Loading ...
Sorry, an error occurred while loading the content.

Re: phishing and wifi hotspots..

Expand Messages
  • mwinslo5@optonline.net
    Sorry - CV - you guys need to immediately need to remove auto sign-on. This may have national security repercussions. by leaving this gaping security window
    Message 1 of 11 , Nov 21, 2012
    • 0 Attachment
      Sorry - CV - you guys need to immediately need to remove auto sign-on. This may have national security repercussions. by leaving this gaping security window out there.. force an SSL web ID validation especially for out of area (ip address range)... There's allot going on in the world and way too many exploits. Lock it down. force strong passwords. MAC validation just doesn't cut it..

      Also - I would prefer that my email on optonline.net be forced to use SSL.. I know that this is going to be a headache, but it needs to be done.



      --- In cablevision_digital@yahoogroups.com, mwinslo5@... wrote:
      >
      > I just discovered one of these with my sister via Comcast...bad guy takes rooted device, or Linux or unix box...collects list of valid mac addresses, email addresses and passwords, then uses these for phishing. Since many people use both weak passwords which are common across accounts, it's a hackers playground out there. The phishers don't necessarily change or hijack the email account, but use it for hit and run attacks.
      >
      > Just a FYI - I thought that one of my ex-ixia co-workers was just messing with me after my original report...I'm guessing that he has one of these real time phishers in one of his accounts as well.
      >
      > MAC address device validation is way too primitive in this day and age, and if the MSO's don't start giving us digital tokens, and some stronger security, the 4G guys are going to end your party pretty quickly since they at least can exchange a higher level of validation via SSL.
      >
      > This auto-sign in, while convenient, needs to disappear in a hurry from the MSO's before we suddenly find that someone like a non-US sovereign has made this into a practice and becomes sleeper resource in order to attack the US infrastructure. Smartphones and tablets contain more information than wallets that a pick-pocket take. There are too many tools out there which phishers can silently hijack MSO email accounts with significant ease.
      >
      > Aren't your security guys aware of this? This is serious stuff.
      >
    • Stan Sidlov
      Wouldn t you also be asking CV to review all the passwords on the system for strength, then contact and force the users to upgrade them? Are we talking the old
      Message 2 of 11 , Nov 22, 2012
      • 0 Attachment
        Wouldn't you also be asking CV to review all the passwords on
        the system for strength, then contact and force the users to upgrade them?
        Are we talking the old 8 char mixed alphanumeric or 12 and up? People don't
        like that unless you get them used to using phrases. Even SSL can be
        defeated.

        I tend to agree with this. But remember that after the first sign on, you
        don't use a password and if you were to go to your acct for email or
        something, you would have to sign in again just like any web site and be
        subject to any attack. Where's the password security issue once your device
        is already setup? If someone used your mac and you were automatically
        signed in with your device would the system request a manual sign in or
        kick you out or do nothing at all to prevent the multiple log in?


        On Thu, Nov 22, 2012 at 12:20 AM, <mwinslo5@...> wrote:

