Interesting tweet describing a potential TalkTalk router security flaw

Picked this one up on Twitter. It describes a potential TalkTalk router security flaw. I can’t for the life of me think how this scenario happens unless somehow TalkTalk are using the same IP address for more than one router – I guess with Dynamic IP addresses it will happen.

If that was the case then he certainly shouldn’t be able to access the router. Suggests there is a default username and password in play. Maybe the routers are only locked down from people outside the TalkTalk network. Seems strange to me.

@TalkTalkCare so when I type in the router IP, should I be able to see the details and password of my neighbour’s talktalk router?

— King ♔ Dominic (@CyningDom) November 12, 2014

Should really be locked down for everything. Bit of a worry really especially when you consider that most people will have no idea what is going on. Someone could be browsing your unsecured laptop or phone. Most will be unsecured. Laptops at least. People tend to have a pin number on their phone to stop Fraping.

Anyway though this one was worth sharing. If anyone from TalkTalk engineering would care to comment that would be great. Suspect they will keep stum though and get on sorting it out.

The whole subject of personal security where the internet is concerned is a difficult one. It’s hard for most people to get their brains past anything other than just installing anti virus software and even then it is rarely maintained. ISPs need to take responsibility as far as they can for their customers safety.

It’s in their interest really. The last thing they want is for a customer’s PC to be compromised and to be spamming the world. Gets the ISP blacklisted.

As far as the TalkTalk router security flaw goes I’m sure there must be a simple and innocent explanation. Hope so anyway.

That’s all folks. Ciao bella.