Community FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

http://192.168.0.1/ saying not secure

Julesfb
Tuning in

on ‎07-02-2021 14:11

Hi, I'm trying to sort out the iOS14 weak security issue and following the instructions re hub. But the http://192.168.0.1/ comes up as not secure! Plus I can't remember what I changed the password to either.Is there any way I can reset password and why is the website not secure?

15 REPLIES 15

scaramoosh
Tuning in
In response to annorax

on ‎02-12-2021 20:24

I had the problem myself, this was the first result when I googled, so I assume this post has a lot of traffic. That is why I posted the fix I came across while trying different ways to get rid of it. 

0 Kudos

Mygod1971
Tuning in

on ‎03-02-2022 06:39

Hi
i too is trying to sort out this weak security issue on apple products and it seems like non one here has the right help. I think it’s a problem with VM routers.

I’ve called it support and they don’t even have no knowledge of this issues.

my contract is soon expire. Can’t wait. Never using VM again.

0 Kudos

gary_dexter
Alessandro Volta
In response to Mygod1971

on ‎03-02-2022 09:46

@Mygod1971 wrote:

Hi
i too is trying to sort out this weak security issue on apple products and it seems like non one here has the right help. I think it’s a problem with VM routers.

I’ve called it support and they don’t even have no knowledge of this issues.

my contract is soon expire. Can’t wait. Never using VM again.

That’s because there’s no issue to fix. It’s just apple being over zealous about newer Wifi standards


*****
If you think my answer has helped - please provide me with a Kudos rating and mark as Helpful Answer!!
I do not work for Virgin Media - all opinions expressed are of my own and all answers are provided from my own and past experiences.
Office 365, Dynamics CRM and Cloud Computing Jedi

Zach_R
Forum Team
Forum Team
In response to Mygod1971

on ‎05-02-2022 10:15

Hi @Mygod1971,

I am very sorry to hear you're facing some issues with your Apple devices and are considering leaving us as a result.

Would you mind confirming what Apple device(s) is affected by this issue for you, what version of iOS you're currently on with said device(s)?

Thanks,
 


Zach - Forum Team
New around here? To find out more about the Community Forums, take a look at our FAQs!


0 Kudos

BaldrickBravo
Superfast
In response to Twyst

on ‎05-02-2022 11:53

@Twyst wrote:

I beg to differ about your local network being secure. The instant you introduce a device where you haven't set the software up yourself it can never be fully trusted.

'secure' is a relative adjective. The answer to 'is x secure?' is never a binary yes or no. Things can be 'more secure' or 'less secure' but it is never as simple as 'x is secure'.


And where do you draw the line of trust? Writing your own software? Creating your own transistors and processors?

0 Kudos

BaldrickBravo
Superfast

on ‎05-02-2022 12:06

@Julesfb wrote:

But the http://192.168.0.1/ comes up as not secure!

This is the web browser advising you that the router's Web GUI is served up over plain old HTTP, instead of over HTTPs.

The 's' in HTTP used to mean 'Secure Sockets Layer' or SSL. Now it actually means TLS or Transport Layer Security.

SSL or TLS are standards for encypting protocols like HTTP during transmission. Without SSL or TLS, the web pages you are visiting are transmitted to and from the web server (in this case the hub) in clear text. So that means it is possible for another device or a wire-tap could be used in your network to 'sniff' the data packets and potentially read the password that you are using to sign into the hub.

If the hub was a random website on the wider internet, that would indeed be bad news.

But as the hub sits on your local network and it's web GUI is not accessible from the Internet, it's not so much of a problem. It is very unlikely (but not impossible) that there is a device between your computer and your hub that is 'sniffing' packets. Packets that are passed over the air (WiFi) are of couse encrypted anyway, although it is possible any other device connected to your WiFi network could 'sniff' them.

It is a bit of a challenge implementing TLS on locally connected devices that are accessed via HTTP. Public Key Infrastructure (PKI) is used to verify that a domain/website you are visiting is really the domain/website it claims to be. The problem is that you can only get certificates 'signed' by a root Certificate Authority so that devices will trust them, if they are publicly available domains. It isn't an 'unsolvable' problem but it does have its challenges and I can fully understand VM providing the hubs without TLS on the WebGUI.

Some of the browser developers and big tech companies are a bit over zealous when it comes to trying to enforce standards. They have their own agenda. Perhaps it is pushing more companies to rely on 'cloud' managed hardware? Who knows.

It's important not to read too much into the lack of TLS on the hub's administration pages. It is not an unreasonable thing for VM to do.

0 Kudos
Top