WARNING I am hacking your computer right now!

[Youngfox]

Well not really but just a reminder for the wireless users.
While I am aware that many on this forum are highly technical and very computer literate I am also aware that many are not.
I have heard and read about the ease with which internet signals can be gleaned from unprotected wireless routers (that are so popular these days) and that is the reason why I opted to stay “wired" . (Paranoid?- A bit).

My partner brought home a wireless laptop from work.
It is an old clunker that unlike today’s modern “wireless built in" models, still has a wireless card hanging out of the side.

Within SECONDS of starting up the wireless modem it identified several signals emanating from computer users within the complex where we live.
We were on the internet free and clear right away on somebody else’s account.

Curious, we explored a bit and found how frighteningly easy it is to track down the IP and other info identifying whose computer we were piggybacking on.

A quick Googling and rudimentary knowledge with the right equipment could have you onto these peoples hard drives in very short time.

We would not go that far, but the ease with which somebody could hack your machine with an unprotected wireless router is astounding.
In a world full of guiltless psychos you should expect that your unprotected signal IS DEFINITELY being leeched and your whole drive’s content is a few quick steps away from the adept and amoral BASICALLY UNSOPHISTICATED hacker.

So the point is if you are on a wireless router for gob sake consult your manual and be sure your router is locked down!
Enable the security features and change the “default" password first thing!

I am sure many of the more knowledgeable here could add some more useful tips as to how you might better protect yourself.

 

[dant]

It is a common mistake among those who do not take the time to read
the manual (if there is one) regarding setting up your wireless security
settings properly. Even if reading the manual, not everyone throughly
understands the technical jargon that sometimes arises as there are
old a new wireless security standards and it is indeed confusing at times.

My old wireless is WIDE OPEN by default, so I had to jump through a lot
of hoops even with my "expertise" in this area, and I had to setup an
encryption key (which is very necessary, due to cleartext passwords
passing 'over the wire', when doing things like ftp, telnet, and other
protocols often used), and then some more like entering trusted MAC
addresses. The other thing too, is if you can, to test the security of
your system(s) with attack tools to ensure that you cannot break and
enter into your otherwise "protected" systems.

I note that a LOT of people are computer illiterate, they just buy the
computer, plop in on the desk, and hammer away having fun, unaware
of the attacks until the SHTF. My Mom and Dad are such people and
so they contact me, the freebe computer guy ;)

 

[Azur]

Here's some advice on locking down your wireless access point:

- If your wireless router supports it, use WPA2. If not use WPA. If your router only supports WEP, get rid of it. You can now hack WEP within minutes with freely available tools.

- Disable broadcasting of the SSID

- Change the default SSID string to something more complicated, don't use common names.

- For all workstation, laptops, etc that connect wirelessly, install and run a personal firewall.

- If your operating system supports it, change the settings as administrator, and setup an account with little priviledges. Use this account when connecting wirelessly. Makes sure settings can only be changed by the admin account.

- Disable adhoc (point-to-point) networking (on the workstation/laptop/PDA etc..)

- Consider filtering MAC addresses


If I think of anything else, I'll post it.


[Edit] Added Mac Filtering

Cheers.

 

[ScioAgapeOmnis]

Azur, I have mine setup with no wireless security mode but to only allow select MAC addresses to connect and use the wireless network. My thought is that if they don't have the proper mac address, how could they get in? Is this a bad idea?

 

[Amelopsis]

Scio,
I'm very certain that Azur is more knowledgeable than I am on this, however the WPA is so very easily configured that I would suggest it couldn't hurt to set it up; but your thoughts on the MAC addresses seems logical to me too.

 

[dant]

If you really want to be informed on Wireless Security, please
use google search: wireless security methods

From: http://en.wikipedia.org/wiki/Wireless_security

For SAO:
=======================================
SubTitle: Counteracting Risks
MAC ID filtering security:

Most wireless access points contain some type of MAC ID filtering that allows the administrator to only permit access to computers that have wireless functionalities that contain certain MAC IDs. This can be helpful; however, it must be remembered that MAC IDs over a network can be faked. Cracking utilities such as SMAC are widely available, and some computer hardware also gives the option in the BIOS to select any desired MAC ID for its built in network capability.

This link explains a lot, and you can get more information as needed from other references and links.

You may consider that you need to do more than just "program it and forget it!" -- Sounds like a Ronco TV ad eh? ;)

 

[Azur]

Azur, I have mine setup with no wireless security mode but to only allow select MAC addresses to connect and use the wireless network. My thought is that if they don't have the proper mac address, how could they get in? Is this a bad idea?

i agree with Dant. Mac fitlering is not enough and can be faked. (Still it is always recommended in industrial applications, defense-in-depth rules here). (I had forgotten this one, and added to the list above).

Even not broadcasting the SSID is only a small preventive measure, because finding the SSID is simple since the router will respond to any blanket requests from outside with the SSID in the response.



The only real protection when using wireless is if all traffic is encrypted, and none of your computer resources are network shared.

