Thursday, January 18, 2018
Home Tags Virgin Media

Tag: Virgin Media

You're not using the password from the sticker, are you? Virgin Media has urged 800,000 customers to change their passwords to guard against possible hacking attack.…
Ethical hackers carried out research on the Super Hub 2 router and found it could be used to take control of Internet of Things devices.
Backups encrypted but key was the same across all UK hubs A recently resolved flaw in Virgin Media wireless home routers gave hackers a means to gain unauthorised administrative-level access to the devices.…
London, UK. 19 April 2017 - SCWS World, organised by Avren Events, has announced it will feature more global giants on its programme than ever before, with support from Virgin Media Business, Fon, JMA Wireless and Blu Wireless, as well as the continued...
Not that knowing NSA's sigint locations will actually help you much...
Premier League wins court injunction requiring server-level blocking.
Virgin also advising customers knocked offline An ongoing software update bug on Windows 8 and 10 appears affecting users of several UK ISPs, with Virgin Media the latest provider to admit the problem is knocking a number of its customers offline. The problem first emerged last week, when BT and Plusnet admitted that computers running Microsoft's newer operating systems are losing network connectivity due to what appears to be a problem with Dynamic Host Configuration Protocol (DHCP). In a forum updated yesterday, Virgin Media advised that some Windows 10 users were experiencing difficulty connecting to the internet after installing the latest update. "Microsoft are aware and investigating," it said. One reader, Adam Comben, got in touch with The Register to report: "We have a retail repair shop and have seen around 25 instances of this since Thursday. "It doesn’t matter what ISP or router they’ve been using – We’ve had TalkTalk, BT, Plusnet, Sky, you name it – All with the same problem, will not obtain an IP via DHCP." He said the issue is definitely a DHCP problem caused by a broken Windows Update, "although we’ve not been able to identify the cause it’s an extremely quick fix." He added: "It’s caused a great deal of disruption for our business customers as it required a site visit for those we couldn’t talk through it on the phone." The cause of the bug is so far unclear, although Plusnet has blamed an unspecified “third-party update”.

The main issue appears to be a recent Windows Update release – but it is hard to tell which one is at fault. The Register has contacted Microsoft for an update. ® Sponsored: Next gen cybersecurity.
Visit The Register's security hub
EnlargeLeon Neal/AFP/Getty Images reader comments 59 Share this story Update, November 24: Late on Wednesday, the government's planned amendment to the Digital Economy Bill—which, if unopposed by parliament, will force ISPs to block porn sites that refuse to provide adequate age verification mechanisms—was published online.

The tabled tweak to the draft legislation states that, where ISPs fail to act, they will be found guilty of an offence and hit with a fine. As part of its mission creep, the government is also pushing for the BBFC regulator to have the power to tell ISPs to block content that isn't pornographic.
It states: The steps that may be specified or arrangements that may be put in place under subsection (2) (c) include steps or arrangements that will or may also have the effect of preventing persons in the United Kingdom from being able to access material other than the offending material using the service provided by the Internet service provider. However, the government's amendment doesn't nail down what it defines as "other material"—making it arguably a sweeping demand for all sorts of content to be censored. Meanwhile, campaigners are increasingly vexed by the government's decision to appoint the BBFC to police online porn blockades where sites fail to bring in age checker systems—even though the regulator is yet to explicitly state what fruity online material would be placed on its banned list. Index on Censorship and other activists are concerned that websites serving up content that shows "non-conventional" sex acts—such as face sitting, menstrual blood, and sex in public—will be barred by the watchdog.
Its current guidelines on how it classifies content offers a flavour of the type of online porn that might raise eyebrows at the BBFC. "It should not be the business of government to regulate what kinds of consensual adult sex can be viewed by adults," Index on Censorship's chief Jodie Ginsberg told the Guardian. The BBFC said in response to concerns from campaigners: "In making this assessment, we will apply the standards that we apply to pornography that is distributed offline.
If a website fails on either of these [age verification or obscene content] tests, then a notification of non-compliance will be sent to the site." Original story Telcos could be forced to block porn sites if a stealth government amendment to the draft Digital Economy Bill is waved through by parliamentarians. The report stage and third reading of the proposed legislation, which seeks to regulate a hunk of areas from Internet infrastructure to intellectual property, will be debated by MPs next Monday (November 28).

Age verification for access to online porn also forms part of the government's shopping list.

