Category: Internet service security

You live in an outer-urban area and find you have unreliable Internet connections. What do you do?

I have covered the issue of substandard and unreliable fixed-broadband Internet connections in rural and outer-urban areas on before, based on experience with people who have had this kind of situation occur to them.

In these situations, a customer may find that they have very reduced bandwidth especially abnormally low bandwidth. On the other hand, the Internet connection becomes increasingly unreliable with it dropping out or taking too long to establish. The latter situation may be typically in the form of the SYNC or LINK light flashing or off or, in some cases this light glows and the INTERNET or CONNECTION light flashes, indicating Internet connection trouble.

For some home users who use the Internet for personal use, it is so easy to give up on the service due to this unreliability. But you shouldn’t simply give up on this service.

What you can do

Here, you contact the ISP’s or telecommunication company’s customer-service department preferably by phone and report this fault. Even if it “comes good”, it is worth keeping the ISP’s customer service “in the loop” about when the service comes good or not.

Keeping a record of when the failures or inconsistencies in the Internet service’s performance occurs may also help the ISP has a fair idea of what was going on. This is important with ADSL services and similar services where another company like an incumbent telco manages the infrastructure. It also is a way of identifying if a failure or substandard performance occurred in conjunction with particular weather conditions such as rainfall, which gives the game away with failing connections between the exchange and your premises.

As well, identify where the point of demarcation for your service is, which delineates where the service provider’s point of responsibility is when providing the service. In most ADSL services, the first telephone socket which may be in the hall or kitchen; or the provider-supplied splitter may be the point of demarcation. Here, you can know if the failure was with equipment and accessories you own or not.

If your hear your neighbours moan about substandard broadband Internet performance, ask them to join forces with you and keep a record of when they were affected. This could be a situation concerning the old or decrepit infrastructure. Other stakeholders that are worth talking to are shopkeepers and other small business owners whom you deal with because they may be facing similar problems.

The issue that typically occurs with ADSL providers is that they blame the customer’s equipment because they find that the modem at their end is still good. They don’t realise that the infrastructure between the exchange and the customer’s premises may be at fault. This typically is where the service is “good enough” for voice telephony but will not perform for ADSL broadband Internet as highlighted in the article. Here, you may have to draw this to your ISP’s customer service department that they need to pay attention to this wiring.

As I have mentioned before in the article, the situation that commonly plagues the telephone wiring infrastructure in rural and outer-urban areas is that there is a lot of old and decrepit infrastructure in these areas. When ADSL is provided in these areas, the work may be just done at the exchange as the DSLAM modems are installed in the exchange. But the infrastructure isn’t assessed properly for points of failure as part of the installation in normal circumstances. Similarly, the telephony infrastructure may not be upgraded when the town becomes enveloped in a metropolis.

Further action

This may only occur for a town’s business area or if a major employer sets up shop in the neighbourhood. It would also happen for services affected by a disaster evebt or by damage that affects a particular line like a tree falling across that line. But this activity should be a chance for all telephone customers in the town to have their lines assessed for proper ADSL service whether they are starting broadband service using that technology or not.

The recent Telstra security breaches–how were they handled?

Through this last year, there has been an increasing number of incidents where customers of high-profile companies have had their identifying data compromised. One of these incidents that put everyone in the IT world “on notice”, especially those involved in consuner-facing IT like ISPs or online services, was the Sony PlayStation Network / Qriocity break-in by LulzSec / Anonymous.

Close to that, I had attended a presentation and interview concerning the security of public computing services hosted by Alastair MacGibbon and Brahman Thiyagalingham from SAI Global, the report which you can see here.

The BigPond incident

Over the last weekend, Telstra had suffered a security breach that compromised the user details of some of their BigPond Internet-service customer base. This was through a customer-service search Webpage being exposed to the public Internet rather than Telstra’s own customer-service network.

The privacy compromise was discovered on Friday 9 December 2011 (AEDT) and mentioned on the Whirlpool forum site. It was in the form of an in-house “bundles” search page exposed to the Web with the database containing usernames, passwords and fully-qualified email addresses of a large number of the customer base at risk.

Telstra’s response

But Telstra had responded very quickly by locking down the BigPond customer email servers and Web-based self-service front-ends while they investigated the security compromise. The customers whose data was exposed had their passwords reset with them being required to call the BigPond telephone support hotline as part of the process.

As I do maintain an email account through this service for a long time, I had taken steps to change the password on this account. This was even though I wasn’t one of the customers that was subject to the aforementioned mandatory password reset.

Telstra also maintained a live channel of communication to its customers through their own Web sites, through updates to the main media channels and through an always-running Twitter feed. Once the email system was open for business, a follow-up email broadcast was sent to all BigPond customers about what happened.

My comments on how this was handled

Like the Sony PlayStation incident, this incident was one that affected a high-profile long-established brand which, like other incumbent telecommunications-service providers, was in a position where the brand has a bittersweet connotation. Here the brand is associated with a portfolio of highly-established high-quality stable telecommunications services but has had negative associations with poor customer service and expensive telecommunications services.

What I saw of this was that after the Sony incident and similar incidents against other key brands, the IT divisions for Telstra haven’t taken any chances with the data representing their customer base. They had quickly locked down the affected services and forced the necessary password-reset procedures in order to reduce further risks to the customers; as well as keeping customers and the public in the loop through their media, Web and Social-Web channels.

The Telstra incident also emphasised the fact that the risks can come from within an affected organisation, whether through acts of carelessness or, at worst, deliberate treacherous behaviour by staff. As I have said in the previously-mentioned interview and conference article, there needs to be data protection legislation and procedures in place in Australia so that a proper response can occur when these kinds of incidents occur.