back to article Sky Broadband puts the fault into default Wi-Fi security

Sky Broadband advises customers to consider changing their default Wi-Fi passwords - because the apparently random network keys are guess-able. The ISP issues customers with a wireless router that is pre-configured with wireless security switched on, and an apparently random network key. This sounds like a good plan. However, …


This topic is closed for new posts.
  1. Andy Worth

    "Default" password...

    Why would anyone NOT change their wireless password? I must admit, I never read the instructions that came with my wireless router but pretty much the first thing I did was to change the password.

    And yes, I use Sky Broadband and in general it seems to be a decent service.

  2. Paolo

    Yeah, because that worked so well for the gmail switchover...

    Sending out a notice that your WiFi key is easily compromised to your userbase that's *already proved* it's unable/unwilling to perform technical tasks (see switch to GMail's email servers for proof) seems something of a waste of time.

    What are the chances of someone war-driving past your house AND you having Sky broadband AND it having a weak key AND they stop long if enough to figure out the MAc -> key algo AND can be bothered to download something before driving up the road for a pint and a pasty?

    Mines the one with the aerial sewn into the sleeve and strange chalk marks on the back...

  3. Matt

    Why bother?

    I agree with Paolo and in my house I can pick-up about 4 different wireless networks with no security so as mine is the only one with a password I'd presume any local hackers or network thieves would just jump on someone elses!

  4. Anonymous Coward
    Black Helicopters


    Thats a bit strange, my sisters router was completely open to teh world, default sky admin password, SSID being transmitted as, strangely enough "SKY" and no wireless security enabled at all.

  5. Tim

    Re: "Default" password...

    Those who have a clue about computers may change the password but I'd guess a lot of people don't bother.

    Certainly seems the case with BT and their Home Hubs (which are based on the MAC also? and default to the less secure WEP instead of WPA).

  6. Ramzi Yakob

    More than security problems

    On top of this, the re-badged router/modem which comes with Sky broadband is a hunk of junk and constantly drops connections if you try to use any kind of P2P software (this includes the BBC iPlayer, and even the World of Warcraft update installer).

    Although it breaks Sky's Ts&Cs, I'd highly recommend doing a Google hunt to find out how to program a good modem/router to work with your Sky broadband account. There are a few very easy to follow walkthrough's online. I actually found after doing this that my top end download speed also increased when I replaced the shoddy hardware.

  7. Alex Wells

    A Consultant Post Beckons...

    Ok, 40k and ludicrous benefits if you please - if you used the MAC address from the PREVIOUS router you were configuring, in order to generate the secure key for the current router, surely you would have avoided any such problems?

  8. Ivan Headache

    @Ramzi Yakob

    Is this ALL DG834s or just yours?

    I've been supplying these since they had no letters after the numbers and must have installed about 200. So far (in all that time) I've only had to replace 1,

    In 10 minutes time I'm off to install another.

  9. NoOnions

    @ Ramzi Yakob

    Possibly only the original router?

    I've got the new Sagem router and I get no issues with P2P or iPlayer.

    Wireless reception/strength is also much better than my old Netgear router (as used with Nildram before I moved to Sky).


  10. Anonymous Coward
    Anonymous Coward

    Re: ""Default Password""


    By the very fact you've posted a comment on a IT related website and changed your router password without reading the manual, it indicates that you either work in IT or have an interest in IT.

    Sky broadband is aimed at everybody, and although the populace is getting more IT aware, the average man in the street is not going to be so savvy as to automatically change router passwords.

    I think that there is a responsibility of the provider to educate their customers whenever possible.

    After working in IT for far too many years to mention, I know that there is sometimes an assumption that everybody knows a more bit about IT than they actually do.

    So before berating the end-user, think about it, for example a person could be the best plumber in the world why does he need to know about router configuration or security, they are paying a service provider to do that on their behave.

    If the service provider doesn't do this or correctly inform the customer about it, then they are not doing their job properly.

  11. This post has been deleted by its author

  12. Richard Eustace

    @Ivan Headache

    It just seems to be the Sky supplies ones.