Brits wanting to access fruity material via websites or apps will be subjected to checks to confirm that they are aged 18 or over. And the bill already makes it clear that the government wants to go after "infringing sites" by choking their access to payment providers such as Visa and PayPal, and threatening fines of up to £250,000 or five percent of a person's "qualifying turnover (if any)." However, the government—in what lobby group the Internet Service Providers' Association (ISPA) has described as a "significant policy shift"—is now saying that it wants ISPs to act when online smut peddlers fail to use age checking mechanisms on their sites. Culture secretary Karen Bradley said: "Only adults should be allowed to view such content and we have appointed a regulator, BBFC [British Board of Film Classification], to make sure the right age checks are in place to make that happen.
If sites refuse to comply, they should be blocked." The department for culture, media, and sport (DCMS) added that it was also "seeking co-operation from other supporting services like servers to crack down on wrongdoers." Under the proposed measure, the BBFC would have the power to order ISPs and mobile operators to block access to porn sites that refuse to comply with the government's planned age verification system. "The requirement to block websites would apply to all sites in the UK and overseas. Where websites originate in the EU the process will be compatible with country of origin rules," it said. However, ISPA said it was concerned by the policy shift.
It said: Government must clearly assess and quantify the impact of industry in terms of competition, innovation, and investment, put in place a robust regulatory system, and address the potential for unintended consequences, including existing industry self-regulatory efforts to tackle child sexual abuse material, scope creep, and over-blocking. In January, your correspondent warned that the government could try to force ISPs to block porn sites.

Afterall, the Tories have form in this area: during the coalition years, the UK's six biggest telcos were ordered to block a number of BitTorrent tracker websites, after BT, BSkyB, EE, Virgin Media, O2, and TalkTalk failed to challenge the government's demands in the High Court. In the footnote of its statement confirming the planned tweak to the bill, the DCMS admitted that its current proposals are unworkable.
It said: Websites need servers to host them, advertisers to support them, and infrastructure to connect them. With the international and unregulated manner in which the Internet operates we cannot compel supporting services to be denied but the regulator will seek to gain cooperation from the industry. For the government, the jurisdiction of porn sites was always going to be a headache, and it's hard to believe that the amendment calling for ISPs to block online smut peddlers who flout age verification rules wasn't planned all along.

But then, timing is everything. This post originated on Ars Technica UK
Kid schools telco: 'So have you heard of access controls?' Virgin Media has shuttered a kindergarten-grade bug in a third party website that exposed up to 50,000 résumés it's received over the years, complete with names, street and email addresses of applicants. The vulnerability was due to entirely absent access controls on a public server to which applicants were directed to upload their résumés. British student hacker Alikhan Uzakov (@alikhan_uzakov) found he was able to peruse the entire directory without restraint or being challenged to log in. "About 30,000 to 50,000 applications, past and present, were accessible," Uzakov says in a blog. "Personal information including telephone numbers, emails, where someone lives, and other details were out there in the open: my personal information was exposed as well. "The problem is patched now but had I been someone with malicious intentions, I could have done a lot more and might not have reported it at all." Uzakov phoned Virgin Media's London Hammersmith office to report the flaw and "walked" a security engineer through resolving the mind-bending bug. He says Virgin Media would not comment on the vulnerability nor award him a bug bounty or name recognition for the bug. The graduate recruitment site has been fixed and is back online. ®
Firm says it'll rebrief everyone to 'meet its usual high standards' Virgin Media has promised to ensure all its agents are fully equipped to offer advice on the Poodle vulnerability, after a security expert exposed the failure of outsourced Indian call centre staff to explain and fix the problem. Independent security consultant Paul Moore, who is also a Virgin customer, was contacted by the company, told that he was vulnerable to Poodle and was offered a £20 "premium technical support" service to fix it. However, following a series of calls made to Virgin's Gadget Rescue service, run by an outsourced company based in India, the agents repeatedly failed to explain what the problem was. On the final call the agent tried – and failed – and failed to fix the problem remotely by installing Java, Adblock+, Silverlight, Flash and various other software. Moore recorded the calls, which The Register has listened to. "I made six calls, each landing with a different call handler.
It's abundantly clear that not a single call handler had even heard of Poodle, let alone had the knowledge required to fix it," he said. He added: "Beyond Poodle, the technician made a number of dangerous and unauthorised changes to the device.

They're also yet to clarify why it was necessary to disable F-Secure antivirus completely; something which could be described as 'reckless' as it introduces a significant risk to the end user. He also purged the 'prefetch' directory, further demonstrating a complete lack of technical knowledge." Moore said he was been promised a refund for the service. He was also contacted by a senior executive of Virgin's outsourced company. “He admitted the level of service 'was appalling', to use his words,” Moore told The Register, “and that they're taking several steps to ensure it cannot happen again.” A Virgin spokesman said: “We strive to maintain high levels of customer satisfaction with our Gadget Rescue service and ensure that agents are able to handle all enquiries.
In this case, we apologise that a Gadget Rescue agent did not meet our usual high standards. We have ensured that all agents are fully equipped to offer advice on the Poodle vulnerability.” ® Sponsored: Securing personal and mobile device use with next-gen network access controls