• Encrypt-Keeper
    link
    fedilink
    English
    7
    edit-2
    9 months ago

    I can’t think of a single ISP that was using old Ubiquiti EdgeOS routers as consumer routers.

    • 520
      link
      fedilink
      2
      edit-2
      9 months ago

      So if we’re not talking about ISPs sending this out, then the reason that remote access gets turned on by default is incase the company sysadmin couldn’t physically get to the device, and they assumed the company had a firewall.

      Companies almost always prioritise OOTB setup and operationality over security when it comes to defaults.

      • Encrypt-Keeper
        link
        fedilink
        English
        1
        edit-2
        9 months ago

        They likely weren’t enabled by default at all. Because that’s generally not how company IT departments even remote manage these things. And the affected devices are the firewalls.

        Remote administration was turned on manually, by the owners of these devices, because they didn’t know what they were doing.