T-Mobile 5G testers in Denver see speeds 20% faster than 4G

T-Mobile launched their nationwide 5G service recently, and reviews from early adopters are coming in.

Unlike Verizon’s millimeter wave 5G network – which has been launched in a couple dozen cities but is only usable in very limited areas within those cities – T-Mobile is using a lower frequency, which provides much better coverage but slower speeds. Even on the lower frequency though, 5G should be significantly faster than 4G LTE. T-Mobile’s marketing has indicated that 5G users should see speeds around 20% faster than LTE.

A reviewer from Tech Junkie tested in multiple locations in the Denver area using T-Mobile’s OnePlus 7T Pro 5G McLaren Android phone, and the 20% speed bump over LTE proved accurate in most locations. The latency over 5G is significantly better than LTE (in one test, the reviewer saw ping times of just 37ms over 5G while latency over LTE was 77ms), which makes a big difference for things like video chatting, gaming, and other applications that benefit from real-time response.

5G everything you need to know

5G networks are the next generation of mobile internet connectivity, offering faster speeds and more reliable connections on smartphones and 5G ultra wideband supported devices.

Combining cutting-edge network technology and the latest high tech devices, 5G offers reliable connections that are significantly faster than current cable connection and other internet hookups, with average download speeds of around 1GBps expected to soon be the average connections offered on the 5G network.

The 5G network are expected to supercharge the (IoT) Internet of Things technology, providing the infrastructure needed to carry huge amounts of data that allows for a smarter and more connected world.

5G networks have launched around the world with many cellular providers offering connectivity tech across the US, UK, and Australia as well as a variety of other countries around the world today.

Why super-fast 5G iPhones might not power a ‘supercycle’ for Apple

Apple can seemingly do no wrong. The company’s stock is up 103% in the last 12 months, iPhone 11 units are moving at a brisk pace alongside strong demand from China,

Apple is expected to release the 5G iPhone later this year. That has investors hoping for a massive uptick in device upgrades, which would be a major boost to Apple’s bottom line. As one of the small groups of $1 trillion companies that include Microsoft and Google, Apple will need some impressive sales to keep investors happy.

But not everyone shares the enthusiasm of a potential 5G powered sales supercycle. But at least one analyst says that the prospects for massive demand for 5G iPhones could be overblown.

Cable Haunt – what it is and how to prevent it

It’s the year 2020. A new decade is upon us, and the time for progress is now. Commercial spaceflight is becoming a reality, consumers are buying electric cars, cell phones with more RAM than desktop PCs will soon be released, but some things never change either…

What never changes? Our reliance on internet connected devices, and ultimately the possibility for security risks and vulnerabilities in those devices, that allow for malicious exploits to be run against a network.

What is it?
The latest critical vulnerability has been named Cable Haunt, specifically because it affects cable modems and modem/router combos from a number of manufacturers throughout the world. The word haunt is used because the exploit has existed within these devices, silently, for many years now, and has only recently been discovered. This could impact around 200 million cable modem users.

Discovered by Lyrebirds, a cyber security company in Denmark, they have created a website to address and discuss the vulnerability and have included a deep dive technical report (available here) as well as a proof of concept and test script you can run against your own network to see if your modem is vulnerable.

What could it do?
Cable Haunt is exploited by first gaining access to a local network device like a computer, though it could be any device on the LAN. This can be via a number of methods and is outside the scope of this document for now. Once the local device is compromised, a buffer overflow attack is initiated against the modem, ultimately giving the attacker control of the cable modem.

CableHaunt specifically attacks a tool built into modems called Spectrum Analyzer. A flaw in Spectrum Analyzer allows an attacker to send HTTP requests to the modem, regardless of the local device they’ve attacked first. Once the buffer overflow is in place the modem is under the attackers control, and they could perform a number of malicious changes including; updating DNS servers to point end users to malicious versions of legitimate web sites, man in the middle attacks, changing firmware, and more

How to protect against it?
Since Cable Haunt is dependent on first taking control of a local device, it is possible to configure many routers to block local access to the vulnerable modem. If access to the cable modem is prevented, there isn’t a way to actively exploit Cable Haunt. We’ll cover a few different router manufacturers here with screenshots on how to make these changes. TIP: A downside to this firewall rule is you won’t be able to access your modem either. You could modify these rules to block only the port that the Spectrum Analyzer runs on, but if you replace your modem and a different port is used, you’ll no longer be protected without first updating created rules.

First, it is important to determine IF your device is vulnerable. Currently, only devices running Broadcom equipment are affected. If your device is NOT manufactured with Broadcom components, you are safe! You can visit Approved Modems for a list of manufacturers and devices to determine if you are affected.


