Home News Forum Articles
  Welcome back Join CF
You are here You are here: Home | Forum | Virgin Media urges password change over hacking risk

You are currently viewing our boards as a guest which gives you limited access to view most of the discussions, articles and other free features. By joining our Virgin Media community you will have full access to all discussions, be able to view and post threads, communicate privately with other members (PM), respond to polls, upload your own images/photos, and access many other special features. Registration is fast, simple and absolutely free so please join our community today.


Welcome to Cable Forum
Go Back   Cable Forum > Virgin Media Services > Virgin Media Internet Service

Virgin Media urges password change over hacking risk
Reply
 
Thread Tools
Old 23-06-2017, 23:35   #31
iadom
Oh Lanky Lanky.
 
iadom's Avatar
 
Join Date: Jun 2003
Location: Shaw, Oldham, Lancashire.
Services: 2 V6 running 360. 500mb BB, Phone line, mobile simm.
Posts: 7,956
iadom has a nice shiny stariadom has a nice shiny star
iadom has a nice shiny stariadom has a nice shiny stariadom has a nice shiny stariadom has a nice shiny stariadom has a nice shiny stariadom has a nice shiny stariadom has a nice shiny stariadom has a nice shiny stariadom has a nice shiny stariadom has a nice shiny stariadom has a nice shiny stariadom has a nice shiny star
Re: Virgin Media urges password change over hacking risk

I read that they only use 24 of the possible 26 letters which reduces the time to crack by a considerable margin. Mine didn't have 'any' in it anywhere.

I can also confirm that my daughters wifi password has no similarity to mine whatsoever.
iadom is offline   Reply With Quote
Advertisement
Old 24-06-2017, 02:06   #32
Gunslinger
cf.addict
 
Join Date: Feb 2005
Location: Oxfordshire
Age: 76
Services: VM XL, Tivo, BB, Prime, Now TV, Tennis TV
Posts: 152
Gunslinger is on a distinguished roadGunslinger is on a distinguished road
Re: Virgin Media urges password change over hacking risk

Quote:
Originally Posted by Ken W View Post
The default is changeme or admin and many don't change it.
I changed that one on the day I got it - it does rather invite that!
It's the WiFi password I'm not really sure about, OK so it's only 8 L/C characters, but is it a realistic risk that there are people going around with devices to crack into peoples' WiFi? Mine barely reaches all the rooms in the house, let alone out in the street. And it would be a pain to have to go around changing phones, NOW TV box, printer etc etc, not to mention occasional visitors I've given it to.
Gunslinger is offline   Reply With Quote
Old 24-06-2017, 08:55   #33
jb66
cf.mega poster
 
jb66's Avatar
 
Join Date: Aug 2009
Posts: 5,386
jb66 has a bronze arrayjb66 has a bronze arrayjb66 has a bronze array
jb66 has a bronze arrayjb66 has a bronze arrayjb66 has a bronze arrayjb66 has a bronze arrayjb66 has a bronze arrayjb66 has a bronze arrayjb66 has a bronze arrayjb66 has a bronze arrayjb66 has a bronze array
Re: Virgin Media urges password change over hacking risk

What is there to gain from finding out my Wi-Fi password?
jb66 is offline   Reply With Quote
Old 24-06-2017, 10:55   #34
Mr K
Woke and proud !
 
Mr K's Avatar
 
Join Date: Jun 2004
Services: TV, Phone, BB, a wife
Posts: 9,108
Mr K has a nice shiny star
Mr K has a nice shiny starMr K has a nice shiny starMr K has a nice shiny starMr K has a nice shiny starMr K has a nice shiny starMr K has a nice shiny starMr K has a nice shiny starMr K has a nice shiny starMr K has a nice shiny starMr K has a nice shiny starMr K has a nice shiny starMr K has a nice shiny starMr K has a nice shiny starMr K has a nice shiny starMr K has a nice shiny starMr K has a nice shiny star
Re: Virgin Media urges password change over hacking risk

Quote:
Originally Posted by jb66 View Post
What is there to gain from finding out my Wi-Fi password?
Seeing as VM are now allowing any other VM customer to use your WiFi it does become a bit irrelevant. Opt for modem mode and use your router instead of VMs insecure equipment, faster speeds too.
Mr K is online now   Reply With Quote
Old 24-06-2017, 11:30   #35
RobboEdin
cf.mega poster
 
