Wednesday, February 24, 2010

iBurst boggles the mind

I just installed a new iBurst USB modem, and my first thought was from Dr Phil: "What were they thinking?" Do they really think it is a good idea to take up a third of the screen with a connection utility that doesn't have a Minimize option? Like I really want to stare at a large round bubble with a few buttons on it! it doesn't even look good, unless you like in-your-face orange circles with useless buttons around the edge. It's hideous after 5 minutes.
But my bewilderment turned to horror when I inspected the network connections on the Windows XP box. Both "File and Printer Sharing" and "Client for Microsoft Networks" protocols are enabled by default, even though it violates their own Acceptable Use Policy. Do they really not have any idea how insecure this is? Are they determined to allow worms and malware to spread among their users through insecure file sharing? The mind boggles.
Worms like Conficker use weak passwords in shared folders to spread. This usually happens in a LAN because file sharing to the internet is correctly disabled. But in the case of iBurst, internet file sharing is not disabled. If a user has allowed the firewall to permit file sharing, thinking this would only work on the LAN, he is in for a nasty surprise.
So my warning to all iBurst users is this: disable both "File and Printer Sharing" and "Client for Microsoft Networks" protocols on the iBurst PPoE network connection and the additional LAN connection used by the iBurst Terminal, whatever that is. You really do not need anyone on the internet to see your shared files or your Windows login information. Just remove the checkboxes for "File and Printer Sharing" and "Client for Microsoft Networks" and reboot to make sure. Then check your firewall settings very carefully if you have "File and Printer Sharing" excluded. Only enable it if you really need to share files or a printer on your LAN.
To make absolutely sure, go to http://grc.com and select "Shields Up!" from the "Services" menu. Make sure you are not giving out the wrong information to the rest of the world, including your iBurst neighbours. Then subscribe to the Security Now podcast.
Update Friday 26-02-2010: I spent 26 minutes on the phone to their "special" 087-720-1234 support number, at R3.80 per minute from my cell phone. From a land line it costs R1.07 per minute, nearly double the cost of a 0861 call at R0.65 from a land line. But if I had a land line I wouldn't be putting up with iBurst in the first place. I'd be using ADSL, which does actually work.
I'm getting 100% signal using an external aerial, but they can't tell me which direction the transmission is coming from, which is a great help. And I'm getting 7% packet loss from a ping to their DNS server. That's great. And my account shows 0MB usage, so that might explain everything. Except I couldn't do this from the iBurst modem, because the connection is so poor.
Update Friday 5-03-2010: Almost exactly a week later a I get an email from iBurst apologising for the delay, but still no callback. Funny, there is nothing on their web site about a lot of support calls or problems.
Update Monday 8-03-2010: Finally someone calls. They can't show their transmission tower locations on their coverage map "for security reasons". What a load of BS. I feel like they really have no idea what they are doing.
Update Tuesday 9-03-2010: Spent a very productive 2 hours at their head office. I took the PC, the antenna, and my laptop. The PC seems to be too slow, because the signal worked fine on my laptop. Time to buy a new PC. Richard is a very patient, thorough and professional technician. He explained to me that I don't need to install the iBurst front-end, just the iBurst Terminal software, and then use a PPoE connection. It all works fine on my laptop. I arrived ready to tell them to take their equipment and shove it. I left feeling that there may be light at the end of the tunnel after all. It's amazing what competence can do.

No comments:


Warning: The NSA and 4 million other sick weirdos with "security clearance" have intercepted this page and know that you are reading it.