From Newsgroup: uk.tech.digital-tv

I'm sorry, the wi-fi router?

I've never thought the router to be a culprit for spaffing passwords
to 'the cloud' but the devices you hang on the wi-fi especially if
running google code (or other bad boys) do have that potential.

Bob.

I'm a trialist for Giffgaff's upcoming FTTP offering.
They sent me their router, an Amazon eero 6+.
it's a hub for additional eero mesh devices, and for any AWS IoT
devices you might have.
If you choose to link it to your Amazon account it actually tells you
that your chosen SSID and encryption key are sent to AWS "to make
adding devices hassle-free".
--
Graham.

%Profound_observation%
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: uk.tech.digital-tv

In article <0vpo6kpsj9n2h2aagrn3mtk8oqlr8jncro@4ax.com>, Graham. <usenet@yopmail.com> wrote:

I've never thought the router to be a culprit for spaffing
passwords to 'the cloud' but the devices you hang on the wi-fi
especially if running google code (or other bad boys) do have that >potential.

I'm a trialist for Giffgaff's upcoming FTTP offering. They sent me
their router, an Amazon eero 6+. it's a hub for additional eero
mesh devices, and for any AWS IoT devices you might have. If you
choose to link it to your Amazon account it actually tells you that
your chosen SSID and encryption key are sent to AWS "to make adding
devices hassle-free".

OK so I was wrong I didn't see a router being so anti-security. It's
kind of their job.

Do you you have to use that router and can you bin it for something
more responsible that takes security seriously?

Bob.

--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: uk.tech.digital-tv

Bob Latham <bob@sick-of-spam.invalid> wrote:

In article <0vpo6kpsj9n2h2aagrn3mtk8oqlr8jncro@4ax.com>, Graham. <usenet@yopmail.com> wrote:

I've never thought the router to be a culprit for spaffing
passwords to 'the cloud' but the devices you hang on the wi-fi
especially if running google code (or other bad boys) do have that
potential.

I'm a trialist for Giffgaff's upcoming FTTP offering. They sent me
their router, an Amazon eero 6+. it's a hub for additional eero
mesh devices, and for any AWS IoT devices you might have. If you
choose to link it to your Amazon account it actually tells you that
your chosen SSID and encryption key are sent to AWS "to make adding
devices hassle-free".

OK so I was wrong I didn't see a router being so anti-security. It's
kind of their job.

Do you you have to use that router and can you bin it for something
more responsible that takes security seriously?

Bob.

In practical terms what is the risk? The attacker has to be within radio
range of your router. Then what? They get to use your connection. The real issue is the security of the admin password and whether or not the router
can be taken over remotely, with or without the password.

--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: uk.tech.digital-tv

In article <0vpo6kpsj9n2h2aagrn3mtk8oqlr8jncro@4ax.com>,
Graham. <usenet@yopmail.com> wrote:

If you choose to link it to your Amazon account it actually tells you
that your chosen SSID and encryption key are sent to AWS "to make
adding devices hassle-free".

You can "manage" this in the preferences tab of "manage your content
and devices" on the Amazon web site.

As far as I recall, all my Amazon devices (e.g. kindle) have asked
before doing this, and I've always said no. And I'm not sure how it
works - how can a device retrieve a password from Amazon before it has
a wifi connection? Perhaps it connects to other Amazon devices to ask
them.

-- Richard
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: uk.tech.digital-tv

In article <104lhfs$6o75$1@dont-email.me>,
Tweed <usenet.tweed@gmail.com> wrote:

In practical terms what is the risk? The attacker has to be within
radio range of your router. Then what? They get to use your
connection. The real issue is the security of the admin password
and whether or not the router can be taken over remotely, with or
without the password.

I'm retired now so no longer an issue. In my last employment I had
confidential information on my home computer. In my head, I can hear
the judge - 'So you knew that your home wifi was not secure and that
it put confidential material at risk and you did nothing about it,
you continued knowingly.'

Bob.

--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: uk.tech.digital-tv

Bob Latham <bob@sick-of-spam.invalid> wrote:

In article <104lhfs$6o75$1@dont-email.me>,
Tweed <usenet.tweed@gmail.com> wrote:

In practical terms what is the risk? The attacker has to be within
radio range of your router. Then what? They get to use your
connection. The real issue is the security of the admin password
and whether or not the router can be taken over remotely, with or
without the password.

I'm retired now so no longer an issue. In my last employment I had confidential information on my home computer. In my head, I can hear
the judge - 'So you knew that your home wifi was not secure and that
it put confidential material at risk and you did nothing about it,
you continued knowingly.'

Bob.

Your home computer should be properly secured. If you had confidential information you should take steps to encrypt it. Those are the steps the
judge would be interested in.

--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: uk.tech.digital-tv

In article <104o1l9$prul$1@dont-email.me>,
Tweed <usenet.tweed@gmail.com> wrote:

Your home computer should be properly secured. If you had
confidential information you should take steps to encrypt it.

In my case it wasn't as simple as that but I don't wish to argue.

Too clever by half you are.

Bob.

--- Synchronet 3.21a-Linux NewsLink 1.2