TheStar has the news as well.

http://techcentral.my/news/story.aspx?file...235&sec=IT_News

he is stating a fact/truth. he has nothing to worry about. tm should thank him.

how to sue. Do they know rizvanrp in the first place? And to they know that they violate their own T&C ?

News Release

2  June 2010


STATEMENT


Telekom Malaysia Berhad ™ wishes to clarify the concerns raised by various parties with regards to the remote accessibility of UniFi routers which are part of the customer premises equipment (CPE) for all UniFi subscribers.

TM would like to assure all concerned parties that the only reason the UniFi router setting for remote access is enabled is for remote access troubleshooting purposes for the express use of our technical support personnel. In the event there is a technical support issue with any of our UniFi subscribers; at the first level of troubleshooting, TM’s network operation centre (NOC) can immediately remotely diagnose the problem before sending a support team on-site.

TM takes note of the security concerns that have been raised, and we have taken these issues to heart.

TM also acknowledges that there is a need to balance the public’s level of comfort with regards to security and privacy and TM’s own commitment to faster support turnaround time. As such, TM would like to maintain the higher level of service enabled by remote access management on customer routers, and in recognition of that TM will immediately change  every UniFi customers’ router management password into a high security, unique one (which will be only known to the customer and TM). TM will notify all our Unifi customers of this change accordingly.

MX there's a difference between their Riger DSL modem which is pretty crappy and only has a web UI compared to a custom made DLINK DIR-615 with full SSH access.. full SSH access you can SSH tunnel.. you can view the conntrack table.. you can modify the iptables and DNS servers to redirect users to phishing sites..

headline story in M Insider:

[attachmentid=1606871]