RobboEdin's Avatar
 
Join Date: Oct 2009
Posts: 2,065
RobboEdin has reached the bronze age
RobboEdin has reached the bronze ageRobboEdin has reached the bronze ageRobboEdin has reached the bronze ageRobboEdin has reached the bronze ageRobboEdin has reached the bronze ageRobboEdin has reached the bronze ageRobboEdin has reached the bronze ageRobboEdin has reached the bronze ageRobboEdin has reached the bronze ageRobboEdin has reached the bronze ageRobboEdin has reached the bronze ageRobboEdin has reached the bronze ageRobboEdin has reached the bronze ageRobboEdin has reached the bronze ageRobboEdin has reached the bronze age
Re: Virgin Media urges password change over hacking risk

Quote:
Originally Posted by Mr K View Post
Seeing as VM are now allowing any other VM customer to use your WiFi it does become a bit irrelevant. Opt for modem mode and use your router instead of VMs insecure equipment, faster speeds too.
...and that's the sort of ill-informed rubbish that gets rumours going. Get your facts straight before writing such piffle.
RobboEdin is offline   Reply With Quote
Old 24-06-2017, 14:31   #36
Gunslinger
cf.addict
 
Join Date: Feb 2005
Location: Oxfordshire
Age: 76
Services: VM XL, Tivo, BB, Prime, Now TV, Tennis TV
Posts: 152
Gunslinger is on a distinguished roadGunslinger is on a distinguished road
Re: Virgin Media urges password change over hacking risk

Quote:
Originally Posted by jb66 View Post
What is there to gain from finding out my Wi-Fi password?
Depends where you live and who lives around you. People could use your connection to download all sorts of illegal stuff or commit other crimes, for which you might get the blame because your IP address would be all over it.

However to do that they have to be in signal range of the router. To break your password, possibly for many hours. To be honest, the signal from my Superhub is pretty iffy at the other end of the house, let alone out in the street or in neighbouring properties, so maybe the risk is not so great?
Gunslinger is offline   Reply With Quote
Old 24-06-2017, 15:08   #37
Springy
cf.member
 
Join Date: Oct 2008
Posts: 32
Springy is an unknown quantity at this point
Re: Virgin Media urges password change over hacking risk

Quote:
Originally Posted by jb66 View Post
What is there to gain from finding out my Wi-Fi password?
Basically allows an attacker into your network. Once in they could do quite a lot of things. For example the recent WannaCry could be exploited inside the network by just hitting the SMB server of an effected device.

Basically it allows an attacker to see what you have connected on your network, scan for any device with known exploits and do something with it. Especially with the rise of insecure IoT device.
Springy is offline   Reply With Quote
Old 25-06-2017, 15:46   #38
richard s
Permanently Banned
 
Join Date: Jan 2012
Location: Near France
Services: Tivo XL 150mb broadband L phone
Posts: 1,817
richard s is the helpful onerichard s is the helpful onerichard s is the helpful onerichard s is the helpful onerichard s is the helpful onerichard s is the helpful onerichard s is the helpful onerichard s is the helpful onerichard s is the helpful onerichard s is the helpful onerichard s is the helpful onerichard s is the helpful onerichard s is the helpful onerichard s is the helpful onerichard s is the helpful onerichard s is the helpful onerichard s is the helpful onerichard s is the helpful one
Re: Virgin Media urges password change over hacking risk

Probably force.
richard s is offline   Reply With Quote
Old 26-06-2017, 20:30   #39
tidder23
cf.member
 
Join Date: Jul 2010
Posts: 26
tidder23 is on a distinguished roadtidder23 is on a distinguished road
Re: Virgin Media urges password change over hacking risk

Quote:
Originally Posted by jb66 View Post
What is there to gain from finding out my Wi-Fi password?
they could do a man in the middle attack which means they can funnel all your traffic through them

one thing they could do redirecting online banking sites to trick you to give up your information

years ago I used to take over my brother's Facebook account and write stupid messages on his wall

and if you are thinking there is no master hacker living near you
the hacking tools i used was basically a numbered list (press 1 to hack and press 2 to evil laugh)

only thing stopping them is your Wi-Fi password
tidder23 is offline   Reply With Quote
Old 27-06-2017, 11:01   #40
Kushan
FORMER Virgin Media Staff
 