    My old man had connection problems with Sky, when I replaced his Sky supplied DG834s with one purchased from Amazon the problems went away and the conenction seems to be faster.

    I guess Sky has poked about inside the router and stuffed it up.

  13. Peter Gathercole Silver badge

    Have you tried to crack WEP

    I is important that you cannot algorithmetrically guess a WEP password, because even 64 bit WEP is enough to deter casual bandwidth-stealers.

    I made an attempt to crack a 64 bit WEP key on one of my wireless routers recently, just to see how long it would take.

    I used airmon, airodump and aircrack, and read that I would need something over 200,000 packets before aircrack would be guaranteed to recover the key. I found that it was not the power of the machine running the crack, but the amount of traffic on the network which determined the amount of time to crack the key.

    After running the whole weekend, I had nowhere near enough packets with just surfing running on the network (I admit it was a quiet, but not idle network), so I suspect that most war-drivers will not bother to hang around to attempt to crack your 64 bit WEP unless you are a big-time P2P user, or throw large media files around your wireless network.

    Of course, the 15 year old h4x0r or script-kiddie in the next road, trying to get porn without their parents knowing might be a different matter.

  14. N1AK

    @Peter Gathercole

    I'm not going to post the details, but what you did is known as passive monitoring. It is trivially easy for an external computer to massively increase the network traffic (and not just specific network traffic, but one particular type where the content of the packets is largely known) when trying to get a WEP key.

    I suggest looking into this simply because it is an interesting topic, but I assure you that claims WEP can be cracked in minutes are not lies.

  15. docjekill

    RE: Have you tried to crack WEP

    Yes, I have. Not 64bit, actually, I only tried 128bit. On a near-silent network it takes a few minutes to pick up enough IVs to start injecting your own. After that 128bit WEP can be done in under five minutes using the current aircrack-ng. And I am twice as old as your 15yo script kiddie.

    The simple truth is, you don't need to hang around to get into a protected network - you create the necessary traffic yourself. And 40,000 IVs will do even for WEP128 with current cracking software. I encourage reading the tutorials on aircrack-ng's website. It's not difficult to do if all you need is in one place...!

    And for Paolo and Matt: It's much more interesting using someone's wireless network who believes themselves to be secure rather than using the already unprotected one. Granted, unprotected is easier (and thus will be used often enough by someone else), but owners of protected networks have things like network shares and all sorts of other things they find they can "trust" their own network with...

  16. Paul van der Lingen

    call me paranoid but...

    My wireless router sits behind a dedicated BSD security box, it runs WPA2, has no default anything, and I change the passwords randomly (but often).

    The BSD box will only accept connections from known Mac / IP combinations and anyway, logs all traffic and connections/attempts. I get a graph in my inbox every morning with all usage.

    And then, if you do get past all that, there's not a single 'doze box on the network, only secured Macs.

    Granted, this is not typical. But it's at least moderately safe.

  17. Ross


    [Why would anyone NOT change their wireless password? I must admit, I never read the instructions that came with my wireless router but pretty much the first thing I did was to change the password.]

    lol. Sky don't provide any info on how to log in to the router, including IP addr, username or password. Most people wouldn't even know you CAN log in and reconfigure it. So that's whay. Jesus...

    I saw my PCs IP addr and guessed the routers IP addr (extremely simple with even the most basic understading of subnets, but my parents wouldn't have a clue), I then guessed the login and password (took 2 attempts - admin/sky if you want to know) I was then able to change the encryption key, change the routers password, disable SSID broadcasting and add a couple of firewall rules.

    The vast majority of users aren't going to even consider that tho are they without the manual telling them it's even possible.

    Frankly the router Sky provide is reasonably secure out of the box (the default login/password is a big risk tho) It's good to know that the encryption key can be calculated from the MAC, but given the number of open Wi Fi points out there Sky users are still way down the list of people to steal Wi Fi from.

  18. The Avangelist

    I know 8 people on sky broadband

    and all the routers are sent out with the default settings for the router being admin and sky as the password. No word of a lie.

