I work for Time Warner and I can explain

I was just watching the Tek 0107, and it got to the part where Logan was talking about those two guys logging in on an offsite location and remotely accessing the computer system for Comcast. I wanted to sort of explain how that was possible, and actually offer a little clarity into that. 

TWC, Comcast, Charter and Sudden Link all use (roughly) the same system. By that I don't just mean that they use the same brand Cable boxes and Internet routers (which they do and are primarily Motorola and Ubee) but also the same software to handle office dispatching and in some cases the same technicians to handle various amounts of work. How? Simple. They sub-contract out work. At my office in particular we mainly focus on TWC, but we have regular techs from our office that help with Charter as well. Same payroll and everything. That's the big thing here. 

How were those guys able to login remotely? A lot of the different subcontractors load information up onto laptops and ship that home with people. My office in particular doesn't, but I know of others that do. All it is is a matter of a browser based security check that requires constant connection and must be pinged every 15 minutes. Otherwise you simply have to log in. The only thing to keep some contract worker from killing every TWC account are the permissions given to it within the system (similar to using Team Speak 3 for those of you familiar with it). For instance, at my office, I specialize in setting payment arrangements on past due accounts as well as dispatching techs to disconnect accounts. Therefore, I have no real control over the billing itself, but other contracted companies in the area do.

What probably happened was those guys got a copy of the right software (which my office has multiple copies of on little thumb drives so there is no lack of access to that) and simply used the credentials of a specific contractor who had the right permissions to log in off site. Is it stupid? Absolutely, but that is why they wouldn't have known as far as red flags go. I know it sounds really crazy, and personally, I don't endorse the system, but I do get paid through it. 

I know this isn't really a question aimed to be answered, but it is basically insider info that I am giving you. Just about anyone you talk to with TWC, Comcast, Charter and Sudden Link are contractors. Take it from me. I am tech 3901 for the NTX region. 

If anyone has any further questions for me, I'll try my best to get back to you on here. 

p.s. Sorry my account isn't filled out with pictures or anything. I quite literally signed up for this less than half an hour before posting this.  

This system is more common than people think. I work for a large manufacture. The bosses have laptops they use to log into the office network. When they go home they take there laptops with them. The crazy thing is they can make changes to how the machines run from bed at night and people the next day will freak out asking who did that. 

So, it's pretty much just an LDAP system?

Yes, exactly. That is why stuff like that is possible. Is there a work around to avoid that in the future? Yes, but it would put a big stress on the current standards with so many techs having to do work in the field. Here is the weird thing though.

The point behind the TWC Comcast merger is really only to cover technicalities. If you think about it, They are both using the same exact system. The two companies basically are just Comcast right now. TWC is just a name that we go by for fun, basically. I hate to say it, but long before Comcast thought about "buying" TWC publicly, they were already buddy buddy. I would also keep an eye open if Comcast gets TWC that they'll look next to Charter and Sudden Link.

Sounds like your company needs to implement some physical procedures for logon. But that's' a pretty horrible scenario. That kind of thing can be reported to the government.

My company requires all work to be done inside of a monitored office building. It is simply the other contracting companies that allow stuff like that. As far as having that reported, it is a standard business practice. Only when people screw up can they really have that reported and it do something bad for the company. 

Most of it would really just fall on the individual contractor and not the contracting company though.