Cable broadband was once strictly the province of residential customers, but over the past several years, the major players in this space have made large in-roads into the SMB market with fast, cheap internet circuits that, on the whole, perform more-or-less as reliably as their more expensive (T1’s) and/or slower (DSL) counterparts. The primary difference between cable circuits and T1’s, the former mainstay of business broadband, is that cable bandwidth is not guaranteed as it is on T1’s, and speeds can fluctuate wildly throughout the day, depending on the neighborhood utilization. Web-based speed tests were born, and from them probably many acrimonious disputes between customer and provider were sprung. Anecdotal research by CNET writer Dennis O’Reilly indicates that not all speed tests are created equal, can be inconsistent and even possibly slanted to favor the companies or brands sponsoring the test.
What this means for you:
A casual run of the tests on Speedtest.net may prove eye-opening, but not necessarily irrefutable proof that your internet provider has over-promised and under-delivered. In the case of a broadband circuit in use at an office, other users and devices will impact the internet speed, and unless you can guarantee your computer is the only device using the circuit, will never be a true test of the circuit’s full potential. Also, even if you were to disconnect everyone from the internet except your test machine, that’s not a true representation of the actual speed you and your co-workers will experience on a typical day. And here’s the catch behind the low-cost business-class cable – very rarely can the cable company provide any kind of cohesive reporting on how your bandwidth is being utilized, primarily because you are using a shared internet circuit. Conversely, with T1’s the higher costs pays for a dedicated, (usually) monitored circuit. Depending on your provider and contract, you may be able receive detailed reporting on utilization at any point typically within the past 7-14 days, and they may even be able to pin-point who on your network is bogarting all the bandwidth. If you have concerns about network or internet performance, speak to a technology professional who can provide you with a much broader, context-based analysis of your bandwidth usage. Don’t rely on a simple website to pass judgement on a critical part of your business performance.
Image courtesy of Stuart Miles / FreeDigitalPhotos.net
As if you didn’t have enough to worry about, the security blogosphere has dragged another bogeyman out into the daylight, and this one is ugly. Researchers from ioActive are now positing that rather than targeting businesses and their more sophisticated technology defenses, hackers could very easily begin to target consumer-grade equipment installed by internet service providers (ISP’s e.g. Time Warner or Comcast) in your home.
Why would they do this? Aside from the much flimsier technology used throughout the home-internet industry, the IP address assigned to your device is easily discoverable because the ISP’s themselves publish information about entire blocks of internet addresses that are allocated to them. This is doubly bad because not only do hackers now have an easy-to-parse list of targets, they can make assumptions about the targets based upon the ISP that services those addresses: things like the types of equipment used by the ISP (and default passwords), geographical locations, even the types of internet service (ie. DSL, cable, satellite, etc).
As part of their investigation into the feasibility of such an attack, ioActive researchers were able to compile a list of 400,000 actual devices installed in customer homes that might be vulnerable to a simple attack that could allow hackers to “own” the device and use it as a means to gain access to any computer connected to that device, ie. all the computers in your home. The basis for the attack? The simple assumption that the default administrative password was not changed since it was installed by the ISP.
What this means for you:
Having equipment installed in your home that you don’t understand and can’t personally confirm as secure is risky and negligent. It would be akin to leaving power tools lying around within reach of a child. Sadly, most ISPs have very thin (to nonexistent) policies around governing the security of the devices they install in your home, and worse, they often rely on third-party labor to do the installs, further increasing the chances that your router was installed quickly and possibly carelessly. On top of this, how many of you after having waited multiple hours for an internet install to happen, watched the installer rush out the door before learning anything about how your new equipment works, who to call for support, or how to change the password on the newly installed router?
Do yourself a favor: familiarize yourself with your internet router, WiFi access point, or any other piece of network equipment in use in your home, figure out how to log into the device(s), and then change the password to something that is hard to guess, and written down in a safe a secure place. Don’t make it easy for the hackers by continuing to ignore the backdoor into your home network!