SunRocket is an Immoral Company

Discussion in 'VOIP' started by Angry SunRocket Customer, Apr 18, 2006.

  1. Are you aware that SunRocket's Gizmo (the InnoMedia SIP MTA 6328-R) leaves
    WAN ports 80 and 23 open for all the world to access? As if that's not bad
    enough its setup doesn't let you turn off this type of WAN access with the
    firmware that ships with the Gizmo. And as if that is not bad enough
    SunRocket does not tell you any of this! This is just outrageous. If you're
    going to do business with this company put their Gizmo behind a router. At
    least change the gizmo's password. As for me, I'm shipping their gizmo back
    tomorrow and going to get my money back.
    Angry SunRocket Customer, Apr 18, 2006
    #1
    1. Advertising

  2. On Tue, 18 Apr 2006 06:18:56 GMT, in article <kx%0g.66448$H71.56093
    @newssvr13.news.prodigy.com>, Angry SunRocket Customer writes...

    > Are you aware that SunRocket's Gizmo (the InnoMedia SIP MTA 6328-R) leaves
    > WAN ports 80 and 23 open for all the world to access? As if that's not bad
    > enough its setup doesn't let you turn off this type of WAN access with the
    > firmware that ships with the Gizmo. And as if that is not bad enough
    > SunRocket does not tell you any of this! This is just outrageous. If you're
    > going to do business with this company put their Gizmo behind a router. At
    > least change the gizmo's password. As for me, I'm shipping their gizmo back
    > tomorrow and going to get my money back.



    Sounds more like they're technically clueless, rather than
    "immoral".

    "Try never ascribe to malice that which can easily be
    explained by negligence".



    --
    * Few people are capable of expressing with equanimity opinions which *
    * differ from the prejudices of their social environment. Most people are *
    * even incapable of forming such opinions. -- Albert Einstein *
    * *
    * To send email, remove numbers and spaces: pjkusenet64 @ ekahuna27 . com *
    * Simple answers are for simple minds. Try a new way of looking at things. *
    Philip J. Koenig, Apr 18, 2006
    #2
    1. Advertising

  3. Angry SunRocket Customer

    Terry Smith Guest

    Understand the security concern and agree the unit should be behind a
    router. Putting it behind a router also saves bandwidth (don't know why but
    try it run speed test before & after)

    If port 80 is open, that would seem to indicate there might be a way for us
    to 'user configure' it. I'd love to reconfig Ethernet port to fixed 10mb
    rather then 'autosense'


    "Angry SunRocket Customer" <> wrote in message
    news:kx%0g.66448$...
    Are you aware that SunRocket's Gizmo (the InnoMedia SIP MTA 6328-R) leaves
    WAN ports 80 and 23 open for all the world to access? As if that's not bad
    enough its setup doesn't let you turn off this type of WAN access with the
    firmware that ships with the Gizmo. And as if that is not bad enough
    SunRocket does not tell you any of this! This is just outrageous. If you're
    going to do business with this company put their Gizmo behind a router. At
    least change the gizmo's password. As for me, I'm shipping their gizmo back
    tomorrow and going to get my money back.
    Terry Smith, Apr 18, 2006
    #3
  4. Have you called their support? Web access is an option which they can turn
    off.

    Jonathan

    "Angry SunRocket Customer" <> wrote in message
    news:kx%0g.66448$...
    > Are you aware that SunRocket's Gizmo (the InnoMedia SIP MTA 6328-R) leaves
    > WAN ports 80 and 23 open for all the world to access? As if that's not bad
    > enough its setup doesn't let you turn off this type of WAN access with the
    > firmware that ships with the Gizmo. And as if that is not bad enough
    > SunRocket does not tell you any of this! This is just outrageous. If

    you're
    > going to do business with this company put their Gizmo behind a router.

    At
    > least change the gizmo's password. As for me, I'm shipping their gizmo

    back
    > tomorrow and going to get my money back.
    >
    >
    >
    Jonathan Roberts, Apr 18, 2006
    #4
  5. "Jonathan Roberts" <> wrote in message
    news:uw41g.1064$fG3.1018@dukeread09...
    > Have you called their support? Web access is an option which they can
    > turn
    > off.