        > Sorry - CV - you guys need to immediately need to remove auto sign-on.
        > This may have national security repercussions. by leaving this gaping
        > security window out there.. force an SSL web ID validation especially for
        > out of area (ip address range)... There's allot going on in the world and
        > way too many exploits. Lock it down. force strong passwords. MAC
        > validation just doesn't cut it..
        >
        > Also - I would prefer that my email on optonline.net be forced to use
        > SSL.. I know that this is going to be a headache, but it needs to be done.
        >
        >
        >
        > --- In cablevision_digital@yahoogroups.com, mwinslo5@... wrote:
        > >
        > > I just discovered one of these with my sister via Comcast...bad guy
        > takes rooted device, or Linux or unix box...collects list of valid mac
        > addresses, email addresses and passwords, then uses these for phishing.
        > Since many people use both weak passwords which are common across accounts,
        > it's a hackers playground out there. The phishers don't necessarily change
        > or hijack the email account, but use it for hit and run attacks.
        > >
        > > Just a FYI - I thought that one of my ex-ixia co-workers was just
        > messing with me after my original report...I'm guessing that he has one of
        > these real time phishers in one of his accounts as well.
        > >
        > > MAC address device validation is way too primitive in this day and age,
        > and if the MSO's don't start giving us digital tokens, and some stronger
        > security, the 4G guys are going to end your party pretty quickly since they
        > at least can exchange a higher level of validation via SSL.
        > >
        > > This auto-sign in, while convenient, needs to disappear in a hurry from
        > the MSO's before we suddenly find that someone like a non-US sovereign has
        > made this into a practice and becomes sleeper resource in order to attack
        > the US infrastructure. Smartphones and tablets contain more information
        > than wallets that a pick-pocket take. There are too many tools out there
        > which phishers can silently hijack MSO email accounts with significant ease.
        > >
        > > Aren't your security guys aware of this? This is serious stuff.
        > >
        >
        >
        >
        >
        > ------------------------------------
        >
        > Yahoo! Groups Links
        >
        >
        >
        >


        [Non-text portions of this message have been removed]
      • David
        Really? National security repercussions? Get a grip. If our national security depends on removing automatic sign-on from a public wifi hotspot, the nation is
        Message 3 of 11 , Nov 22, 2012
        • 0 Attachment
          Really? National security repercussions? Get a grip. If our national security depends on removing automatic sign-on from a public wifi hotspot, the nation is doomed.

          If you don't like auto sign-on, then disable it on your device. It's that simple.

          By the way, your email on optonline.net does use SSL.


          --- In cablevision_digital@yahoogroups.com, mwinslo5@... wrote:
          >
          > Sorry - CV - you guys need to immediately need to remove auto sign-on. This may have national security repercussions. by leaving this gaping security window out there.. force an SSL web ID validation especially for out of area (ip address range)... There's allot going on in the world and way too many exploits. Lock it down. force strong passwords. MAC validation just doesn't cut it..
          >
          > Also - I would prefer that my email on optonline.net be forced to use SSL.. I know that this is going to be a headache, but it needs to be done.
          >
          >
          >
          > --- In cablevision_digital@yahoogroups.com, mwinslo5@ wrote:
          > >
          > > I just discovered one of these with my sister via Comcast...bad guy takes rooted device, or Linux or unix box...collects list of valid mac addresses, email addresses and passwords, then uses these for phishing. Since many people use both weak passwords which are common across accounts, it's a hackers playground out there. The phishers don't necessarily change or hijack the email account, but use it for hit and run attacks.
          > >
          > > Just a FYI - I thought that one of my ex-ixia co-workers was just messing with me after my original report...I'm guessing that he has one of these real time phishers in one of his accounts as well.
          > >
          > > MAC address device validation is way too primitive in this day and age, and if the MSO's don't start giving us digital tokens, and some stronger security, the 4G guys are going to end your party pretty quickly since they at least can exchange a higher level of validation via SSL.
          > >
          > > This auto-sign in, while convenient, needs to disappear in a hurry from the MSO's before we suddenly find that someone like a non-US sovereign has made this into a practice and becomes sleeper resource in order to attack the US infrastructure. Smartphones and tablets contain more information than wallets that a pick-pocket take. There are too many tools out there which phishers can silently hijack MSO email accounts with significant ease.
          > >
          > > Aren't your security guys aware of this? This is serious stuff.
          > >
          >
        • marcauslander
          I m confused by what exposure you are warning us about. The autologin supported by CableWiFi, AFAIK, only gets your machine on the internet. So a bad guy
          Message 4 of 11 , Nov 22, 2012
          • 0 Attachment
            I'm confused by what exposure you are warning us about.

            The autologin supported by CableWiFi, AFAIK, only gets your machine on the internet. So a bad guy could clone your MAC to get on CableWiFi. Or he could go into any Starbucks, or library, or ... and get on the internet.

