like TR-069
([http://en.wikipedia.org/wiki/TR-069](http://en.wikipedia.org/wiki/TR-069)).
They can get all kind of information from your gateway device: from SSID/Key,
to SAMBA/FTP passwords, MAC addresses of the devices connected, to it, etc.

If you are worried about your privacy, NEVER use a router you cannot control.

------
Spittie
And this is why I'm never going to use my isp's modem/router.

I also use a separate modem and router, so that if my modem has some kind of
backdoor that my isp can use, they can't get many informations about my lan.
My next step is getting a modem that run on a libre distribution (my router
already run on Tomato), since I've found out recently that OpenWRT supports
some ADSL modem.

~~~
01Michael10
I second one buying their own modem and wireless router and not using the
supplied ISP equipment. Netgear WNDR3800 router here and I have been thinking
of trying OpenWRT or DD-WRT on it myself...

------
shmerl
I'd never use any router provided by an ISP. Use your own router and their
device as a next step DHCP server.

~~~
moondev
Not an option with uverse unfortunately. The router and modem are combined
into a single box.

~~~
ben1040
Admittedly it's been a while since I have had U-Verse, but I was able to
disable wifi on the modem, put the modem in "DMZ mode," and make an Apple
Airport Extreme work well with it. Still not real bridged mode, although the
router behind the U-Verse modem in DMZ mode would get the real external IP
address handed to it so it doesn't act like a double-NAT situation.

You still had to have your TVs run through to the actual U-Verse modem,
though, and can't plug them into a router sitting behind it.

~~~
chomp
> You still had to have your TVs run through to the actual U-Verse modem,
> though, and can't plug them into a router sitting behind it.

Yeah you can. I have

Uverse Router ==> PFSense Box ==> GigE switch ==> Uverse TV box.

The trick is enabling IGMP proxy. The first 10 seconds of a Uverse TV stream
is transmitted over UDP. After 10 seconds, it switches to multicast. You need
IGMP proxy on the PFSense box (or IGMP proxy capable switch) to relay that
multicast traffic to the ports on the other interface.

After that, DMZ your PFSense box, add just a few firewall allow rules, and
you're done!

~~~
hahainternet
> The first 10 seconds of a Uverse TV stream is transmitted over UDP. After 10
> seconds, it switches to multicast

What the heck? Do you have any clue what the motivation is behind this?

~~~
tacoman
It's how they deliver instant channel change. The unicast udp burst is about
30% higher than the nominal bitrate of the multicast. The STB stitches the
unicast and multicast together seamlessly.

~~~
hahainternet
That is an impressively smart solution really. I don't have instant channel
change :(

------
URSpider94
This just makes me uncomfortable. It's part of the reason why, when I had FIOS
(about 4 years ago), I pretty quickly disabled their WiFi and used a separate
access point. At that time, the SSID and key were hard-coded and were printed
on the bottom of the router, and if I recall correctly, the key was directly
derived from the MAC address of the router.

~~~
MertsA
The key should have been something like the serial number of the router which
you can't derive from the MAC and is generally regarded to be a secret.

~~~
cbhl
1) Any decent device manufacturer should have a record of the serial number of
every device they sell. Bonus points if you mailed in your name and address
and serial number so you'd be eligible for the warranty.

2) The MAC often _is_ the serial number for many ethernet devices. (Most
routers are weird because they usually have at least two or three MAC
addresses, but it works out so long as you're consistent about which one you
use.)

~~~
MertsA
For a modem, at least all DOCSIS modems the serial number will be totally
separate and is used for authentication to the modem. Not 100% sure about FiOS
as I don't have it but I'd imagine they would do something similar to the rest
of the industry.

------
isomorphic
I currently have FiOS. I've never used their router for WiFi. For years I used
their router plus various WiFi bridges.

However, if Verizon knows your WiFi keys (from the router), it stands to
reason they have total control over their routers--so putting your own WiFi
behind Verizon's router won't help you if you're looking for privacy. Verizon
can see your LAN through their router, even if you disable WiFi.

For this and many other reasons, a while back I pulled Cat6 from the ONT
(optical network terminal--where the fiber comes into your home) to my office.
I'm using an ASUS RT-AC66U for a router. I'm running DD-WRT on it instead of
ASUS' firmware.

Unfortunately, all of their TV STBs need Internet (for the guide), and those
can only get Internet via MoCA (i.e., Internet over cable TV coax). (Also,
various services Verizon offers will not work with the BYOD router setup.) You
can purchase MoCA bridges, but it was easier to just neuter the Verizon router
and use it as a MoCA bridge (behind my router). By doing so I am probably
opening up my LAN to spyware again. Then again, if the STBs are on your LAN,
they could be spying on you as well.

I keep an eye on the STB traffic, but who really knows.