Peplink/Pepwave

  1. Log into the web administration interface at 192.168.1.1 (Pepwave) or 192.168.50.1 (Peplink). If you have changed your LAN IP, please use the new address.
  2. Log in, and visit the Advanced (Pepwave) or Network (Peplink) tab, and select Firewall: Access Rules, from the left menu.
  3. On the right of the screen, you’ll see sections for Outbound Firewall Rules, Inbound Firewall Rules, and Internal Network Firewall rules, along with any existing rules that are in place.
  4. Click Add Rule under Outbound Firewall Rules
  5. Create a rule named Cable Modem Block and follow the screenshot below. Important here is setting the Action to Deny, and enabling Event Logging for later review. Click Save.
  6. The firewall rules are set up with the highest priority rules listed first, so click and drag the newly created Cable Haunt rule to the top of the list. Be sure to click Apply Changes in the top right corner of the web administration interface.
  7. Special note – If your cable modem uses a different default address other than 192.168.100.1, be sure to modify this rule to the appropriate IP address.

How do I log into my Peplink/Pepwave if I disable local access?
InControl is Peplinks cloud management platform which provides monitoring, configuration, and remote access, to all of your Peplink/Pepwave hardware from a single sign on. If you are a business and are deploying Pep equipment across multiple sites, InControl can manage them all. You’ll have real time views into network performance, internet connection status, client lists, data usage, and more. You can remotely configure and push configurations such as WiFi updates, firewall settings, and firmware updates.

When it comes to Cable Haunt, InControl gives you a simple means of remotely accessing your local router interface with their Remote Management feature. A simple firewall rule, as described above, blocks local devices from executing Cable Haunt vulnerabilities. With InControl, you can still log into the router, manage and make changes, all securely. You can follow this link for the InControl 2 user manual.

Learn more about Peplink/Pepwave products and services at 5Gstore

Cradlepoint

  1. Log into the web administration interface at 192.168.0.1. If you have changed the default address, please use the new address.
  2. Log in, and visit the Security tab on the left side of the page, and click Filter Policies.
  3. You’ll see a few basic Filter Policies in place depending on your configuration. Click Add.
  4. Name your filter Cable Modem Block, set the default action to Deny, and select Log to enable logging to the router for later review.
  5. Enter a source address of 0.0.0.0 for all LAN clients. Destination is the IP address of your cable modem, typically 192.168.100.1, but be sure to modify if you’ve changed this.
  6. Click save, and then Apply Changes.
  7. For a full breakdown of the Cradlepoint Firewall, visit Cradlepoint Connect.

How do I log into my Cradlepoint if I disable local access?
NetCloud Manager is the Cradlepoint cloud management platform. NetCloud performs the functions you would expect from the cloud; firmware management, device configuration, status, alerts, and more.

Cradlepoint no longer sells hardware on its own, and instead offers solutions packages that include technical support, warranty, and access to NetCloud. You can follow this link for a guide on using NetCloud, including local administration and cloud management.

Learn more about Cradlepoint and NetCloud services at 5Gstore

Sierra Wireless

Sierra wireless doesn’t have a typical stateful firewall built into its web administration interface. You can not explicitly tell the router ‘block outbound traffic to 192.168.100.1.’ Instead, you can block ALL outbound traffic, and create a list of Trusted IPs that can be accessed by local devices. This means making a rule for ALL IPs you wish to visit, which can be cumbersome. This is not a problem though, as typically you are NOT using a cable modem along with the Sierra product line. Cellular is the typical primary connection and is not affected.

If you do have a Sierra with a connected cable modem, you’ll need to add a firewall appliance like a Sonicwall or similar, in order to block access to the modem from the local network.

Other Manufacturers

Michael Horowitz of RouterSecurity.org has an excellent in-depth article on blocking cable modems from various manufacturers such as TP Link and Asus. If your specific model isn’t listed, it doesn’t mean the same general rules won’t apply.


Additional Considerations

Q: What if I have a cable modem/router combo provided by my ISP, and it is in Bridge or IP Passthrough mode, am I affected?

A: Putting a modem/router combo in Bridge mode won’t necessarily prevent you from a Cable Haunt attack. Some devices still run their web servers while in passthrough, which leaves an open means of attack. Don’t assume everything is okay, test!


Basic Testing

While not perfect, a quick test in a web browser can help determine if a network is potentially vulnerable to Cable Haunt. This can be done on a desktop PC, laptop, or phone, that is wired or connected via WiFi to the network you wish to test.

  1. Open up a web browser of your choice (Chrome, Firefox, Safari, etc)
  2. In the address bar, enter the corresponding default IP Address from this list
  3. f the page loads to a login screen, the network is potentially susceptible to Cable Haunt. 

Advanced Testing – IT Professionals Only

The folks behind Lyrebirds, the organization that found this vulnerability, have developed a script to let network administrators test their modem for Cable Haunt. They’ve posted the script and Python code to their GitHub repository for download.

Fair warning, this is a ‘use at your own risk’ tool and should only be utilized on networks that you own or have explicit authority to test. Ultimately, this test will cause a vulnerable cable modem to crash and reboot if the device is found to be vulnerable. Therefore, do not perform this testing during business hours or times when internet connectivity is critical.