            Once on the internet, you still need to do a real login to get at your Cablevision stuff, or your Google stuff, etc. And those that matter use https.

            So again - what exactly is the threat?

            --- In cablevision_digital@yahoogroups.com, mwinslo5@... wrote:
            >
            > I just discovered one of these with my sister via Comcast...bad guy takes rooted device, or Linux or unix box...collects list of valid mac addresses, email addresses and passwords, then uses these for phishing. Since many people use both weak passwords which are common across accounts, it's a hackers playground out there. The phishers don't necessarily change or hijack the email account, but use it for hit and run attacks.
            >
            > Just a FYI - I thought that one of my ex-ixia co-workers was just messing with me after my original report...I'm guessing that he has one of these real time phishers in one of his accounts as well.
            >
            > MAC address device validation is way too primitive in this day and age, and if the MSO's don't start giving us digital tokens, and some stronger security, the 4G guys are going to end your party pretty quickly since they at least can exchange a higher level of validation via SSL.
            >
            > This auto-sign in, while convenient, needs to disappear in a hurry from the MSO's before we suddenly find that someone like a non-US sovereign has made this into a practice and becomes sleeper resource in order to attack the US infrastructure. Smartphones and tablets contain more information than wallets that a pick-pocket take. There are too many tools out there which phishers can silently hijack MSO email accounts with significant ease.
            >
            > Aren't your security guys aware of this? This is serious stuff.
            >
          • mwinslo5@optonline.net
            What you say is for the most part true, but a crack becomes aa hole. Does an email account require SSL login in all cases, and do people tend to not know that
            Message 5 of 11 , Nov 22, 2012
            • 0 Attachment
              What you say is for the most part true, but a crack becomes aa hole.

              Does an email account require SSL login in all cases, and do people tend to not know that or what that means? do most people use strong passwords? remember - an email client differs from webmail. So, can you consider this? Also, consider the recent NBC report from a couple days ago.

              Are all web browsers alike? do each of them have both known and unknown zero-day exploits?. You're not dealing with a newbie on this issue.. more of an old white-hat with assembly language knowledge, and how forcing a stack exception can allow administrative access in some OS's which allow for further exploitation.. The internet is a dangerous place, and certain people with nefarious inclinations are constantly creative.. Back in 2000, certain people were highly aware of how a DNS hijack can lead to a man in the middle further exploitation... exploits like back-orifice, which is rather dated can still be discovered.. My firewall log shows continuous probing.. Originally I posted on this issue, as a replacement phone which was unwipeable by myself through normal methods was returned to assurion assuming that they would follow proper procedure. Months later, problems appeared.. I think that we should be more paranoid, than naive in this regard. This is why I addressed this to Wilt's attention.. So there are certain things which will not be discussed except under appropriate privacy situations, and not in a public forum.. I think we are only seeing the tip of the iceberg sailing the Titanic on the internet.. not a good time to arrange desk chairs.


