Hi @SafaricomPLC , I was renewing my home Fibre and came across an option "Secure Net" which you charge a fee of KES 200 per month when activated.
Upon looking into it from your website, "Secure Net" purports to have the following features...
1. Parental Control - "Protect your family from harmful online content by managing what they can access "..
Anyone can setup parental controls on any router using OpenDNS by changing your router's DNS server settings to use OpenDNS.
2. Quiet Time - "Limit internet access in your HOME to particular hours of the day"..
Again, this can be done from a router through the parental controls explained in 1 above.
Anti-Virus - "Protect users for virus attacks while on your HOME fibre"...
The person who cargo-culted this didn't even understand it 😁. We don't protect users for virus attacks but from virus attacks. Again this can be done from the router.
How?
a. By avoiding using routers supplied by ISPs. Your Huawei routers that you "freely" give us are typically less secure than the Huawei router I would purchase from the manufacturer myself. Well, business model & strategy I guess.
Why are they less secure?...
...
- hard coding remote support credentials that we cannot change
- patches for customized firmware versions lag way behind patches for the same flaws released by router manufacturers.
Is the addition service charge supposed to ensure that my routers firmware patches are upto date with the manufacturer's patches? Isn't this something I could ensure from my end without additional costs.
Are your routers less secure intentionally?
Back to our "Anti-Virus" protection. This can be can be done from the router by ensuring:
- turning on https access to the router interface
- changing your router's LAN IP address from the default assigned first address in your predefined netblock. In most cases you'll find...
...yourself accessing your router through 192.168.0.1. Change this to something else that you can easily remember and that is not part of the DCHP pool. You could actually go further and change the entire netblock used to one of those reserved for private networks.
Doing so will actually guard you against CSRF attacks that try to access users' browsers by using the default assigned IP address.
You can secure your router by ensuring fewer services exposure to the internet. Services like ssh, UPnP, telnet should never be reachable from the internet and should be turned off on the local network if they're not needed.
Web Filter.
Again, this is something one can do from the router by enabling access control and creating a policy that allows such to happen.
Now @Safaricom_Care, did you intentionally disable all the above for you to launch a product that enables them back on a fee?
Are you compromising your user's online security by disabling important features simply because you want them paid for?
I will not even mention about the lack of QoS in your Huawei routers 😁😁😁😁 and duping people to think they need to upgrade to a higher bandwidth for them to stream uHD services 😁
You can follow @dee_beat.
Tip: mention @twtextapp on a Twitter thread with the keyword “unroll” to get a link to it.

Latest Threads Unrolled:
There are a lot of misconceptions about the Turkish diaspora in Germany. Since i just finished writing an essay about this topic I thought it's time to give other people
Read more
Las mejores calculadoras online en 2020A thread http://totumat.com/2020/11/26/las-mejores-calculadoras-online-en-2020/ Cuando se estudian asignaturas que requieren de cálculos complicados, nada mejor que contar con una buena calculadora.
Read more
Mitigating #ClimateChange is as much about taking up new techs as about leaving others behindMost studies focus on #coal's global downfall but another #energy tech decline is loomingRead my new
Read more