My aunt called last week. She was having problems with her home network, and could I provide technical help? I agreed. I often play this role in the family.
My aunt gets home telephone service, cable TV, and Internet through a bundle deal with her local cable utility. TV service is provided through a digital set-top box. Phone and Internet are supplied by a modern DOCSIS cable modem with both phone and Ethernet jacks on the back. The phone line uses VoIP technology.
(If you ask a cable company, they may say they don’t sell “VoIP”, that their service uses the cable network, not the Internet — ignoring that “IP” stands for “Internet Protocol“. Silly cable company: We know you do sell VoIP but don’t want to be compared to those guys who sell it for less. Your network might be a little more reliable than the cheaps, but you still can’t say yours is as reliable as Plain Old Telephone Service.)
Earlier in the week, the VoIP home phone line crapped out and had no dial tone. Using her mobile phone, my aunt called the cable company and asked for help.
I don’t know exact call detail, but I gathered from speaking to my aunt that early in the call, the rep on the line asked her to factory reset her wireless router by inserting a paper clip into the hole at the back of the router. I’d set up that wireless router myself, in order to provide a secure Wi-Fi network for devices including a laptop and a streaming media player connected to the television.
Resetting the router did nothing to solve the no dial tone problem. Moving on, they reset the cable modem. Since the cable modem is the only device responsible for providing the phone service & dial tone, I’m puzzled why the rep would first suspect the wireless router and request it be reset. The rep could have asked for the router to be unplugged, just for now, so the cable modem could be diagnosed in isolation from the home network.
Once the cable modem was reset, dial tone was restored. Hurray! With problem solved, the rep thanked my aunt for her call. I imagine they informed her that customer-owned equipment is her responsibility — but I wager they didn’t admit that they had, in effect, nuked her secure wireless network from orbit.
Yes, the factory-resetting of the router destroyed the functioning secure wireless network I had set up before. All of the wireless devices that had been set up to access the network no longer connected.
On my call, I asked her to boot the old PC I knew was connected by Ethernet. I was thankful she kept the PC around, despite getting a laptop. I hoped the router would still essentially function for the wired computer, since I didn’t want to make the drive out there unless necessary. I walked my aunt through the steps required for the PC to accept my remote connection using Join.Me’s free service. We got it working.
Once in remotely, I opened a web browser and loaded the router’s administration interface. I logged in without a password, which was the default for this router after a factory reset. A new secure wireless network would have to be set up.
I discovered the worst part: Since reset, the router reverted to its factory default of establishing an unsecured wireless network with a default name, no encryption, and no passphrase. Access was wide open, shared to the neighbourhood. Not only could wireless traffic be monitored, but neighbours could also surf on her dime — and the cable company has significant overage charges for exceeding monthly transfer limits.
Cable companies, you should know better!
- Don’t interfere with your customer’s own network equipment unless you have to. Troubleshoot carefully. First, do no harm.
- If you must ask your customer to reset the router, recognize that in doing so you are:
- breaking the relationship with any existing wireless devices, and
- opening it up to insecure access, and overage charges (…wait a sec!…)
- Above all, you must inform your customer of potential ramifications so they can take steps to get their network fully secured and functional again. Show responsibility.
And to the consumer-grade router manufacturers: Please sell only a product that’s secure out of the box. Idea: Generate & save network credentials on first boot by customer. Display the credentials on a small LCD on the unit, in response to a button press. Permit this feature to be disabled once the customer performs direct configuration. Stress the importance to your customers of maintaining a secure wireless network.