              --- In cablevision_digital@yahoogroups.com, "marcauslander" <marcausl@...> wrote:
              >
              > I'm confused by what exposure you are warning us about.
              >
              > The autologin supported by CableWiFi, AFAIK, only gets your machine on the internet. So a bad guy could clone your MAC to get on CableWiFi. Or he could go into any Starbucks, or library, or ... and get on the internet.
              >
              > Once on the internet, you still need to do a real login to get at your Cablevision stuff, or your Google stuff, etc. And those that matter use https.
              >
              > So again - what exactly is the threat?
              >
              > --- In cablevision_digital@yahoogroups.com, mwinslo5@ wrote:
              > >
              > > I just discovered one of these with my sister via Comcast...bad guy takes rooted device, or Linux or unix box...collects list of valid mac addresses, email addresses and passwords, then uses these for phishing. Since many people use both weak passwords which are common across accounts, it's a hackers playground out there. The phishers don't necessarily change or hijack the email account, but use it for hit and run attacks.
              > >
              > > Just a FYI - I thought that one of my ex-ixia co-workers was just messing with me after my original report...I'm guessing that he has one of these real time phishers in one of his accounts as well.
              > >
              > > MAC address device validation is way too primitive in this day and age, and if the MSO's don't start giving us digital tokens, and some stronger security, the 4G guys are going to end your party pretty quickly since they at least can exchange a higher level of validation via SSL.
              > >
              > > This auto-sign in, while convenient, needs to disappear in a hurry from the MSO's before we suddenly find that someone like a non-US sovereign has made this into a practice and becomes sleeper resource in order to attack the US infrastructure. Smartphones and tablets contain more information than wallets that a pick-pocket take. There are too many tools out there which phishers can silently hijack MSO email accounts with significant ease.
              > >
              > > Aren't your security guys aware of this? This is serious stuff.
              > >
              >
            • mwinslo5@optonline.net
              Haha.. just thinking back... around 85 or so... I was involved with the first coast to coast X.25 ATM transaction.. A certain person there whom I d never
              Message 6 of 11 , Nov 22, 2012
              • 0 Attachment
                Haha.. just thinking back... around '85 or so... I was involved with the first coast to coast X.25 ATM transaction.. A certain person there whom I'd never seen before, introduced them self as the head of security.. The Die-bold guy and I were there. We smiled at each other.. I said watch this.. hooked up a 2k$ box to the RS232 connector, and we took a supposedly secure ATM card with a real PIN, and had it dispense some test money (eg not real cash) for us in the lab - using an incorrect PIN#.. I find that when people think that they are secure, they are the most vulnerable, and that security systems shouldn't be reviewed by the designer, but in conjunction with an 'outsider' who can think outside of the box. the same way that a hacker would. You plug more holes that way.. I'm pretty damn good at breaking things which are thought to be unbreakable... it started when I was very young.. few of my toys survived long, because I tended to tear them apart to see how they worked.. I can share this story, as so many years have passed, and none of those companies are in business any longer.. Same bank.. As I was walking out with the VP, I had a back-up tape in my brief case.. Since I was with a VP who had a "don't mess with me" reputation.. When the security guard asked "what's this?" I said "don't worry, it's mine. It's just a back-up tape". He waived me through.. Later I told the VP what had just happened, and asked him why he even bothered with exit security when they didn't even know when the right time to do his job was.. BTW the back-up tape was for the Honeywell OS on the network controller, and had no sensitive information on it.. That part is called "social engineering". It's still quite effective in certain cases.. so many stories.. so little time.. but they all center around the concept of the illusion of security.. It evolves constantly.. As it should..