    They told me it had to be open so they could service the device. I've sent
    their device back and am awaiting my refund. I'm not going to be involved
    with a company that careless or clueless.
    Angry SunRocket Customer, Apr 18, 2006
    #5
  6. Angry SunRocket Customer

    Terry Smith Guest

    Guess I don't quite see the problem since it's only the voip router that
    could be compromised. Since it has a firmware binary type OS all one's
    going to get is a config menu. Even if it was cracked, suspect only way to
    mod code would be thru a tedious TFTP type procedure. Hacker most likely
    will do something more productive. There are things abt SR service overload
    that annoy me but having these 2 ports open seems neither immoral or
    clueless.




    "Angry SunRocket Customer" <> wrote in message
    news:vm81g.16799$...
    "Jonathan Roberts" <> wrote in message
    news:uw41g.1064$fG3.1018@dukeread09...
    > Have you called their support? Web access is an option which they can
    > turn
    > off.


    They told me it had to be open so they could service the device. I've sent
    their device back and am awaiting my refund. I'm not going to be involved
    with a company that careless or clueless.
    Terry Smith, Apr 18, 2006
    #6
  7. " Terry Smith" <> wrote in message
    news:Ozc1g.16444$IZ2.14096@dukeread07...
    > Guess I don't quite see the problem since it's only the voip router that
    > could be compromised. Since it has a firmware binary type OS all one's
    > going to get is a config menu. Even if it was cracked, suspect only way
    > to
    > mod code would be thru a tedious TFTP type procedure. Hacker most likely
    > will do something more productive. There are things abt SR service
    > overload
    > that annoy me but having these 2 ports open seems neither immoral or
    > clueless.


    So you have no problem with this company exposing access to the device's
    config login over the Internet via unsecure ports? Why do they even need to
    expose these ports to the Internet at all? And of course they don't mention
    this potential security issue at all in any of their documentation. You
    have no problem with any of that?
    Angry SunRocket Customer, Apr 18, 2006
    #7
  8. Angry SunRocket Customer

    Terry Smith Guest

    Perhaps I'm just missing something but just having port 80 open doesn't mean
    you have access to unit. Most likely their NMC has a database of unique
    ID's like the MAC Addr that works with some add'l authentication. Next
    even if you cracked the thing most likely it would be much more of a
    headache for SR compared to end user.

    Anyone else know something about this?


    "Angry SunRocket Customer" <> wrote in message
    news:ACd1g.61288$...
    " Terry Smith" <> wrote in message
    news:Ozc1g.16444$IZ2.14096@dukeread07...
    > Guess I don't quite see the problem since it's only the voip router that
    > could be compromised. Since it has a firmware binary type OS all one's
    > going to get is a config menu. Even if it was cracked, suspect only way
    > to
    > mod code would be thru a tedious TFTP type procedure. Hacker most likely
    > will do something more productive. There are things abt SR service
    > overload
    > that annoy me but having these 2 ports open seems neither immoral or
    > clueless.


    So you have no problem with this company exposing access to the device's
    config login over the Internet via unsecure ports? Why do they even need to
    expose these ports to the Internet at all? And of course they don't mention
    this potential security issue at all in any of their documentation. You
    have no problem with any of that?
    Terry Smith, Apr 19, 2006
    #8
  9. " Terry Smith" <> wrote in message
    news:rCh1g.16572$IZ2.5354@dukeread07...
    > Perhaps I'm just missing something but just having port 80 open doesn't
    > mean
    > you have access to unit. Most likely their NMC has a database of unique
    > ID's like the MAC Addr that works with some add'l authentication. Next
    > even if you cracked the thing most likely it would be much more of a
    > headache for SR compared to end user.


    I went across town to a friend's computer, connected to the Internet on his
    computer, brought up Internet Explorer and http'd to my IP address and I was
    able to log in to my SunRocket Gizmo. I would bet you a thousand dollars
    that the overwhelming majority of people who use SunRocket do not change the
    Gizmos default password. If you knew the IP address of a SunRocket user and
    they didn't change the default password on their Gizmo you or anyone could
    easily log into their Gizmo. With this kind of a situation SunRocket and
    their users are asking for trouble. Keeping WAN ports 80 and 23 open for
    access to the Gizmo's settings (including the ISP login settings) for the
    average SunRocket user is idiotic and asking for problems.
    Angry SunRocket Customer, Apr 19, 2006
    #9
  10. Angry SunRocket Customer

    Terry Smith Guest

    Well that certainly is interesting. Wow


    "Angry SunRocket Customer" <> wrote in message
    news:pLj1g.66652$...
    " Terry Smith" <> wrote in message
    news:rCh1g.16572$IZ2.5354@dukeread07...
    > Perhaps I'm just missing something but just having port 80 open doesn't
    > mean
    > you have access to unit. Most likely their NMC has a database of unique
    > ID's like the MAC Addr that works with some add'l authentication. Next
    > even if you cracked the thing most likely it would be much more of a
    > headache for SR compared to end user.


