Cyber network brimming with privacy invasion bids

Suraj

Regular
[OP]
Regulars
Jan 28, 2005
460
0
kinda ol news though....

source : http://cities.expressindia.com/fullstory.php?newsid=142476

Chandigarh, August 4: WHEN the entire client database, payment details and future projects of a city-based advertising agency Pushpak Advertising was available for free viewing and tampering on the computer screens of several users of Sify’s broadband recently, the ad agency, which also used Sify’s broadband, was aghast.

As parts of its hard disk got ‘‘automatically formatted’’ days later by some user of the network, the ad agency thought it could be the handiwork of some virus.

Advertisement
But the agency managers say that the damage was due to data insecurity on Sify’s network in Chandigarh.

‘‘We were shocked how our data was freely available to everyone on the Sify network,’’ said Rakesh Thakur of Pushpak Advertising.

In another shocking incident, a newly-married Sector-15 couple’s private and intimate honeymoon photographs, which these Sify users had saved in their computer’s hard disk, were reportedly available on the Sify network and were being circulated among several other Sify users for about the last six months.

‘‘This was very shocking. The couple faced a lot of embarrassment,’’ said a source familiar to the incident. Similarly, a city-based chartered accountant’s balance sheet was also reportedly accessed by several Sify users recently.

Many of the Sify broadband users with ordinary computing skills have been found using a commonly and freely available software for survelliance and mischief. ‘‘Sify users wishing to intercept all Internet traffic on the ISP’s network have been downloading a small software utility called ‘Sniffer’ and then turning their computers into the promiscuous mode. This enables them to monitor and copy all Internet traffic on the network,’’ said a source.

Normally computers won’t accept data packets not meant for them though all data packets go to all computers on a Local Area Network (LAN), on which Sify works in Chandigarh.

But using this common, freely available software, unscrupulous users are found to be turning their computers into a promiscuous mode and then eavesdropping all data. Such users often get the software to copy and store others’ data in their hard disks.

‘‘Installing the Sniffer software is as easy as double-clicking. A firewall protects computers and all information in it, but the moment the information and data go beyond the computer to the Sify network, it becomes vulnerable to exposure,’’ said Harpreet Singh Giani, a data security expert and IT lawyer.

Under the cyber laws, ISPs are required to maintain logs, to record all Internet activity and trace hacking attempts but Sify’s franchises are apparently not using this technology.

‘‘Anti-viral software cannot possibly curb hacking attempts. The Intrusion Detection System would need to be installed at the franchisee level in order to be effective,’’ said Giani.

‘‘No firewall or similar system installed by Sify at present is a credible deterrent to even a casual script-kiddie, let alone a determined malicious hacker,’’ he added.

We have taken measures: Sify

When contacted, Sify’s Regional Manager (North) Punit Sharma claimed Sify has an ‘‘online monitoring system’’. The ISP’s Delhi-based Chief Communications Officer David Appasamy said in an e-mail interview: ‘‘Sify has implemented Intrusion Detection Systems, Firewalls and other mechanisms in the network and has a Security Task force which constantly monitors unnecessary activity on the network and takes appropriate action’’.

When asked about the specific hacking attempts on Sify’s network in Chandigarh, Appasamy said: ‘‘To ensure there is no file sharing, the customer simply has to disable sharing on his computer settings. In order to protect the consumer’s PC, Sify provides users various features like anti-virus packages free of charge. Sify is also launching personal port blocker options.’’

He, however, did not respond to the queries on whether specific complaints were made to them and what action they proposed to take.[/b]
 

inetbum

Regulars
Regulars
Oct 30, 2004
1,039
1
hehe Sify networks are like Wi-Fi networks with no encryption and a Wi-Fi capable device in everyone's hands. Sniff the air and make merry.
 


hitman

Regulars
May 10, 2005
2,678
71
New Delhi
Isn't it stupid to blame sify for this. A user himself has to be aware of all this stuff and must have installed firewalls and anitviruses. Sniffers can also work on all networks like tata, hathway, airtel, mtnl etc and I use them regularly on Tata but most of users have installed firewalls so its not possible to access them.
 

Sushubh

Administrator
Oct 29, 2004
421,806
13,192
Gurugram
a user new to broadband is not educated enough to block other users from accessing his computer especially on a stupid operating system like windows 98. sniffing is something else. but allowing users to access other system's files is pretty unprofessional. when the CTO comes to install the connection, he should tell the customer to disable his file sharing capability or at least install a decent free firewall.sify is messing things even more with releasing its own firewall and anti-virus applications considering they are not very good in quality. when decent free solutions are available on the net, it makes no sense in delivering sub standard solutions.
 

hitman

Regulars
May 10, 2005
2,678
71
New Delhi
Agreed they provide av which r not very good. But as u said new users r not educated enough to block other users. So its better provide them with some Av and firewall rather than keeping their pc open for the virus. Ofcourse if the user is a pro and currently have av installed he will ask the cto not to install tht av . So how can one blame only sify when win98 is such a stupid operating system . Even when tata guys came to my home to install the connection they never instructed on av and firewall and just leave aside those small local internet walas . Can u tell me tht how many cto ask users to disable their file sharing capability or install a decent free firewall.
 


blr_p

Regulars
Regulars
May 26, 2005
3,934
13
This is an interesting area.....is the ISP responsible if one user hacks into another ?my guess would be no. They are not in the policing business nor do they want to. Since this is a company that is involved, one wonders at the state of their networking team. The buck usually stops there.For individual users, i suppose some pointers by the ISP might be helpful.
 

muttster`

Regulars
Regulars
Mar 25, 2005
714
4
well even on Incable its easy to hack the modem and turn the promiscous mode on..and see what the neighbours are upto :p Indian ISP should take measures against this..its really sad
 

Similar threads