                --- In cablevision_digital@yahoogroups.com, mwinslo5@... wrote:
                >
                >
                >
                >
                >
                > What you say is for the most part true, but a crack becomes aa hole.
                >
                > Does an email account require SSL login in all cases, and do people tend to not know that or what that means? do most people use strong passwords? remember - an email client differs from webmail. So, can you consider this? Also, consider the recent NBC report from a couple days ago.
                >
                > Are all web browsers alike? do each of them have both known and unknown zero-day exploits?. You're not dealing with a newbie on this issue.. more of an old white-hat with assembly language knowledge, and how forcing a stack exception can allow administrative access in some OS's which allow for further exploitation.. The internet is a dangerous place, and certain people with nefarious inclinations are constantly creative.. Back in 2000, certain people were highly aware of how a DNS hijack can lead to a man in the middle further exploitation... exploits like back-orifice, which is rather dated can still be discovered.. My firewall log shows continuous probing.. Originally I posted on this issue, as a replacement phone which was unwipeable by myself through normal methods was returned to assurion assuming that they would follow proper procedure. Months later, problems appeared.. I think that we should be more paranoid, than naive in this regard. This is why I addressed this to Wilt's attention.. So there are certain things which will not be discussed except under appropriate privacy situations, and not in a public forum.. I think we are only seeing the tip of the iceberg sailing the Titanic on the internet.. not a good time to arrange desk chairs.
                >
                >
                > --- In cablevision_digital@yahoogroups.com, "marcauslander" <marcausl@> wrote:
                > >
                > > I'm confused by what exposure you are warning us about.
                > >
                > > The autologin supported by CableWiFi, AFAIK, only gets your machine on the internet. So a bad guy could clone your MAC to get on CableWiFi. Or he could go into any Starbucks, or library, or ... and get on the internet.
                > >
                > > Once on the internet, you still need to do a real login to get at your Cablevision stuff, or your Google stuff, etc. And those that matter use https.
                > >
                > > So again - what exactly is the threat?
                > >
                > > --- In cablevision_digital@yahoogroups.com, mwinslo5@ wrote:
                > > >
                > > > I just discovered one of these with my sister via Comcast...bad guy takes rooted device, or Linux or unix box...collects list of valid mac addresses, email addresses and passwords, then uses these for phishing. Since many people use both weak passwords which are common across accounts, it's a hackers playground out there. The phishers don't necessarily change or hijack the email account, but use it for hit and run attacks.
                > > >
                > > > Just a FYI - I thought that one of my ex-ixia co-workers was just messing with me after my original report...I'm guessing that he has one of these real time phishers in one of his accounts as well.
                > > >
                > > > MAC address device validation is way too primitive in this day and age, and if the MSO's don't start giving us digital tokens, and some stronger security, the 4G guys are going to end your party pretty quickly since they at least can exchange a higher level of validation via SSL.
                > > >
                > > > This auto-sign in, while convenient, needs to disappear in a hurry from the MSO's before we suddenly find that someone like a non-US sovereign has made this into a practice and becomes sleeper resource in order to attack the US infrastructure. Smartphones and tablets contain more information than wallets that a pick-pocket take. There are too many tools out there which phishers can silently hijack MSO email accounts with significant ease.
                > > >
                > > > Aren't your security guys aware of this? This is serious stuff.
                > > >
                > >
                >
              • marcauslander
                You are describing the risks of being on ANY public, unencrypted, network. This has nothing to do with CV authenticating by MAC address. Yes - the naive would
                Message 7 of 11 , Nov 23, 2012
                • 0 Attachment
                  You are describing the risks of being on ANY public, unencrypted, network. This has nothing to do with CV authenticating by MAC address.

                  Yes - the naive would be safer if all public networks were encrypted but that's not going to happen - the key management is just not practical.