Lyrebirds have posted a video showing an active exploit against a Cable Haunt vulnerable modem in a test environment. In just a few minutes you can see how their GitHub testing script works, and just how quickly a knowledgeable attacker could gain access to a modem completely undetected in most cases.

iPhone vs Galaxy competition will make 5G phones more affordable

Being an early adopter of new technology usually means spending more on equipment, but the competition between Apple and Samsung may mean that 5G phones will have a lower price than you’d think.

Apple does not yet have a 5G-capable iPhone, but rumors indicate that they’ll be launching at least 2 5G iPhones in 2020, with one being lower in price and a second more “premium” model.

Samsung already has one 5G-capable phone, the Galaxy S10 5G, and it is quite pricey. However, Apple’s rumored introduction of a cheaper model has led to Samsung planning to launch their own lower-cost “E” (as in “essential”) Galaxy 5G in 2020 to compete.

The actual prices of the rumored lower-cost Apple and Samsung models are yet to be known. But the competition between the two should help to drive down prices and encourage more non-premium 5G options.

U.S. senators propose $1B in subsidies for 5G development to compete with Huawei

In an effort to better compete with China in 5G development, a group of U.S. senators has proposed utilizing up to $1 billion to subsidize 5G research and development in the U.S. The legislation is aimed at providing alternatives to Chinese telecom-equipment makers Huawei and ZTE, which have been called out as potential security threats to the U.S.

“Every month that the US does nothing, Huawei stands poised to become the cheapest, fastest, most ubiquitous global provider of 5G, while U.S. and Western companies and workers lose out on market share and jobs,” said Mark Warner, a Democrat from Virginia. “It is imperative that Congress address the complex security and competitiveness challenges that Chinese-directed telecommunication companies pose.”

The proposal, called the Utilizing Strategic Allied Telecommunications Act, would allocate at least $750 million to companies developing 5G wireless technology and would create a $500 million fund to be made available to manufacturers deploying “trusted and secure” wireless equipment in the U.S. and elsewhere.

Read more

2020 is a tipping point for 5G

The general manager of IBM,s Global Media, and Entertainment industry, said that 2020 will be the year that 5G reaches an inflection point and will roll out at full scale.

At CES 2020 about the benefits of 5G to the Internet of Things (IoT), edge computing, manufacturing. Steve Canepa the general manager of IBM explained “5G, as we’ve all seen, is starting to show up in all kinds of different ways with the telecommunications providers now having the spectrum that they’re starting to deploy. We’re seeing different providers have their evolution to 5G offerings in the marketplace. We’re going to see it show up in fixed locations, manufacturing floors, stadiums, facilities, all of that is going to start rolling out at scale in 2020, so it’s an exciting time. And for us, 5G is really an inflection point, I think because it brings three core advantages to businesses that are trying to create new value. “

Verizon to release 20 5G-capable devices in 2020

Verizon was very aggressive with their 5G rollouts at the end of 2019, and in 2020 it looks like they plan to offer customers a lot more options to use the new network.

Right now they only have 5 options available that work on the 5G network: a 5G hotspot and 4 smartphones (Samsung Galaxy S10 5G, Galaxy Note 10 5G, LG V50 ThinQ 5G, and the Moto Z4 with 5G Moto Mod). In 2020 they plan to launch 20 more.

Ronan Dunne, head of the Verizon Consumer Group, said at CES this week that in the first half of 2020 Verizon plans to release phones that will sell for around $800, with a sub-$600 phone to be available in the latter part of the year. He didn’t provide specifics on models or features, but said that he expects most of the 5G devices launching this year to be phones, with just a couple of hotspots being added to the lineup.

Apple may split 5G iPhone lineup into two launches

With 5G becoming more available every month thanks to launches by Verizon, AT&T, and T-Mobile, many consumers are eagerly anticipating more 5G-capable devices to choose from. Options are limited right now, and Apple fans have been waiting for news on when a 5G-capable iPhone will be available.

Mehdi Hosseini, a semiconductor analyst for Susquehanna, indicated this week that based on his checkins with suppliers, he anticipates that Apple will launch their first 5G phone in September using sub-6ghz technology, with a faster mmWave 5G model coming in December 2020 or January 2021. Depending on your carrier of choice and the technology they’re using for 5G in your area, one model may be more attractive over the other. 5G networks using MmWave (like Verizon’s) are much faster, but have limited range and coverage.

This may be the cheapest 5G phone you’ll be able to buy in 2020

As more and more 5G phones go on sale, there still aren’t many affordable 5G supported phones available, with the most affordable phone in the US costing just under $900. That is all set to change in 2020, and the first to break the mold is the first 5G handset from TCL.

The brand new TCL 10 series announced at CES 2020 includes a 5G-ready handset that is set to debut later in the year and will cost under $500 (roughly £380, AU$720).

TCL has teased three new handsets as part of the series that includes the TCL 10L, TCL 10 Pro and TCL 10 5G. The official launch – and therefore when we’ll hear about a full spec list – is set to take place at Mobile World Congress in February.