    Plus the firmware on those netgears are complete shit and they will not supply you with account details to use your own third party hardware. If you look in the T&C's it actually states in doing so you void your contract.

    It wouldn't be so bad if it wasn't for the fact that they bloody use MAC cloning like cable routers a la Virgin, which has got to be the eeeeeeeeasist of things to replicate.

    I sincerely hope their satelittes have better security than their tera firma gear.

  19. RupertTHEbare

    Crass ignorance and willful neglect of a duty of care

    What is perhaps more worrying than either the ignorant arrogance of the Sky spokesperson or incompetence of the team that dreamed up the router's release configuration, is the whole issue about the security (sic) of WEP per se.

    With claims that a 64bit can be broken in minutes, I don't see why any router manufacturer/ISP wouldn't want to see, as standard, a "WPA-PSK [TKIP] + WPA2-PSK [AES]" key set up, say, with an automatic 64bit random key generator button right there on the interface.

    Of course that wouldn't make everyone use the security afforded, but it might make the few that do a little safer and certainly Sky wouldn't be open to the charge of crass ignorance and willful neglect of a duty of care, as they are now.


  20. Anonymous Coward

    Consumers have a responsibility too

    I's all very well saying that the company who sells something should do this or that but the consumer has a responsibility to educate themselves as well. Buying without knowing what you are really buying and it's caveat emptor. Anyone how has broadband has the means to educate themselves i.e. the internet. Most people are too lazy to read beyond the quick set up guide. If that's the case then it's their own fault. Manuals are put in boxes not to chew up rainforest but to allow people to better understand their equipment. I'm sick to the back teeth of people asking me dumb a*ssed questions about how to do this that and the other on their new piece of crap that they bougtht because it was shiny. All the questions are answered in that manual the threw away.

    Far too much spoon feeding of people is done these days. It wouldn't surprise me if more than half the population could even wire up a plug.

  21. Peter Gathercole Silver badge

    Cracking WEP

    I wondered what I was doing wrong. I was just working from the original aircrack manual pages.

    Of course (having looked around a bit), it would help if my laptop did not have a Intel 2200BG chipset. I know I'm wimping out here, but for a quick investigation, I am not going to go down the route of re-compiling the ipw2200 modules. Oh well, looks like I need the backtrack2 livecd.

  22. docjekill

    @Cracking WEP

    Firstly, it is important to note that aircrack and aircrack-ng are two different things. You want the "-ng"! Secondly, you also want -z option available in more recent versions of aircrack-ng, which has the "break 128bit WEP with just 40,000 IVs option". That feature is not available in backtrack2, yet, though. And even if it was, that would not help with your unfortunate choice of chipset, anyway, because backtrack is simply a Linux system that boots off a CD and not a magical solution to having the wrong hardware.

    In the end, I found it easier to setup a Debian system with exactly the stuff I need than dealing with backtrack2. If your chipset *is* functioning nicely for injection, the patched drivers are out there available for download already.

    I find it necessary to point out that I do WEP cracking for testing purposes only and always only attempt breakins into networks I own or administrate...!

  23. Anonymous Coward

    Just Jailbreak it!

    I got rid of the sky software altogether and the speed increases are notable!

    Using netgear's update service won't get you sky software free though - use the recovery program on netgears website and manually download the firmware file, then run recovery program and update away - one debranded Netgear DG834GT!

    Apart from the hardware, my broadband connection is both reliable and doesn't suffer connection drops anywhere near the BT Home hub!!! very happy Sky customer!

  24. Anonymous Coward

    Sky router firmware flaky, no more

    It is well known at least in the Sky user community that the "phase 1" Netgear routers have firmware that is flaky at best. It is also known that Sky are preparing a firmware upgrade to resolve all of the known issues attributable to that firmware. The firmware is written by Netgear and they nobbed it up in respect of the Sky customisations. Perhaps a lesson to the wise is not to customise firmwares beyond the absolute minimum required.

    Anyroadup, the bugginess does not affect Phase 2 Netgear or Sagem Sky routers.

