Posts Tagged Nerd Stuff

Verizon FIOS WEP belong to us

Posted by Christopher in Nerd Stuff, Work Stuff on November 7, 2009

I deal with computer security almost every day and just found one of the most shocking lapses in judgment by a major corporation I have ever seen.It will have a huge effect on many of readers of this blogs security for quite a while to come.

Lets boil it down for those non-nerds. If you have Verizon FIOS and they installed your modem/router (comes with the service) your WEP key is being broadcast through out the neighborhood. The secret code to connect to your internet is being sent to everybody in your neighborhood…. wow.

Now for some details. If you have ever fired up your computer in a neighborhood, likely you have seen the new 5 character (example; H6196, 9RHUN) wireless clouds that pop up anywhere Verizon has FIOS. This SSID is unique and helps you find your wireless cloud. Verizon decided that since they were doing all this work in setting up peoples wireless access points, why not use the MAC address of the modem and generate SSID based on this. This is a OK idea but then ,as per normal for any large corporation, decided to shoehorn the idea into every aspect of the situation. They then used the MAC address to generate the WEP key.

Any user of Network Stumbler or Wireshark knows that the MAC address is broadcast along with the SSID. You take that 5 charicture SSID, run it through the java script WEP calculator at (http://fioswepcalc.webs.com) and you will likely end up with the WEP key of most all your neighbors wireless networks.

Screenshot

Security through Obscurity has been the modus operandi since the start of computers. At some point, if computers systems are to continue, companies that endanger their clients, lose clients data or expose clients to data theft, will have to be held accountable for poor security.

In real life trials, only half of the FIOS WEP keys were valid.

FIOS, Nerd Stuff, security, Verizon

No Comments

Northwest Territorial Mint, not so minty

Posted by Christopher in Nerd Stuff on October 25, 2009

A while back I saved up some money to buy a few ounces of silver. I like the color of it and the density is something you have to play with to understand. Yes, I know this is nerdy but that is not in question.

I looked around for a good price locally but have found that AJPM in downtown Portland is not very friendly and doesnt have the highest quality stuff. Colombia Coin in NE is nice but is quite expensive. This lead me to look for an online broker. After finding out that Northwest Territorial Mint produces many of the coins that I like, I decided to purchase the piece of silver there. The price was great and they said “Our policy is to ship orders promptly after you have properly paid us.” This was also printed in my contract with them.

Here is a overview of my experince with Northwest Teeritoral Mint;

I placed the order on Aug. 11th
NWTM received my check on Aug. 14th and I got an email saying my order was paid in full. I had hopes of receiving the order in a few weeks as most all other places send orders out in 2-3 days.
Sept. 21st, I called them a month later after no communication and a nice lady said that they may not have the items in stock. I asked if I drove up to Auburn Washington (location of the Mint) would the units I ordered be for sale? She would not answer me.
Sept. 28th I sent an email asking for a reason my order had not been sent.
Oct. 13th, sent another email asking for any sort of response. The entire time they are still selling the items saying that they are “In Stock“.
Oct. 24th received my order.

This was over 10 weeks waiting. Now, I have a small company and understand that items can not be produced out of thin air. All the while my order was waiting to be filled, they did have the item on hand and continued to be for sale.

That is when I went to Google and typed “northwest territorial mint scam” .

The amount of negative responses stunned me. Site after site, year after year, client after client had been treated the same as me. After 60-75 days the orders showed up but with no expliation why it took so long. The Washington Attorney General also got wind of this and sued them. But all that was occompolished was that after 90 days or so you can ask for your money back.

The reason for this treatment is that NWTM receives millions of dollars interest free for investing. Some estimates say they make tens – hundreds of thousands of dollars by with-holding delivery for a few months on each of their clients. This practice has been taking place for years and below will be a few links.

I did receive my order and the items were great, yet I will never, ever, ever order from them again.

panam