The theft of ADSL accounts allows others to use their own accounts to access the Internet at will and to consume data online at will, according to the authoritative data of China Netcom and China Telecom, 90% of the incoming calls on the consulting phone call reflect the theft of the ADSL account. Therefore, Beijing nethe and China Telecom released the latest notice on binding ADSL accounts and telephones in September 4, hoping to reduce the number of account theft incidents through such bundling measures. Today, we will also detail this incident and evaluate its impact, check whether this so-called bundling anti-theft policy is cheap for ordinary consumers or more profits for China Telecom and China Netcom.
I. ADSL binding policy details:
To prevent financial losses caused by the theft of ADSL Broadband User Accounts, broadband users in Beijing will not be able to use the same ADSL account to access the Internet over different fixed telephones from this month. Both China Netcom and China Telecom have stopped using their respective ADSL accounts for cross-phone numbers. The main method is to bind the ADSL accounts and phone numbers, you can only use your account to access the Internet over one phone.
Previously, at the beginning of the development of ADSL Broadband Users, Beijing nethe and Beijing Telecom adopted an account to access the Internet on different fixed-line telephones to encourage and develop the use of broadband for users. However, since last year, due to account theft caused by ADSL, users complained that their ADSL account was stolen and used to access the Internet over other phones and use netbooks to pay for online shopping, as a result, the bandwidth fee of the stolen user increases abnormally. At the same time, Beijing Netcom reminds users that if they have two fixed telephones with different numbers in their homes and want these two telephones to access the Internet, they will be able to apply for only two different ADSL accounts in the future. Currently, Beijing Netcom has successively upgraded its accounts and telephones in various districts and counties in Beijing. It is estimated that all districts and counties in Beijing will not be able to access the Internet through remote ADSL this month.
2. Can the bundling policy work for account theft?
According to China Telecom and China Netcom, this is the policy to bind the ADSL account and phone number to prevent account theft. Can the binding policy take effect for account theft?
First, we need to know how the ADSL account was stolen and what illegal things were taken after the account was stolen. Generally, the computer in the house uses an account to access the internet. If the account is stolen, it is mainly due to the following reasons:
1. Trojan Program-a hacker transfers the trojan program to the stolen computer through various means, and then monitors the account during online dial-up to learn the ADSL account and password.
2. virus programs-similar to Trojan programs, sometimes some Viruses enter the stolen computers through system vulnerabilities, monitor the ADSL accounts, and transmit information to others.
3. Broadband Router vulnerabilities-more and more users use broadband routers to access the Internet. We can enter our ADSL account in the dial-up setting window of the Broadband Router to enable automatic dialing, however, in practice, a Broadband Router may have its own vulnerability, or the user does not modify its default password, so that illegal intruders can access the management interface of the Broadband Router to learn the ADSL account information.
4. Artificial reasons-there are many artificial reasons, such as writing an ADSL account on paper or telling others. This may cause account theft. In addition, the ADSL account password settings are too simple or consistent with their basic information, which greatly reduces the difficulty of illegal intruders Stealing accounts.
5. Account roaming reason-because the ADSL account can be used on different phone numbers that have activated ADSL, the stolen user uses his/her ADSL in the organization or in the home of other users, therefore, the ADSL account is stolen for some reason.
We can see from the above five points that the fifth point is the theft of the ADSL account due to account roaming, and the above four points are remote or physical account theft, therefore, this bundling policy can only work for account roaming, reducing the probability of ADSL number theft due to account roaming. Illegal users can still obtain the ADSL account through remote Trojans, viruses, vulnerabilities, and human resources.
In addition, I also query some related information. The sum of the first four causes of theft can occupy more than 90% of the stolen ADSL accounts, therefore, China Telecom and China Netcom's bundling of accounts and telephones does not fundamentally prevent the occurrence of account theft, but only imposes restrictions on less than 10% of account theft.
What do hackers do with the stolen ADSL account?
Generally, two things can be done to obtain the stolen account: surfing the Internet and consuming. The most common cause of complaints is the latter. illegal users can use stolen ADSL accounts to consume on the telecommunication and Netcom websites, such as purchasing QQ coins and monthly subscription online video cinemas, purchase other game cards. Because China Telecom and China Netcom do not limit the consumption amount, illegal users will spend hundreds or even thousands of dollars on the Internet, which also brings huge losses to the stolen users. More than 95% of complaints are against such online consumption.
