Saturday, July 08, 2006

Are You Exposing Youself?

I recently was given a wireless laptop. Eager to play with my new toy and to try out wireless, I turned it on as I left my office on Davis Island, to see what wireless access is out there. After I left the downtown area, and drove up Florida Avenue home and later up to Stephannos Pizza I found that about 8 or 9 out of 10 wireless networks I came across were not secured. I don't think that is good

A few months ago the Trib did an article on the subject.

"In about 20 minutes of driving, Tomasone and I logged more than 1,200 open wireless connections between the Channel District and The Tampa Tribune newsroom. Fewer than half had security software in use.

Most users had not taken the basic step of changing the digital name of their Wi-Fi antenna after installing it. That quickly tells hackers that the wireless link probably has no security.

And perhaps worst of all, hundreds of the Wi-Fi users who did use encryption were using old cryptography software called WEP that was broken five years ago by California college students."

Here are some hints.

Perhaps I am being alarmist. I don't know much about wireless, so those who do please comment and correct any errors in my comment.

From the Trib:

"For Consumers

•Be aware: Most wireless access points are sold with no security as a default setting. Securing your network takes a few extra steps outlined in your instructions.

•Don't use wireless equipment with Wired Equivalent Privacy, or WEP, encryption, a system broken several years ago. A much better system is sold under the brand name Wi-Fi Protected Access, or WPA or WPA2. (The instruction manual should indicate which format the equipment uses.)

•Change the wireless connection's name, called the SSID, so a relatively anonymous number appears when nearby users look for available connections. Names like "TheSmithFamily" or "ConferenceRoom" only invite hackers.

•Set a password to administer your wireless router (the sharing device typically plugged into your Internet connection) so only you can change its security settings. The setup software should have an option to administer the router, but if not, check the "Help" file in the program.
•Use a personal firewall program (Windows comes with one, or you can buy others), plus keep antivirus and antispyware programs up-to-date to detect threats and clean out malicious software."

11 comments:

Anonymous said...

i could care less if someone uses my wireless connection

Anonymous said...

You say that until they upload a buttload of kiddie porno using your computer and the cops come looking for you.
They can make special files to store it in using your computer.
Hope you can prove it wasn't you when your are looking at 10-20 and living at the sex offender house on New Orleans for the rest of your retirement days.

Bungalowlady said...

Okay, I read all the stuff. Who wants to come secure my wi-fi. After my son moved out, I'm hopeless.

Anonymous said...

If you want to learn something about wireless security, I can strongly recommend the following:

Security Now Podcast

Listen or download episodes 10,11 and 13. This should teach you all the important stuff.

On a 3 week vacation in Belgium and still reading the Seminole Heights blog.

Anonymous said...

Everyone (and I mean *everyone*) that has an always-on connection like cable or DSL needs a router. Even if you only have one PC plugged into it. These things come with a lot of security features and prevent all the computers in your house from being port scanned by hooligans. They all cost under $100; most cost under $40. Mine is a dual wireless and wired router with all sorts of security features and it cost $69. I've heard Belkin makes one for $36-ish.

People driving by my house won't even get a signal because there's something about the construction of it that keeps my signal inside. (I can't even get a signal 3 feet into my back yard... darnit. No surfing by the pool.)

Enabling wireless security is easy. Just remember you need to do it on the wireless access point first and then each device that connects wirelessly. If you enable WEP or WPA security, you're going to need to enter a key or passcode of some kind for each machine. It'll look like a bunch of gobbldygook.

Bungbalowlady ... lure your son back from St Pete with a good home-cooked meal. ;-) If not, I'll do it for you. It's the least I can do for all the work you put into cleaning up my neighborhood.

Mal Carne said...

While there is no truly secure method of securing your wireless points, the idea of 'I don't care if someone else uses it' will only result in disaster for you.
1) anyone who can access your wireless network is now on your local network. By default, security settings in your operating system are more lax with regards to your local network connections.
2)ANYTHING that you send between your computer and router can be sniffed out of the air (including your credit card numbers and logins for banking sites/etc), if your connection is not secured. Kiddy porn uploads could happen, identity theft is more likely.
Computer identity theft is no longer the realm of pimply faced computer geeks. Wiseguys pay good money for personal information these days, and business is good.

3)Hackers and virus authors are far less interested in destroying your information on your computer these days than turning it into a "zombie" that they can use at will. Your computer alone doesn't do them much good, but people and organizations are amassing armies of zombie machines that they can use as spam engines, attack websites, and lots of other lovely things.

I do computer security for a living, and most of the intrusion attempts that I see come from compromised home systems, just like yours. For your own protection, secure that wireless network AND your computer.

Anonymous said...

ANYTHING that you send between your computer and router can be sniffed out of the air (including your credit card numbers and logins for banking sites/etc),

This is wrong!
When you log on to a bank site you are encrypting the transmission between the web browser and the banks server. Doesn't matter if someone has access to your connection they can not view this data.

Anonymous said...

^^^^^^^
Yes and no. But which would you rather do; keep your information safe, or argue semantics on a blog?

Anonymous said...

all I understand of any of this has been blah blah blah blah blah blah blah blah. I hate computers!!

Anonymous said...

To the "this is wrong!" anonymous.

No, he is right. Even encrypted information can be sniffed out. Doesn't mean it can be decrypted. (WEP security, as previously mentioned, can be decrypted--made readable.)

Not all operating systems are like Windows, which comes out of the box open to the world and ready to be infected. People who use Mac OSX, Linux, BSD, or other varieties of Unix are less apt to get cracked, and if they are cracked, are often only of limited use to the crackers. If you only use your PC to surf th e web and get email, you might consider switching to free linux. (I recommend the Ubuntu variety for ease and simplicity.)

The Windows monoculture is evil. ;-) And not just the diet coke if evil--it's the full blown coke of evil!

Anonymous said...

An additional suggestion is to make your router only accessible to specific MAC addresses which you decide. Doesn't prevent sniffers from receiving your data, but will prevent unauthorized use of your network.