    I went across town to a friend's computer, connected to the Internet on his
    computer, brought up Internet Explorer and http'd to my IP address and I was
    able to log in to my SunRocket Gizmo. I would bet you a thousand dollars
    that the overwhelming majority of people who use SunRocket do not change the
    Gizmos default password. If you knew the IP address of a SunRocket user and
    they didn't change the default password on their Gizmo you or anyone could
    easily log into their Gizmo. With this kind of a situation SunRocket and
    their users are asking for trouble. Keeping WAN ports 80 and 23 open for
    access to the Gizmo's settings (including the ISP login settings) for the
    average SunRocket user is idiotic and asking for problems.
    Terry Smith, Apr 19, 2006
    #10
  11. Angry SunRocket Customer

    Terry Smith Guest

    When I attempt same I get a logon window but I still need password - It
    looks like this
    This unit is password protected

    Please enter the correct password to access the web pages



    "Angry SunRocket Customer" <> wrote in message
    news:pLj1g.66652$...
    " Terry Smith" <> wrote in message
    news:rCh1g.16572$IZ2.5354@dukeread07...
    > Perhaps I'm just missing something but just having port 80 open doesn't
    > mean
    > you have access to unit. Most likely their NMC has a database of unique
    > ID's like the MAC Addr that works with some add'l authentication. Next
    > even if you cracked the thing most likely it would be much more of a
    > headache for SR compared to end user.


    I went across town to a friend's computer, connected to the Internet on his
    computer, brought up Internet Explorer and http'd to my IP address and I was
    able to log in to my SunRocket Gizmo. I would bet you a thousand dollars
    that the overwhelming majority of people who use SunRocket do not change the
    Gizmos default password. If you knew the IP address of a SunRocket user and
    they didn't change the default password on their Gizmo you or anyone could
    easily log into their Gizmo. With this kind of a situation SunRocket and
    their users are asking for trouble. Keeping WAN ports 80 and 23 open for
    access to the Gizmo's settings (including the ISP login settings) for the
    average SunRocket user is idiotic and asking for problems.
    Terry Smith, Apr 19, 2006
    #11
  12. " Terry Smith" <> wrote in message
    news:wdy1g.2599$pi6.1314@dukeread12...
    > When I attempt same I get a logon window but I still need password - It
    > looks like this
    > This unit is password protected


    Right. That's why I said if anyone knew the default password they can get
    in. If you search around it's not hard to find out what the default user
    name and password are.
    Angry SunRocket Customer, Apr 20, 2006
    #12
  13. Angry SunRocket Customer

    Terry Smith Guest

    Hi Angry - Like to discuss a few things off-line My email is legit - How
    bout dropping me note


    "Angry SunRocket Customer" <> wrote in message
    news:EJB1g.70062$...
    " Terry Smith" <> wrote in message
    news:wdy1g.2599$pi6.1314@dukeread12...
    > When I attempt same I get a logon window but I still need password - It
    > looks like this
    > This unit is password protected


    Right. That's why I said if anyone knew the default password they can get
    in. If you search around it's not hard to find out what the default user
    name and password are.
    Terry Smith, Apr 20, 2006
    #13
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. SunRocket anyone?

    , Feb 18, 2005, in forum: VOIP
    Replies:
    2
    Views:
    447
  2. Steve Young

    swinging and nudity is WRONG and immoral

    Steve Young, Oct 21, 2003, in forum: Digital Photography
    Replies:
    10
    Views:
    723
    J. A. Mc.
    Nov 10, 2003
  3. Winston Smith

    Massive Voter Fraud -immoral with zero "values"

    Winston Smith, Nov 11, 2004, in forum: Digital Photography
    Replies:
    6
    Views:
    325
    Bob Harrington
    Nov 13, 2004
  4. Winston Smith

    Immoral Deficit - 10 trillion negative swing under Bush

    Winston Smith, Nov 11, 2004, in forum: Digital Photography
    Replies:
    6
    Views:
    361
    Chris Phillipo
    Nov 12, 2004
  5. newtaste
    Replies:
    0
    Views:
    833
    newtaste
    May 9, 2009
Loading...

Share This Page