    On topic: Isn't it about time that those who use IT got the hang of the basics like security? Or are these the same people who still hang their front door key on the inside of the letterbox on a piece of string?

  25. Peter Gordon

    ISP provided kit has to be secure out of the box

    I've had Sky broadband more-or-less since it launched. The first thing i did when i got my sky broadband router was put the manual and CD in a draw (i never install ISP provided software), found the IP address of the router from the IP it gave my laptop via DHCP, guessed the admin login (admin/sky), changed from WEP to WPA, changed the SSID, changed the WiFI password, changed the admin password, disabled DHCP, enabled MAC filtering etc. etc.

    But how many of sky's customers even know how to change router settings? A lot of folks get the box, plug it in and trust the ISP to know what they're doing.

  26. Anonymous Coward
    Thumb Up

    Router's firmware is totally crap

    Even with the 'new' version 2, you get frequent drop offs, meaning you have to reboot the router at least twice a day.

    Injecting the line:

    into a web browser and then saving the cfg file, opening with any text editor will reveal your username and password, making configuring any other router so much simpler.

    Then there are no drop offs, constant reboot etc..I know because I've alrady done it.

    AC because I don't want Sky to know I've broken my T&Cs.

  27. I. Aproveofitspendingonspecificprojects

    @Ramzi Yakob

    Sugar's special.

    Loss leaders or what? The original SKY malware was the stuff made for them by a certain "entrepreneur" famous for his pig ignorance.

    Nothing seems to have changed.

  28. Anonymous Coward

    Sky netgear ADSL Router

    I can confirm I'm someone else who had nothing but issues with the netgear ADSL Wireless Router provided with sky. It would drop connections for no clear reason (i even checked for interference by borrowing a airdefence sensor from work etc.)

    Once I replaced that with a seperately bought ADSL Router the sky adsl has been rock solid for me.

    As for voiding terms and conditions, I'm sure sky are well aware of how many non-netgear adsl routers are connecting. I doubt many of us bother modifing MAC addresses on our ADSL routers.

  29. themachine

    That's not all

    I am a Sky customer, I noticed that the WPA key was too short and all upper case. Not to hard to brute force or use some lookup tables on.

    Furthermore, Sky put their own firmware on the netgear router and change the default netgear password so I was unable to log in. The router comes with no information whatsoever about how to login and configure the router, and no username and password combination.

    I was terrified when The router arrived since I did not want Sky to dictate my configuration. Luckily the username and password is easily found on forums. It appears as if Sky thought that their one size fits all configuration was sufficient for all customers. There are numerous changes that need to be made to the router such as: turning UPNP off (I don't trust it) Closing some firewall ports that are open despite having a single DENY ALL rule, setting up logging, adding inbound rules (yes Sky, some people do like to have connectivity in to their home network).

    Whats more disturbing is that the ISP credentials are hidden and you are not supposed to change the router (There are ways around this but not if you want to adhere to the ToS). The router is not the best choice as it has multiple known vulnerabilities, I have to whack another firewall behind it to protect my internal LAN.

    Sky seem to assume that all their customers know absolutely nothing about security or IT, I found that with the extremely unknowledgable technical support staff at all three tiers of support. I was given many pieces of incorrect technical information and even was told to change my WIFI security to WEP after I asked for a replacement router as my wireless was not working. I informed them that I have plenty of experience troubleshooting wireless and that the router was definitely faulty.

    I really could go on for ages about Skys lack of technical and security awareness...

  30. Ramzi Yakob

    @ @ Ramzi Yakob

    Well it does look like I'm in a minority with the shoddy netgear router. The strange thing is I've had two similar netgear routers in the last 3 years and both have ended up in the bin within a week because they would drop connections.

    Although having said that, although I may be in a minority when it comes to the contributors to this thread - I definitely share my pain with hundreds of other people who have looked, found, posted, and discussed how to use 3rd party hardware with a Sky broadband account.

    Cheers all

This topic is closed for new posts.

Other stories you might like