Join Date: Dec 2010
Location: Warrington
Posts: 4,737
Kushan has a bronzed appealKushan has a bronzed appeal
Kushan has a bronzed appealKushan has a bronzed appealKushan has a bronzed appealKushan has a bronzed appealKushan has a bronzed appealKushan has a bronzed appealKushan has a bronzed appealKushan has a bronzed appealKushan has a bronzed appealKushan has a bronzed appealKushan has a bronzed appealKushan has a bronzed appealKushan has a bronzed appealKushan has a bronzed appealKushan has a bronzed appealKushan has a bronzed appealKushan has a bronzed appealKushan has a bronzed appealKushan has a bronzed appealKushan has a bronzed appeal
Re: Virgin Media urges password change over hacking risk

Quote:
Originally Posted by iadom View Post
I read that they only use 24 of the possible 26 letters which reduces the time to crack by a considerable margin. Mine didn't have 'any' in it anywhere.

I can also confirm that my daughters wifi password has no similarity to mine whatsoever.
Don't forget, it's case sensitive, so it's more like 48 letters + numbers. 58 vs 62 possible characters isn't quite a big difference.

Having said that, password length will always trump complexity. While I agree the default passwords on routers are possibly not terribly secure, they should be changed regardless.

If you change it to a password that's 15+ characters long, even purely lower case will be more secure than a "complex" 8 character password.

To give an example, if you have an 8 character password to which any of the 8 characters can be one of 100 possible values (26 lowercase + 26 uppercase + 10 numeric + a bunch of symbols, punctuation, spaces, etc.), you'd get 10,000,000,000,000,000 possibilities.

Whereas if you have a 15 character long password of just lower case letters, it's 1,677,259,342,285,725,925,376 possible combinations. Length really does trump complexity.

10,000,000,000,000,000
vs
1,677,259,342,285,725,925,376

Use a passphrase of uppercase and lowercase letters with some punctuation thrown in and nothing will ever brute force it, even with dictionary attacks.
Kushan is offline   Reply With Quote
Old 27-06-2017, 11:13   #41
iadom
Oh Lanky Lanky.
 
iadom's Avatar
 
Join Date: Jun 2003
Location: Shaw, Oldham, Lancashire.
Services: 2 V6 running 360. 500mb BB, Phone line, mobile simm.
Posts: 7,956
iadom has a nice shiny stariadom has a nice shiny star
iadom has a nice shiny stariadom has a nice shiny stariadom has a nice shiny stariadom has a nice shiny stariadom has a nice shiny stariadom has a nice shiny stariadom has a nice shiny stariadom has a nice shiny stariadom has a nice shiny stariadom has a nice shiny stariadom has a nice shiny stariadom has a nice shiny star
Re: Virgin Media urges password change over hacking risk

I was talking about the original wifi password on the bottom of the router, that uses uses a combination of only 24 lower case letters.
iadom is offline   Reply With Quote
Old 27-06-2017, 11:24   #42
General Maximus
Ran Away
 
Join Date: Nov 2008
Location: Lincoln
Services: phone + 1gbit BB + SkyQ
Posts: 11,021
General Maximus is cast in bronzeGeneral Maximus is cast in bronzeGeneral Maximus is cast in bronzeGeneral Maximus is cast in bronze
General Maximus is cast in bronzeGeneral Maximus is cast in bronzeGeneral Maximus is cast in bronzeGeneral Maximus is cast in bronzeGeneral Maximus is cast in bronzeGeneral Maximus is cast in bronzeGeneral Maximus is cast in bronzeGeneral Maximus is cast in bronzeGeneral Maximus is cast in bronzeGeneral Maximus is cast in bronzeGeneral Maximus is cast in bronzeGeneral Maximus is cast in bronze
Re: Virgin Media urges password change over hacking risk

Quote:
Originally Posted by Kushan View Post
10,000,000,000,000,000
vs
1,677,259,342,285,725,925,376
simply put for those who are not mathematically inclined you are looking at a different of 1x10^16 and 1x10^21. There is difference of 5 orders of magnitude which is huge.
General Maximus is offline   Reply With Quote
Old 27-06-2017, 11:40   #43
pip08456
Sad Doig Fan!
 
