Sunday, November 6, 2016

Warning Nationwide ISP Vulnerability

Read this carefully.
The IP Address is legally invalid.

A. As it means you cannot reliably Prosecute cyber-crimes based on IP Address alone until the problem is fixed.

B. Cases in which the IP address was used in Prosecution must be reopened by law. 

C. This also makes tracking people reliably next to impossible.

D. Anyone can be framed.

1.Where are they (or the Empty House?)

Modems are registered to a specific household.
These modems don't have to be in that household, and can be connected anywhere on the network. As in any place with a coaxial cable connected to the open ISP network.

2.Anyone can be framed.

Modems identify themselves via Mac address to the ISP, This Mac address is printed on the side of the modem. The Modem is then given an IP address based on that Mac Address.
The issue is The Mac Address can be cloned in a new modem and that can be anywhere on the open network. The new modem appears to be the registered user at the registered address. The ISP sees 2 IPs assigned but cannot tell if it is the same modem, as the Mac address is the same.

There are two modems currently on the market that can configure the Mac address at will.

Solutions Now.

Quick Solution: Put up a captive portals at the ISP level. The user must enter a password and username every-time the modem is plugged in somewhere. Usename and Password must be kept secret. (Some ISP already use captive portals, but not in this configuration). This should take a day to implement nation wide. I could do this alone in a day.

Secure long term solution: Include a hardware based Random Alpha Numeric Integer Authentication Token of extreme length. Transmit the Token via SSL To the ISP. Include this with the captive portal and the problem is solved long term.

It turns out until then the concept of the IP address has always been and will always be invalid.

Post Script: I didn't make the hole I just found it & I've given two solutions. 

No comments:

Post a Comment