                  --- In cablevision_digital@yahoogroups.com, mwinslo5@... wrote:
                  >
                  >
                  >
                  >
                  >
                  > What you say is for the most part true, but a crack becomes aa hole.
                  >
                  > Does an email account require SSL login in all cases, and do people tend to not know that or what that means? do most people use strong passwords? remember - an email client differs from webmail. So, can you consider this? Also, consider the recent NBC report from a couple days ago.
                  >
                  > Are all web browsers alike? do each of them have both known and unknown zero-day exploits?. You're not dealing with a newbie on this issue.. more of an old white-hat with assembly language knowledge, and how forcing a stack exception can allow administrative access in some OS's which allow for further exploitation.. The internet is a dangerous place, and certain people with nefarious inclinations are constantly creative.. Back in 2000, certain people were highly aware of how a DNS hijack can lead to a man in the middle further exploitation... exploits like back-orifice, which is rather dated can still be discovered.. My firewall log shows continuous probing.. Originally I posted on this issue, as a replacement phone which was unwipeable by myself through normal methods was returned to assurion assuming that they would follow proper procedure. Months later, problems appeared.. I think that we should be more paranoid, than naive in this regard. This is why I addressed this to Wilt's attention.. So there are certain things which will not be discussed except under appropriate privacy situations, and not in a public forum.. I think we are only seeing the tip of the iceberg sailing the Titanic on the internet.. not a good time to arrange desk chairs.
                  >
                  >
                  > --- In cablevision_digital@yahoogroups.com, "marcauslander" <marcausl@> wrote:
                  > >
                  > > I'm confused by what exposure you are warning us about.
                  > >
                  > > The autologin supported by CableWiFi, AFAIK, only gets your machine on the internet. So a bad guy could clone your MAC to get on CableWiFi. Or he could go into any Starbucks, or library, or ... and get on the internet.
                  > >
                  > > Once on the internet, you still need to do a real login to get at your Cablevision stuff, or your Google stuff, etc. And those that matter use https.
                  > >
                  > > So again - what exactly is the threat?
                  > >
                  > > --- In cablevision_digital@yahoogroups.com, mwinslo5@ wrote:
                  > > >
                  > > > I just discovered one of these with my sister via Comcast...bad guy takes rooted device, or Linux or unix box...collects list of valid mac addresses, email addresses and passwords, then uses these for phishing. Since many people use both weak passwords which are common across accounts, it's a hackers playground out there. The phishers don't necessarily change or hijack the email account, but use it for hit and run attacks.
                  > > >
                  > > > Just a FYI - I thought that one of my ex-ixia co-workers was just messing with me after my original report...I'm guessing that he has one of these real time phishers in one of his accounts as well.
                  > > >
                  > > > MAC address device validation is way too primitive in this day and age, and if the MSO's don't start giving us digital tokens, and some stronger security, the 4G guys are going to end your party pretty quickly since they at least can exchange a higher level of validation via SSL.
                  > > >
                  > > > This auto-sign in, while convenient, needs to disappear in a hurry from the MSO's before we suddenly find that someone like a non-US sovereign has made this into a practice and becomes sleeper resource in order to attack the US infrastructure. Smartphones and tablets contain more information than wallets that a pick-pocket take. There are too many tools out there which phishers can silently hijack MSO email accounts with significant ease.
                  > > >
                  > > > Aren't your security guys aware of this? This is serious stuff.
                  > > >
                  > >
                  >
                • mwinslo5@optonline.net
                  PM me if you wish to speak further. yes and no..
                  Message 8 of 11 , Nov 23, 2012
                  • 0 Attachment
                    PM me if you wish to speak further. yes and no..

