Skip to content

comcast

As The FCC Guts Net Neutrality, Comcast Again Falsely Claims You Have Nothing To Worry About

Quote

With the FCC formally confirming its plan to kill existing net neutrality protections December 15, Comcast is back again insisting that you have absolutely nothing to worry about. In a new blog post, top Comcast lobbyist “Chief Diversity Officer” David Cohen once again claims that net neutrality harmed industry investment (independent analysis and executive statements have repeatedly shown this to be a lie), that Comcast will be able to self-regulate in the absence of real oversight, and that gutting the Title II foundation underpinning the agency’s rules just isn’t that big of a deal:

“As we have said previously, this proposal is not the end of net neutrality rules. With the FCC transparency requirement and the restoration of the FTC‘s role in overseeing information services, the agencies together will have the authority to take action against any ISP which does not make its open Internet practices clearly known to consumers, and if needed enforce against any anti-competitive or deceptive practices. Comcast has already made net neutrality promises to our customers, and we will continue to follow those standards, regardless of the regulations in place.”

Monoplists

Comcast’s Xfinity home alarms can be disabled by wireless jammers

Comcast-security

If you trust your ISP to provide Network and Physical Security, you have a fool for an adviser

Quote

Some intruders no longer need to come in through the kitchen window. Instead, they can waltz right in through the front door, even when a home is protected by an internet-connected alarm system. A vulnerability in Comcast’s Xfinity Home Security System could allow attackers to open protected doors and windows without triggering alarms, researchers with cybersecurity firm Rapid7 wrote in a blog post today.

The security bug relates back to the way in which the system’s sensors communicate with their home base station. Comcast’s system uses the popular ZigBee protocol, but doesn’t maintain the proper checks and balances, allowing a given sensor to go minutes or even hours without checking in. The biggest hurdle in exploiting the vulnerability is finding or building a radio jammer, which are illegal under federal law. Attackers can also circumvent alarms with a software-based de-authentication attack on the ZigBee protocol itself, although that method requires more expertise. Attackers would also need to know a house was using the Xfinity system before attempting to break in, a major hurdle in exploiting the finding.

“The sensor had no memory of the break-in happening”

To prove his findings, Rapid7 researcher Phil Bosco simulated a radio jamming attack on one of his system’s armed window sensors. While jamming the sensor’s signal, he opened a monitored window. The sensor said it was armed, but it failed to detect anything out of the ordinary. But perhaps even more worrisome than the active intrusion itself is that the sensor had no memory of it happening and took anywhere from several minutes to three hours to come back online and reestablish communication with its home base.