Comcast assigned every mobile customer the same unchangeable PIN to protect against SIM hijack attacks: 0000

#1

Originally published at: https://boingboing.net/2019/03/02/euthanize-comcast.html

3 Likes
#2

16 Likes
#3

And that isn’t even the start of it. The company I worked for sold ComCrap networking equipment and they used public routeable IP addresses for the switches. We begged them to stop that, because about once an month a DOS attack on their infrastructure would happen and they’d scream about it.

The are the Poster Company for how NOT to be secure.

12 Likes
#4

What if companies that suffer a data breach were required to disclose the technical details of their security arrangements. What do you want to bet that Comcast stores your passwords in the clear?

8 Likes
#5

So it’s not Password123? Shrewd.

4 Likes
#6

President Scroob thinks they’re idiots!

5 Likes
#7

Hey, they are using military grade crypto! :wink:

Maybe they should have used the extra zeroes though. Just to be safe.

9 Likes
#8

I’ll use two tin cans and some waxed string before I’ll sign up with Comcast, and here’s just one more reason why…

2 Likes
#9

10 Likes
#10

So…what exactly was the purpose of having a PIN then? It does stand for Personal Identification Number. What they did was assign a GIN, Global Identification Number, which just seems completely purposeless. It’s be like having one of those standard combination locks on your front door, which most people never change from the factory combination, and taping tissue paper over it to make it harder to break into.

4 Likes
#11

Yet more reason to get a password manager. No repeated passwords, and no way to guess a string of random letters, numbers, and symbols. I don’t even know my passwords. So the decisions of stupid corporations like Comcast are much less likely to affect me.

1 Like
#12

It’s not the fault of the people who bought this snake oil, because their introductory deals were just ridiculously cheap and it gets very hard to expect someone to get relief on a near-necessity over temptation like that.

However, if the company that is the most hated company in America because it’s shitty customer service and terrible technology just don’t sign a contract with them ever. I know we have lost our healthy disdain of corporations and only recently seem to be getting it back as a country; but seriously - Comcast provides TV, Internet, and phones and people hate them more than Wall Street.

1 Like
#13

I seem to be slow on the uptake. Judging from BB posts and comments, I thought that would be Delta?

2 Likes
#14

The infrastructure for moving your phone number to a different mobile carrier requires one for security reasons (to prevent exactly this thing from happening), but I’m betting Comcast wasn’t interested in expending any effort that would make customers aware that they had the option of leaving.

2 Likes
#15

It’s a crowded field.

1 Like
#16

I’m surprised they sprung for a 4-character PIN. They could have just gone with a single “0”. And they could market it as, “how many fucks we give about our customers.” Win-win.

2 Likes
closed #17

This topic was automatically closed after 5 days. New replies are no longer allowed.