Breaking the Terms and Conditions - Your Views Welcome

[James67]

Quote:

Originally Posted by NewsreadeR

I would still recommend James, that you do not offer the ALGO for download to Joe Bloggs and Co. Maybe offer your findings to a security firm for them to validate / refute your claims. Putting it for download imho is the wrong thing to do.

I still think that's the right thing to do, i.e., NOT publish the algorithm. If I were to publish it and only one Sky Broadband customer were to suffer a financial loss, I'd feel terribly guilty about it. I've done my best to get Sky to acknowledge the problem, so if any customers suffer a loss, then it's down to Sky for not responding to the problem properly.

Of course you could argue that simply mentioning the fact that an exploit exists could encourage people to look for it. And behind the "not doing yourselves any favours" comment there seems to be an implication that anyone who isn't prepared to hush things up, can't be regarded as a "friend" of Sky's. But the world has moved on since the bad old days when companies like Microsoft would refuse even to utter the word "bug", let alone "security flaw". Hushing things up is not an acceptable practice now. Having spotted a problem, I couldn't in good conscience do anything other than make the fact that a security flaw exists, public.

As for my actions slowing down a firmware update, "Well, good!" I would say. Fixes for security flaws are much more important than fixes for reliability and user interface changes.

[Brian69]

I agree with NewsreadeR, do not make this public. To do so would allow Sky to cast you (James) as the bad boy in all this. As things stand there is a flaw in wireless security and this is becoming well known on the net. Lets wait and see what Sky's next move is. I think this will delay any FW upgrades while they consider what to do. If someone were to have their bank details stolen because of this flaw, then Sky could be in the poo.
So stay out of this James, or Sky will paint you as the evil hacker.

[h todd]

Quote:

Originally Posted by James67

That would seem to be the case, but I doubt Sky would ever be able to make any kind of issue out of it, what with the T&C's appearing to have been written by a year 10 kid on work experience.

All this talk about sky routers is a little way over my head. But I join sky broad band in Sept 07, never saw a t&c just rang and asked for the FREE broadband.
They put me a £17.99/m complained ( could only connect 50% of the time) and speeds no faster than dial up. they put me on £5/m same problem Finaly after 1000's of calls and letters and contacting ofcom. Recieve a letter last week
We can only supply UP TO 2meg so you are now on the Free broadband
Who is Kidding who
Now tried to run Linux Sky say NO and you must use our router.
If Sky TV was as bad as the broadband, and you had to use a Sky Tv ( you could not buy one from Comet etc). Sky Tv would have been long gone.
Mentioned to Sky about the EU ( not bothered what can they do)
I could be Virgins next coustomer

[richone54]

Quote:

Originally Posted by h todd

I could be Virgins next customer

hopefully you would be able to get cable, as you may get the same problems with another "phone line" bb connection

[h todd]

Quote:

Originally Posted by richone54

hopefully you would be able to get cable, as you may get the same problems with another "phone line" bb connection

Cable is outside the door, BUT the wife likes SKY TV, If Virgin would connect me to thier broadband only I may be interrested, but you need to take this package or that package. It seems that Broadband is a law unto its self http://www.skyuser.co.uk/forum/image...d/warpaint.gif