Using an Unsecured WiFi System

[denverd0n]

Quote:

Originally Posted by CaptForce

I think that my earlier analogy of turning your car within someone's private driveway is a better analogy...

The argument that has been put forth when prosecuting people charged with "theft of services" is that the bandwidth is a limited resource. Hence, when you are using it, you are limiting what is available to the person who originally paid for it. So, rather than being like turning around in someone's driveway, it would be more like parking your car in their driveway when they want to get into the garage.

Now, of course, it's easy to see if someone is trying to get into the garage if you are parked in their driveway. Much more difficult to see if the legitimate owner of the wifi signal is having his streaming video slow down some because you are sending e-mails. Regardless, the courts have held that when you are using some of it, he can't use all of it, and "all of it" is what he paid for. Hence, theft of services.

[CarlF]

This is the wrong week to feel safe about SSL

Apple just announced a jaw droopingly severe SSL vulnerability in both IOS and OSX (iphone, ipads, Macs) that allows the reading of SSL traffic without anyone knowing. This vulnerability has been out there for some time. No one knows if it's been exploited or not.


"I've confirmed full transparent interception of HTTPS traffic on both iOS (prior to 7.0.6) and OS X Mavericks. Nearly all encrypted traffic, including usernames, passwords, and even Apple app updates can be captured," according to a blog post from Cortesi, who promised to not release his SSL-attack tweaks for mitmproxy until after Apple releases an OS X patch.

"It's difficult to over-state the seriousness of this issue. With a tool like mitmproxy in the right position, an attacker can intercept, view, and modify nearly all sensitive traffic. This extends to the software update mechanism itself, which uses HTTPS for deployment," Cortesi said. "It's safe to assume that this is now being exploited in the wild. Of course, intelligence agencies have no doubt been on top of this for some time."

Apple SSL Vulnerability: 6 Facts - InformationWeek

If you haven't updated your Apple products in the last few days - do so now!!!

[stilldreamin]

Quote:

Originally Posted by bdbcat

TimR...

I'd like to understand technically how a spoofed Google page could install a keylogger, if you have "normal" browser security settings. Seems a stretch to me.

Any specific links you could send me to?

Thanks
Dave

Any hosted page or proxy provided by a malicious hotspot can serve up both the iframe and the exploits while loading something like google (or actually, any site) you send a GET for. Fiesta Exploit Pack is No Party for Drive-By Victims is a current campaign, but the tools have been publicly discussed for a very long time (Airpwn: Owning the Airwaves | Airpwn: Owning the Airwaves | InformIT).

SSL/VPNs only provide limited security for a user piggybacking on an unknown WiFi hotspot; it's semi-trivial to serve up a fake CA cert as part of the exploit kit and then MiTM the SSL connections out after that. If done with just a little bit of finesse, the user won't ever be aware of what's hit them (this is in essence what SSL proxy appliances have done forever, but usually the legit ones want enterprise IT to install the proxy's CA cert or have the user to explicitly set the proxy). There's probably even a way to populate an explicit SSL proxy using responses to a WPAD DNS query, but I haven't looked into it.

Does that mean that fiesta or any other exploit will get your fully patched box, the first time through, undetectably? Not so much, but it is possible and new exploits are released/sold underground frequently (and go unpatched for weeks or months).

Realistically, you probably have better odds of winning the lottery than getting hit by a malicious, unsecured WiFi access point, but all of the tech is there you just need someone with the knowledge and the motivation to do it.

[Celestialsailor]

Quote:

Originally Posted by Dockhead

When WiFi first became widespread, most people left their routers open. I thought it was great -- anyone who needs it who is passing by can use mine; I'll use others' when I'm roaming about. We all have unlimited data plans, so what does it cost me?

But then people started to have trouble with their systems slowing down as large numbers of freeloaders got on using massive amounts of data, downloading porn no doubt, and people started to lock their doors.

It's too bad! I think we should return to those days, and here is how I would propose to do it:

Let's have Guest Access which is open and free. It tracks the MAC addresses of users and will shut off users who are not people passing through, but just neighbors freeloading on your system. It will limit the amount of data you can use, and will limit the speed. Maybe it will block movie downloads, Youtube, etc.

If everybody would open Guest Access like that then the world would be a much better place.

As it is, I don't feel any qualms about occasionally using an open WiFi router. I think if it's left open, that's an invitation to use it. I don't abuse this -- don't use tons of data, and don't use such things for extended periods. Last few years this almost never happens, as open connections are almost non-existent, and I have mobile data now wherever I go anyway.

I would also never do it in places -- like some place in the Caribbean -- where unlimited data plans don't exist.

I like the idea of a Guest Access. Maybe a bandwidth, safety valve, preventing video downloads and a nanny program to boot.

[Tim R.]

Quote:

Originally Posted by bdbcat

TimR...

I'd like to understand technically how a spoofed Google page could install a keylogger, if you have "normal" browser security settings. Seems a stretch to me.

Any specific links you could send me to?

Thanks
Dave

Without going into too many specifics, the hacker's router hands out IP address, DNS and gateway. He could set the DNS to his computer with an entry for Google.com which he has running as a website on his computer. You enter "anchor" as a search term and he displays a list of matches on his google website that appear to be legitimate but actually link to a key logger install. He could also be running a proxy to forward you through to any other website to make it look legitimate.