pip08456's Avatar
 
Join Date: Aug 2007
Location: Barry South Wales
Age: 67
Services: With VM for BB 250Mb service.(Deal)
Posts: 11,647
pip08456 has a nice shiny starpip08456 has a nice shiny star
pip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny star
Re: Virgin Media urges password change over hacking risk

With the right tools an 8 letter lower (or upper ) case password can be cracked in less than a day.
Using a string of Disney names as posted above would be even quicker.

---------- Post added at 10:40 ---------- Previous post was at 10:33 ----------

Quote:
Originally Posted by Kushan View Post
Don't forget, it's case sensitive, so it's more like 48 letters + numbers. 58 vs 62 possible characters isn't quite a big difference.

Having said that, password length will always trump complexity. While I agree the default passwords on routers are possibly not terribly secure, they should be changed regardless.

If you change it to a password that's 15+ characters long, even purely lower case will be more secure than a "complex" 8 character password.

To give an example, if you have an 8 character password to which any of the 8 characters can be one of 100 possible values (26 lowercase + 26 uppercase + 10 numeric + a bunch of symbols, punctuation, spaces, etc.), you'd get 10,000,000,000,000,000 possibilities.

Whereas if you have a 15 character long password of just lower case letters, it's 1,677,259,342,285,725,925,376 possible combinations. Length really does trump complexity.

10,000,000,000,000,000
vs
1,677,259,342,285,725,925,376

Use a passphrase of uppercase and lowercase letters with some punctuation thrown in and nothing will ever brute force it, even with dictionary attacks.
Depends on how many gpu 's you have working on it and the time you want to spend.

Hashtopussy is a dangerous tool in the wrong hands.
pip08456 is offline   Reply With Quote
Old 27-06-2017, 11:57   #44
Kushan
FORMER Virgin Media Staff
 
Join Date: Dec 2010
Location: Warrington
Posts: 4,737
Kushan has a bronzed appealKushan has a bronzed appeal
Kushan has a bronzed appealKushan has a bronzed appealKushan has a bronzed appealKushan has a bronzed appealKushan has a bronzed appealKushan has a bronzed appealKushan has a bronzed appealKushan has a bronzed appealKushan has a bronzed appealKushan has a bronzed appealKushan has a bronzed appealKushan has a bronzed appealKushan has a bronzed appealKushan has a bronzed appealKushan has a bronzed appealKushan has a bronzed appealKushan has a bronzed appealKushan has a bronzed appealKushan has a bronzed appealKushan has a bronzed appeal
Re: Virgin Media urges password change over hacking risk

Quote:
Originally Posted by pip08456 View Post
With the right tools an 8 letter lower (or upper ) case password can be cracked in less than a day.
Using a string of Disney names as posted above would be even quicker.

---------- Post added at 10:40 ---------- Previous post was at 10:33 ----------



Depends on how many gpu 's you have working on it and the time you want to spend.

Hashtopussy is a dangerous tool in the wrong hands.
With enough computing power you can brute force nearly anything, no matter how long and complex it is. The key is not to be the low-hanging fruit.

Also note I'm not advocating purely lower-case passwords, that was just an extreme example to show how much better length is than complexity. I stand by a passphrase is the best form of "password".
Kushan is offline   Reply With Quote
Old 27-06-2017, 12:20   #45
pip08456
Sad Doig Fan!
 
pip08456's Avatar
 
Join Date: Aug 2007
Location: Barry South Wales
Age: 67
Services: With VM for BB 250Mb service.(Deal)
Posts: 11,647
pip08456 has a nice shiny starpip08456 has a nice shiny star
pip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny star
Re: Virgin Media urges password change over hacking risk

I know you weren't advocating all lower case but phrases are a no no too. Google Sagitta brutalis. The community I'm involved with have 4 of these and another 64 pc's with at least 2 gpu's. Doesn't take long. Before you ask we do not do it for nefarious reasons.
pip08456 is offline   Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +1. The time now is 21:56.


Server: osmium.zmnt.uk
Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2024, vBulletin Solutions Inc.