Therefore, the policy of binding ADSL accounts and telephones launched by China Telecom and China Netcom is actually to Prohibit Internet access from stolen ADSL in other places, the illegal consumption of accounts that have a huge impact on consumers in different regions has no effect. That is to say, illegal users can still use stolen accounts for online consumption.
3. Who is the benefit of policies?
After the detailed analysis above, we know that this policy does not take much preventive measures for users and only reduces the probability of account theft by 10%, in addition, the account that has been stolen only imposes restrictions on the Internet function, and there is no restriction on the network consumption function. The loss of the stolen account is still huge.
So what is the significance of this policy? I consulted the person in charge of the relevant departments of China Telecom and China Netcom. The person in charge said that we had previously bound the account and phone number when ADSL was just born, but it was in the next ADSL promotion period, to improve the installation coverage of ADSL, you can use the same account to access the Internet in different locations. However, the promotion period has ended, and the subsequent preferential policies that are not bundled should also end. In addition, bundling policies can effectively reduce the occurrence of hacking.
From the manager's words, we can know that not bundling is just a preferential policy. Now that the preferential policy is over, bundling should also begin. It can be seen that the binding of such ADSL accounts and telephones is not what China Telecom and China Netcom refer to as anti-theft accounts, but in line with their strategic policies. What is the impact of such bundling on China Telecom and China Netcom?
First, the two families can use the same account, one monthly subscription, and the other as a note, so that when the monthly subscription account does not have access to the Internet, the account can be used in any location, this saves Internet spending, and now the two families can only apply for their own monthly subscription accounts, which brings profits to China Telecom and China Netcom. In the past, I used to work with my classmates to use a monthly subscription account, with each person paying half of the fee. Now, this "network sharing" method disappears and I have to apply for a two monthly subscription account.
Therefore, in summary, the policy of binding ADSL accounts and telephones is designed to protect consumers and reduce the possibility of account theft. However, it does not actually solve any substantive problems, instead, it has helped these monopoly industries create higher profits and forced users to buy more orders for the Internet.
4. How can we protect the interests of consumers?
Some people may think that China Telecom and China Netcom are already contributing to consumers. Such bundling policies reflect the concept of "serving users", although they may not be comprehensive, but I have tried my best. Next we will analyze this policy to see if there are no other methods to protect user accounts.
Question 1: If you have two fixed telephones with different numbers in your home and want these two telephones to access the Internet, you can only apply for two different ADSL accounts in the future.
If you want to bind multiple phone numbers to an ADSL account, you may frequently access the Internet in different locations. If you buy your monthly subscription, You should enjoy this service. If China Telecom and China Netcom attempt to prevent remote Internet access incidents caused by account theft, users should be allowed to apply for an account and bind it with multiple phones. After all, these phones are familiar to users, to ensure certain security.
If China Telecom and China Netcom are afraid of illegal users applying for an account to bind an illegal phone number, you can restrict the application for multi-phone binding to the business office. However, the actual situation is the opposite, the practice of China Telecom and China Netcom for this multi-phone binding service is completely forbidden. I wonder if they have any concerns for these users.
Problem 2: The measures only prevent remote Internet access, while remote consumption is not canceled.
It is not safe for users to prohibit remote Internet access without blocking remote consumption. This kind of behavior will happen after the account is stolen. If China Telecom and China Netcom want to fundamentally eliminate this situation, I think they should learn from those online banks and promote services such as key cards and password cards. Only users with these encryption cards can consume them online, in this way, we can fundamentally eliminate the occurrence of off-site consumption after account theft.
If you think it is difficult to promote such a card, you can leave it to the next step and block off-site consumption, which may cause inconvenience to users, however, it can reduce the consumption of account theft by more than 99%. For example, you must use your account to access the Internet when using an account. In this way, you must go to your home, log on to the network with your own phone number and account, and then consume it. Even if hackers get an account, they will fail to use this account to access the Internet.
V. Summary:
It can be seen that the popular policy of binding ADSL accounts to telephone numbers is aimed at reducing the theft of user accounts and serving users. In fact, China Telecom and China Netcom aim to increase their profits, this helps reduce the number of shared accounts. None of the methods that can be used to kill account theft have been adopted. Instead, they chose to kill the network.
The author has a wrong idea, that is, since such "account theft consumption" can help China Telecom and China Netcom to bring a certain profit, although these profits are illegal, but in the end, users still have to pay for it. So how can monopoly departments block the earning channel?