This does not guarantee that you would go through with the installation but some users are not as savvy as others.

[goboatingnow]

Quote:

Originally Posted by gonesail

as long as you are on a secure socket connection (known as https or SSL) then there is no way in hell your data can be decrypted by anyone anywhere in the world

Ssl has been broken

Apples but was more about the SSL certificate verification. process. To exploit the vulnerability a man-in-the-middle attacker would have to duplicate the receipent web site. As it is some many sites have non verified or out of date Certs anyway

Dave


Sent from my iPad using Tapatalk

[Lake-Effect]

I had a bit more trust in SSL, but after articles like this, maybe I have to reconsider. I have used VPNs for work, haven't thought to have one personally, but I may in future.

There are a number of common-sense steps you can take to minimize your risks:

• protect your $%^# computer. Don't let the older kids use your main computer. Nothing infects a computer faster than teenagers. My nieces' computers when they were at university? Fuggedaboudit.
• To help keep your computer clean, understand what anti-virus and firewall programs do and use them.
• The majority of successful attacks happen to people who install untrusted/cracked applications, which is essentially letting thieves in by the front door
• Have a dedicated charge card with a lower limit that you use mainly for online transactions. It's easier to monitor and if it's ever intercepted, there's a cap on the maximum loss.
• Use a VPN. I currently don't, but if I was cruising, i think I would.
• If you're uncertain about the "safety" of a wifi connection, avoid using it to access critical things like banking. Hold off til you can get to somewhere you trust more.

Keeping the above in mind, I'm not especially afraid of doing some transactions over most wifi's and I haven't yet suffered a loss from online activity.

[belizesailor]

Nothing is hack-proof, but I always run a VPN to make it more difficult to hack when doing important transactions.

[goboatingnow]

Quote:

Originally Posted by belizesailor

Nothing is hack-proof, but I always run a VPN to make it more difficult to hack when doing important transactions.

VPNs are of little use in mainstream web applications mainly because the web sever is not accessible using a VPN. Simply running one to another endpoint defeats the whole purpose.

Security breaches are totally over hyped. Ive been buying online for more then a decade and a half now. I've had one attempt at fraud, which my credit card companies security software picked up. With chip and PIN and now contactless becoming common, most fraud is Card holder not present fraud and you are 100% protected there.

If someone is hacking SSL or some other serious encryption like AES /Wpa2 then you have far more serious problems then protecting your vintage 60s porn collection. The trucks parked outside with sat domes and men talking Into their wrists might also be a hint that all is not well.

The protection offered to online buyers by major credit cards is such that you are virtually 100% from fraud. In most cases it's actually the retailer who actually takes the hit, not you a the credit card company's just take the disputed amount out of the merchants account at the drop of a hat.

Nothing is hack proof , but many systems are" effectively " hack proof. By the way , but the main protection is the fact that you are inconsequential and nobodies interested

Dave


Sent from my iPad using Tapatalk

[belizesailor]

Quote:

Originally Posted by goboatingnow

VPNs are of little use in mainstream web applications mainly because the web sever is not accessible using a VPN. ...

Huh? I use a VPN service with many "mainstream" sites/apps. About half a dozen financial institutions. Running a VPN now in fact.

[sailorboy1]

I look at unsecured WiFi networks to be like talking on your phone in public places. Anyone around can hear it so be careful what you say.

[goboatingnow]

Quote:

Originally Posted by belizesailor

Huh? I use a VPN service with many "mainstream" sites/apps. About half a dozen financial institutions. Running a VPN now in fact.

again very few public servers are accessible via VPN, most use HTTPS/SSL, which is in fact a VPN albeit a single session.


dave

[hoolie]

In the UK BT ADSL routers have a guest access system they used to call Openzone, now called BT Wi-fi.
But it's only available to BT subscribers and the owner of the router has to enable the service.
It's a good concept but we've tried using it and it's pretty well impractical driving round looking for one of their hotspots. Better to use MacDonalds or whatever.

[tomfl]

Easy solution to address your security issues. Can be run from a key drive and very hard to hack. Those linux boys are so cute

Damn Small Linux

[colemj]

Quote:

Originally Posted by goboatingnow

Security breaches are totally over hyped. Ive been buying online for more then a decade and a half now. I've had one attempt at fraud, which my credit card companies security software picked up. With chip and PIN and now contactless becoming common, most fraud is Card holder not present fraud and you are 100% protected there.

I agree. I have had my CC taken 3 times because others have gained access to it from my use of it online.

Each time was because hackers gained access to the merchant's database (like the recent Target example in the US), not because they picked up my info directly from me using keyloggers, man-in-middle attacks, sniffers, etc.

While the big data breaches like the Target one sometimes get publicized, there seems to be almost daily breaches of smaller companies that do not. In the past couple of years, I must have received a dozen notices that "there may have been some irregularities with our data handling that may have exposed your credit card information". Right now, I have 3 subscriptions to credit monitoring services that were given to me by retailers who have been compromised.

IMO, that is where the big problem lies.

Mark