Menu
Reply
Highlighted
  • 2
  • 0
  • 0
Joining in
520 Views
Message 1 of 9
Flag for a moderator

Superhub 3

issues are : High random latency spikes Slow admin panel Easy to attack with little traffic

latest SuperHub 3 (Hub 3.0) router "IS" vulnerable to a low bandwidth Denial of Service (DoS) attack!
(i.e. a malicious person with a slow ADSL line could easily ruin your day). SuperHub 3 (uses a Intel Puma 6 chipset (x86 SoC), which is currently quite notorious due to how it suffers from a tedious bug that causes latency spikes and packet loss. However the situation is worse, the hardware is also vulnerable to a simple DoS attack, which means that if somebody knows your Virgin IP address then they could hit you with packets of data (i.e. sending random UDP data to the given host with random destination ports) from even a slow broadband connection and this effectively makes your Internet connection unusable. superhub_3_dos_attack_impact In the example above a 1Mbps DoS causes an average latency rise of +20ms (milliseconds) and quite a few high peaks, while 2Mbps delivers +200ms and a huge amount of packet loss (65%).. it only gets worse from there.

The 2Mbps example is enough to ruin most of your Internet activity until the attack stops (sadly you can’t block this one via the SH3’s firewall). The vulnerability also impacts other routers that use the same Puma 6 chipset. Virgin Media were asked for a comment and they’ve promised to respond, once their hub and security teams have had a chance to take a closer look.

UPDATE 12:29pm
According to Ross Allan, who created a piece of software to test the bug, such an attack can’t be stopped by the SH3’s firmwall either because packets from the internet would come through the modem then reach your firewall (i.e. by that point the damage is already done).

UPDATE 4:52pm
Took awhile but Virgin Media has finally given is a comment, although it’s unlikely to satisfy those with concerns.

"A Virgin Media Spokesperson told ISPreview.co.uk: “We take the security and the reliability of our service very seriously and have tools and systems in place on our network to protect our customers. We are currently speaking to our suppliers regarding reports of Puma 6 issues.”

No workaround is available at this time! Its an Intel chipset issue but more importantly its also a Virgin issue, they control the modem its locked to the point where you cannot even use ipv6 were stuck in the dark ages of ipv4.

Virgin Media seam to want to hide and conceal the network latency problem!
With the Modem through its marketing, advertising, and package of the product.

Intel's buggy Puma 6 chipset earns Arris a gigabit-modem lawsuit By shipping modems with this defect, VM can be accused of the same i.e sold consumer goods (the SH3) that are substantially below the quality generally available in the market.
And are not fit for the Internet connectivity for which they were generally used, and by failing to ship a fully working product and by not being able to coordinate with ISP to provide an effective firmware update to remedy the issue, VM is failing in its obligations to it customers and there service level agreement. still no updates to remedy raised security issues either.

As a result of poor support and lack of customer service i have arranged for my contract to be terminated.

0 Kudos
Reply
Highlighted
  • 7.1K
  • 554
  • 1.19K
Legend
467 Views
Message 2 of 9
Flag for a moderator

Re: Superhub 3

It’s not a SuperHub 3, it’s just a Hub3 and has never been called a SuperHub by VM. If your are going into great technical detail, at least get your basic facts right. You have adequately explained why VM have never called it a SuperHub. 


Tudor
There are 10 types of people: those who understand binary and those who don't and F people out of 10 who do not understand hexadecimal c1a2a285948293859940d9a49385a2
0 Kudos
Reply
Highlighted
  • 547
  • 44
  • 173
Rising star
464 Views
Message 3 of 9
Flag for a moderator

Re: Superhub 3


@Tudor wrote:

It’s not a SuperHub 3, it’s just a Hub3 and has never been called a SuperHub by VM. If your are going into great technical detail, at least get your basic facts right. You have adequately explained why VM have never called it a SuperHub. 


He isn't going into great detail, he's literally just copy and pasted a two year old article from ISPReview (https://www.ispreview.co.uk/index.php/2017/04/claims-low-bandwidth-dos-attack-can-hammer-virgin-medi...), who knows why since the issues have been patched since then.

Highlighted
  • 2
  • 0
  • 0
Joining in
428 Views
Message 4 of 9
Flag for a moderator

Re: Superhub 3

So the virgins modems are not called superhubs, I beg to differ, the 480 and 485 where both superhub's, and this is hub3 is a superhub 3 as far as I'm concerned plus your comment did not highlight the fact that its hardware related and the HUB3 has a puma6 soc which Is vulnerable to hacks as previously stated hence why where now waiting on the hub 4 coming to remedy these issues but even virgin don't know when they will get new hardware

0 Kudos
Reply
Highlighted
  • 547
  • 44
  • 173
Rising star
405 Views
Message 5 of 9
Flag for a moderator

Re: Superhub 3

I'd write a response disputing some of this but it's really not worth the effort as it's already blatantly obvious that you're going to dismiss and deflect anything said due to your preconceived ideas.

If you're going to argue about 'security' and 'flaws' generally you require at least some level of knowledge in the subjects. Parroting stuff other people have said, or in your case just full on copying the entire article from a news site and cutting out parts, doesn't make an argument.
0 Kudos
Reply
Highlighted
  • 3.65K
  • 202
  • 613
Community elder
388 Views
Message 6 of 9
Flag for a moderator

Re: Superhub 3


@ACiDFiRE wrote:

So the virgins modems are not called superhubs, I beg to differ, the 480 and 485 where both superhub's, and this is hub3 is a superhub 3 as far as I'm concerned plus your comment did not highlight the fact that its hardware related and the HUB3 has a puma6 soc which Is vulnerable to hacks as previously stated hence why where now waiting on the hub 4 coming to remedy these issues but even virgin don't know when they will get new hardware


the hub3 is called the hub3, there has never been the word "super" as any part of the name.
you can call it anything you want, but you'll always be wrong unless you call it the "hub3"

0 Kudos
Reply
Highlighted
  • 1
  • 0
  • 0
Joining in
112 Views
Message 7 of 9
Flag for a moderator

Re: Superhub 3

Hi, Our property which is an HMO, had a powerline booster kit from Virgin Media Broadband installed. One of the housemate, who is an I. T Internet Security guy, has taken over Admin Control of the Router, to do the settings and changed the Router default password. My main concern is, are the other housemates banking, bank card payments online, personal and private online activities, and I. D theft be vulnerable, to the person who has the Router's Admin Control ?

Thank you,

Bernard 

0 Kudos
Reply
Highlighted
  • 17.87K
  • 934
  • 2.3K
Alessandro Volta
78 Views
Message 8 of 9
Flag for a moderator

Re: Superhub 3

Off topic post.

But potentially yes anyone connected to the network can see and access other devices connected to the network.

The same goes for any network. 


*****
If you think my answer has helped - please provide me with a Kudos rating and mark as Helpful Answer!!
I do not work for Virgin Media - all opinions expressed are of my own and all answers are provided from my own and past experiences.
Office 365, Dynamics CRM and Cloud Computing Jedi
0 Kudos
Reply
Highlighted
  • 7.1K
  • 554
  • 1.19K
Legend
65 Views
Message 9 of 9
Flag for a moderator

Re: Superhub 3

Admin access to a VM hub does not pose a security risk, the firmware is pretty basic with very little that you can do. Most like action that could impact people is to just stop their network access. 


Tudor
There are 10 types of people: those who understand binary and those who don't and F people out of 10 who do not understand hexadecimal c1a2a285948293859940d9a49385a2
0 Kudos
Reply