I think my next step will be to curtail, then discontinue FiOS' TV service.
Lately I seem to pay more for less (their STB interface is frozen in time,
slow, and now has advertising to add insult to injury). I think the equivalent
or less money will buy sufficient entertainment from Internet streaming or
digital downloads. And as a bonus there's less potential for Verizon LAN abuse
from their STBs.

~~~
deathanatos
> However, if Verizon knows your WiFi keys (from the router), it stands to
> reason they have total control over their routers--so putting your own WiFi
> behind Verizon's router won't help you if you're looking for privacy.
> Verizon can see your LAN through their router, even if you disable WiFi.

How does this effect your privacy? If you put your own router between your
machines and their device, sure, their device can see the WAN interface & IP
address of your router, but it can only access your LAN like every other
machine on the Internet at that point, if you have your router do NAT. (Which
is the point of doing this.)

~~~
isomorphic
> How does this effect your privacy? If you put your own router between your
> machines and their device, sure, their device can see the WAN interface & IP
> address of your router, but it can only access your LAN like every other
> machine on the Internet at that point, if you have your router do NAT.
> (Which is the point of doing this.)

To clarify, I meant putting your own WiFi _bridge_ or _access point_ behind
Verizon's router. (This is what was suggested at the bottom of the original
article.) If Verizon has total control over their routers (they do), then
using your own WiFi won't matter.

The way to get more privacy is to _replace_ Verizon's router with your own, or
to nest your router behind Verizon's.

~~~
deathanatos
Even if you replace Verizon's router, presumably they have upstream nodes that
they could monitor your traffic with just as easily. You'd have to replace all
of Verizon.

The Verizon router is like any other intermediate node on the Internet: don't
trust it. Removing it won't really affect your privacy.

------
starrychloe
This might explain things:

[http://www.whatsmyip.org/fios-wep-key-
calculator/](http://www.whatsmyip.org/fios-wep-key-calculator/)

------
gnu8
A large fraction of their technical support calls are for wireless access
issues. This is one way they try to reduce the number of calls and to resolve
cases more efficiently. They have no interest in using your wifi key to
intrude on your network. This is no more obtrusive than your landlord having a
key to your house.

~~~
jwcacces
I understand your metaphor, but it is a disturbing idea to have Verizon in the
position of my landlord.

------
mdip
This kind of stuff bugs me, but I understand why these companies do it. For
the vast majority of users, having this information available and published in
a convenient place probably reduces calls to service. And I bet the technical
support staff can see all of this information as well.

I remember being surprised that tech support was able to describe all of the
devices sitting behind my AT&T U-Verse modem. I have a healthy amount of
paranoia from a few years working in network security. After realizing how
much access they had, I went out and bought a Buffalo router running DD-WRT
and never looked back.

------
conradfr
Well FWIW when I was working for a French ISP I could get that and also what
TV channel was on and any other possible metrics for the modem or the media
player.

------
jbb555
I'm happy for my ISP to be able to reconfigure my router so I can call them up
and say I was messing about with it and broke it and can they fix it please.
But that's because I use aaisp.net.uk who I trust for this kind of thing and
not some huge corporate isp.

~~~
Fuxy
I wouldn't like any ISP messing with my router.

My router shouldn't be part of the ISP's network for it to use however it
likes.

I would rather take full responsibility for it and manage it myself even
replace it at my expense if it breaks.

Letting them do that is like giving the keys to your house to every utilities
company you deal with and permission for them to give the key to whoever they
choose. Do you really thrust them that much?

~~~
Istof
Do you really trust all routers on route to your destination?

~~~
Fuxy
Nop, however i don't have a choice on that one unless you count encryption
trough VPN's or other means to a network of your choice.

However this is like asking if i trust the people on the street when i go out
the answer is obviously not however that is a public place and not my home and
I am aware I may be watched.

If I were a hacker i would get employed at these companies and just exploit
all the computers connected to these routers.

Or better yet download the entire database with router SSID's, serial number
and password that would make for a fun time.

Free internet forever if the don't detect it.

------
antr
I'm not very knowledgeable on networking, and my question is: is there any
commercial routers/modems with an open source OS? I'm assuming open =
transparent

~~~
JelteF
There is opensource firmware for a lot of different routers. You have dd-wrt
and OpenWrt to my knowledge.

[http://www.dd-wrt.com/site/index](http://www.dd-wrt.com/site/index)

[https://openwrt.org/](https://openwrt.org/)

------
crad
Worth noting that I had at one point setup a custom SSID and key, then
disabled WiFi. Even with the WiFi disabled, they had my custom SSID and
password in that page.

------
thrillgore
I always provision my own modem and router, just for this kind of thing. Also,
its cheaper in the long run.

------
kghose
To get a clarification: If you change your WPA password will they be able to
get the new password - or do they just have a list of the preconfig (factory
set) passwords?

