click for larger version

Well this is interesting. I was considering becoming a reseller for Suddenlink Cable since I’ve been very pleased with their internet service. However, if you “rent” the SMC8014WN Wireless Modem/Router/AP from them – BEWARE!

Suddenlink has locked down the firmware in the SMC8014WN so that most of the typical features from any $60 router/access point from BestBuy or OfficeDepot or NewEgg – are simply not available. That’s insane.

WEP as a security measure is so broken that your (and everyone else’s) kid sister can easily circumvent it,” said computer security researcher Ralf-Philipp Weinmann, co-author of the aircrack-ptw tool that can crack WEP in minutes.

This unit is running a locked down firmware that doesn’t allow you to use anything but WEP encryption. As I’ve mentioned before, never use WEP encryption. This encryption algorithm was broken more than 10 years ago. The only exception would be legacy hardware that you simply cannot replace. In that case, you should put your legacy device on it’s own subnet separate from everything else.

You should ALWAYS USE WPA (or WPA2) encryption with a sufficiently strong passphrase. WPA + AES is currently unbroken and susceptible only to brute-force dictionary attacks, which all encryption schemes are. In other words, you can only break it by slamming a zillion password combinations at it and hoping for sheer luck.

You also can’t change the SSID. While changing or hiding the SSID does not increase security, it can make things more convenient.

Here is the best part. I called Suddenlink tech support just to make sure my findings were correct. A decent and knowledgeable tech support guy got on the phone and confirmed my findings.

Suddenlink Support: Suddenlink ships those modems with WEP to support the xBox which is WEP only. We lockdown the systems to make it easier for us to support users.

click for larger version

So I asked him simply: “Just to be clear, Suddenlink has shipped locked down devices with a broken security algorithm just to support the old xBox?”

Suddenlink guy: “Yes, that is correct.”

Hmm – maybe they haven’t heard of the DLink DGL-3420 which allows you to run WPA on the old xBox? If one of the Principal Tech Specialists at Microsoft thinks WEP is trivially crackable, maybe Suddenlink should listen?

Hmm – maybe Suddenlink should rethink their corporate policy on their users’ security? Maybe they shouldn’t send installers out who are morons and know nothing about networks nor security?

By the way, Suddenlink rapes you for $10/month until the end of your service for this piece of junk.

Solution: Purchase a Motorola Surfboard Modem and a Linksys Wireless Router. Simple. Effective. Cheaper. Safer.

From email 3-19-2010. This is a great question and answer for everyone to read.

—————-
I just got that 100′ CAT6 10/100/1000 cable tonight.
—————-

You know that Cat5e supports gigabit right? That might have saved you a little money.

—————
Did you know Media Center doesn’t come on anything before Vista? That sucks.
—————

Wrong. XP Media Center Edition has been around since shortly after XP was released. I have a copy of it for Dell.

http://en.wikipedia.org/wiki/Windows_XP_editions#Media_Center_Edition

——————–
I want to get a wireless N router but have seen where g devices connected to an N router are no better than a G router. This prompts me to look at “True Dual Band” routers.
——————–

We discussed that when we discussed 100/1000 on ethernet. You don’t have to get a “true dual band” – that is marketing bullshit. All N access points will fall back to G or B on devices that don’t support N. That is part of the N spec.

http://en.wikipedia.org/wiki/IEEE_802.11n#Backward_compatibility

—————–
keep coming back to this Linksys WRT610N. It is simultaneous, has a USB port for a network USB drive where I could store all my music, audiobooks, and the rest of that crap.
—————–

Of course I’m a fan of Linksys stuff. That model has some good/bad reviews. I’m going to say you will probably be fine with it.

—————-
Need faster down and upload speeds if I am going to be streaming TV on my TV through Media Extender and Xbox
—————-

While I hate DSL and love cable, if you are streaming from your Media Extender directly to your TV, then you ‘net connection doesn’t matter. That would fall under the internal network bandwidth – and thus gigabit and wireless n would help.

However, if you are going to be streaming from Hulu.com or wherever to your TV, then having more ‘net bandwidth is definitely a plus.

By the way, I have 20Mbs down and 2Mbs up now.

——————
I was also thinking about checking out one of those TV tuners for your computer… what do you think of those?
——————

I think they work great, especially for displaying ‘net content on your TV or ripping your DVD’s to your pc and playing them directly from a media box.

—————
My Dell Inspiron 1525 (that you have the twin), can we upgrade the internal network card to an N+ card instead of a G, or would I do better with a adapter hanging on the side of the machine?
————–

Nope – you have to add a USB card, PCMCIA, or ExpressCard type.

—————–
the hard drive for the laptop, its 250Gigs, can we make that much bigger and still keep the outside shell of the laptop?
—————–

Yep – the hard drive form factor is the same for a larger capacity. I’ve got a 500GB in my dell right now.

http://www.newegg.com/Store/SubCategory.aspx?SubCategory=380&name=Laptop-Hard-Drives

Recently, I’ve been consulting with a client on network improvements. Following is an email correspondence sent to them in preface to some upgrades – such as migrating to a Novell SUSE Linux network.

============
From Email
============

As a reminder, security is relative. You have to weigh the cost vs usability vs convenience. If security practices are too complicated, end users will attempt to circumvent them at every turn. However, if the security measures only present a small burden to the end users, then most users will embrace them.

There are no 1-stop security solutions. Period. Anyone that tries to embrace that philosophy is selling snake-oil and will lull you into a false sense of security. Always avoid single vendor lockin to proprietary solutions as much as possible. I always favor free and/or open-source solutions where possible.

##############
User Training
##############

Most companies fail at training their users in basic technical skills and safe practices. In the short-term weak training expenditures may result in faster employee turn-around; however, in the long-term it costs more.

Not only should users (employees) be educated on the basic skills for their jobs, they should also be educated on basic security best-practices and company policy. As technology changes, users should be further educated as necessary for their particular job. In today’s fast-paced world of data exchange, this is a necessity not an option.

##############
Data Security
##############

First, you need consider that like most things, your data is only as safe as the weakest link in the change. No matter what types of technology you employ, all it takes is one rogue employee with access to the data. This is where your company policies and NDA’s come into play heavily. Employees must know that there are severe consequences for breaching policies.

Data must not be permitted to leave the company network unless a user has specific permission to remove the data. This includes USB drives, company and non-company laptops, cell phones, pda’s, etc. Even hand-written notes concerning company information must be carefully considered.

Any data that is allowed to leave the company network and confines must be encrypted (see mobile security). It does no good to have the company information locked down, only to transport it in the free and clear.

##############
Email Security
##############

All company email must be controlled tightly through a service such as Google Apps Premier Edition powered by Postini. This allows for superior email security, archiving, and control.

“By 2005, 24% of companies had email subpoenaed and 15% had gone to court over lawsuits triggered by just employee email. According to the same survey, 10% of email at work contained sexual, romantic, or pornographic content.” – http://www.amanet.org/press/amanews/2006/blogs_2006.htm

Plan Now for Managing Electronic Data Avoid Tomorrow’s Legal Risks
www.google.com/a/help/intl/en/security/pdf/WP44-BMGuide.pdf