                    --- In cablevision_digital@yahoogroups.com, "marcauslander" <marcausl@...> wrote:
                    >
                    > You are describing the risks of being on ANY public, unencrypted, network. This has nothing to do with CV authenticating by MAC address.
                    >
                    > Yes - the naive would be safer if all public networks were encrypted but that's not going to happen - the key management is just not practical.
                    >
                    > --- In cablevision_digital@yahoogroups.com, mwinslo5@ wrote:
                    > >
                    > >
                    > >
                    > >
                    > >
                    > > What you say is for the most part true, but a crack becomes aa hole.
                    > >
                    > > Does an email account require SSL login in all cases, and do people tend to not know that or what that means? do most people use strong passwords? remember - an email client differs from webmail. So, can you consider this? Also, consider the recent NBC report from a couple days ago.
                    > >
                    > > Are all web browsers alike? do each of them have both known and unknown zero-day exploits?. You're not dealing with a newbie on this issue.. more of an old white-hat with assembly language knowledge, and how forcing a stack exception can allow administrative access in some OS's which allow for further exploitation.. The internet is a dangerous place, and certain people with nefarious inclinations are constantly creative.. Back in 2000, certain people were highly aware of how a DNS hijack can lead to a man in the middle further exploitation... exploits like back-orifice, which is rather dated can still be discovered.. My firewall log shows continuous probing.. Originally I posted on this issue, as a replacement phone which was unwipeable by myself through normal methods was returned to assurion assuming that they would follow proper procedure. Months later, problems appeared.. I think that we should be more paranoid, than naive in this regard. This is why I addressed this to Wilt's attention.. So there are certain things which will not be discussed except under appropriate privacy situations, and not in a public forum.. I think we are only seeing the tip of the iceberg sailing the Titanic on the internet.. not a good time to arrange desk chairs.
                    > >
                    > >
                    > > --- In cablevision_digital@yahoogroups.com, "marcauslander" <marcausl@> wrote:
                    > > >
                    > > > I'm confused by what exposure you are warning us about.
                    > > >
                    > > > The autologin supported by CableWiFi, AFAIK, only gets your machine on the internet. So a bad guy could clone your MAC to get on CableWiFi. Or he could go into any Starbucks, or library, or ... and get on the internet.
                    > > >
                    > > > Once on the internet, you still need to do a real login to get at your Cablevision stuff, or your Google stuff, etc. And those that matter use https.
                    > > >
                    > > > So again - what exactly is the threat?
                    > > >
                    > > > --- In cablevision_digital@yahoogroups.com, mwinslo5@ wrote:
                    > > > >
                    > > > > I just discovered one of these with my sister via Comcast...bad guy takes rooted device, or Linux or unix box...collects list of valid mac addresses, email addresses and passwords, then uses these for phishing. Since many people use both weak passwords which are common across accounts, it's a hackers playground out there. The phishers don't necessarily change or hijack the email account, but use it for hit and run attacks.
                    > > > >
                    > > > > Just a FYI - I thought that one of my ex-ixia co-workers was just messing with me after my original report...I'm guessing that he has one of these real time phishers in one of his accounts as well.
                    > > > >
                    > > > > MAC address device validation is way too primitive in this day and age, and if the MSO's don't start giving us digital tokens, and some stronger security, the 4G guys are going to end your party pretty quickly since they at least can exchange a higher level of validation via SSL.
                    > > > >
                    > > > > This auto-sign in, while convenient, needs to disappear in a hurry from the MSO's before we suddenly find that someone like a non-US sovereign has made this into a practice and becomes sleeper resource in order to attack the US infrastructure. Smartphones and tablets contain more information than wallets that a pick-pocket take. There are too many tools out there which phishers can silently hijack MSO email accounts with significant ease.
                    > > > >
                    > > > > Aren't your security guys aware of this? This is serious stuff.
                    > > > >
                    > > >
                    > >
                    >
                  • Manoj Tejwani
                    Since yesterday I have been getting a black rectangular box on the bottom of the screen on Bloomberg (105 and 722). When I hit info or pause the scree -
                    Message 9 of 11 , Nov 23, 2012
                    • 0 Attachment
                      Since yesterday I have been getting a black rectangular box on the bottom of the screen on Bloomberg (105 and 722). When I hit info or pause the scree - basically when some information is called into the screen the black box goes away. If I pause and rewind the scene the black box goes away like it was never that but comes back on in a few seconds.

                      This is not a TV issue but seems like a broadcast or cablebox (SA 8300HD) software issue. I have tried booting the box.

                      See image attached below.
                      Has anyone seen this before or would have any ideas on what it could be?



                      [Non-text portions of this message have been removed]
                    • mwinslo5@optonline.net
                      OT.. repost as separate topic
                      Message 10 of 11 , Nov 23, 2012
                      • 0 Attachment
                        OT.. repost as separate topic

                        --- In cablevision_digital@yahoogroups.com, Manoj Tejwani <manojtejwani@...> wrote:
                        >
                        > Since yesterday I have been getting a black rectangular box on the bottom of the screen on Bloomberg (105 and 722). When I hit info or pause the scree - basically when some information is called into the screen the black box goes away. If I pause and rewind the scene the black box goes away like it was never that but comes back on in a few seconds.
                        >
                        > This is not a TV issue but seems like a broadcast or cablebox (SA 8300HD) software issue. I have tried booting the box.
                        >
                        > See image attached below.
                        > Has anyone seen this before or would have any ideas on what it could be?
                        >
                        >
                        >
                        > [Non-text portions of this message have been removed]
                        >
                      Your message has been successfully submitted and would be delivered to recipients shortly.