 

[dant]

I wanted to add:

If you should need to use a wireless connection into your network, consider putting
the base station behind a firewall and NEVER directly in your inside network. Once
you have a base station, you should ensure that all other WiFi devices connecting to
the base station are secure but treat these as "Internet Traffic" because they are
exposed to public attacks, unlike physical LAN wires. Security in general is a complex
subject and it is more than just at the Wifi device itself - the WHOLE INFRASTRUCTURE
should be considered and this requires diligent research, more software, more hardware,
etc... and even then... there are no guarantees. You just hope and pray that you have
done all you can, kept up with the patches, kept up with the trends, .... and it is never
ending. I think the statement is true: "You get back exactly what you put into it." but
then again - that assumes that "the rules" are being followed by everyone. As you know,
there are "back doors" everywhere as there are hackers breaking in often. So, the question
is, how much money, time, and energy do you want to put into security? Everyone has
their price (and limits).

 

[ScioAgapeOmnis]

Yes, but also consider how likely you are to be hacked (where you are, who you are, etc), how important it is for you to spend money protecting something that might not be worth protecting. In other words, I think it's a good idea to only worry about securing that which needs to be secured, and to the extent it needs to be secured. Don't wanna lock a $2 pen in a $1000 safe etc. And thanks for the advice everyone, I've been reading some stuff and now I have some idea about encryption and wireless security. Encryption is especially interesting....

I had a thought (I know, the horror!)- we are potentially on the verge of having quantum computers. On the other hand, I read that quantum computers will pose a huge security risk because even a very simple quantum computer can potentially brute-force crack a very advanced encryption with relative ease due to immense parallel processing power. So if somebody invents a quantum computer, he would be considered possibly the biggest threat to national security of any nation. So what about all those laboratories and scientists and companies who are trying to invent one - do they not know that the minute they have one, it will be confiscated by the government? Not to mention something like nanotechnology, etc.

 

[Amelopsis]

Scio that's not entirely accurate...the protection is not just to prevent someone from breaking your 'pen' but someone might start using your pen to write all sorts of nasty business which is later attributable to you...done from within your network. This is the prevention of crimes of opportunity, not necessarily directed at your computer, but committed 'in your name' so to speak.

 

[dant]

True in a sense SAO, but then again, once hacked in, and once your computer(s) is
"corrupted", how much is your time and energy worth restore/rebuild your systems?
The more systems you have the more work it requires and the more work it requires
for you to draw upon your expertise to get it back to where it was. Also consider how
you might feel, you emotions, your anger, the "violation, personally" being done to you.
It is VERY hard to consider all of the ramifications this involves.

Consider MOM and POP, who bought a computer and then lost it all. You might think
this is no big deal that somehow they can quickly get back what they lost? Do you think
MOM and POP is gonna take the time, energy, and somehow get the "know how", to
recover what they might have lost considering no backups were performed and depending
on the severity of the damage done by the hacker? What if the hacker (1) Blew away all data,
(2) stole your identity, bank card info, personal info, etc... (3) the list is very long and varied
but I think you get the gist of it. How is all of this going to affect MOM and POP psychologically
and emotionally? Do you think it might even kill them?

I can tell you that everything is relative to the perceiver - and I can unequivocally state that
MOM, POP, or both might literally get panic attacks (and possibly heart attacks/strokes) when
they realized they have lost all the data (of which they put their "lifetime" into it). The C's warned
us of this type of attack and I saw it personally, albeit on smaller scale, when I simply changed her
computer screen from 800x600 to 1024x1024 and my mother-in-law FREAKED OUT BIG BIG TIME.
You should have seen her - she screamed: "Everything is GONE!?!? WHERE IS IT!?!? And so it took
me an hour to calm her down (she ran out of the room) and only when I restored the screen size back
to 800x600, she sllllloooowwwly regained her composure but she did not trust me again. She probably
thought of me as Hannibal Lector. It took me >2 years before she had "faith" in me. Even now, it still
remains at 800x600 and she is happy as a clam in her "world". I tell you, It was the scariest freakout
show I saw in my life and I thought it might KILL HER! I shudder to think of that day she loses her hard
disk.

So I want to draw your attention to this - what is of value to a person is more important that what
is of actual value as seen from everyone else. For example, that $2.00 pen might be worth "$2 Million
dollars" that they might be willing to invest in a $1,000 or more for security or for that "warm
and fuzzy feeling". Of course, we are taking about DATA on a computer - but I guess there is
more to it than what meets the eye. OSIT.

[edit]
Ah... you changed your response a little but that's ok. About Quantum computers - well, consider that
there are machines today, are networked together - they all share the data and processing power together
(each computer is called a node) and together represents HUGE processing power. They already have this
and they already have the power to crack passwords but not necessarily by using these systems solely.
There are *many* other ways to do the same and the easiest of all is to read the password IN THE CLEAR
TEXT due to the many protocols in use today. Simple examples are HTTP, FTP, TELNET, POP, and so on
so this is why encryption is VERY IMPORTANT! But don't be fooled - even ENCRYPTION is not a magic bullet,
it can be CRACKED! All we are doing is trying to make it more difficult for the "average joe" hacker but
by no means can we circumvent the PTB with the puny little "tools" given to us by them.

 

[ScioAgapeOmnis]

This is the prevention of crimes of opportunity, not necessarily directed at your computer, but committed 'in your name' so to speak.

Ok thanks that's a good point. But then, couldn't they just spoof my IP address and do it that way instead of having to literally break into my computer and use my computer to commit the crime?

Ah... you changed your response a little but that's ok. About Quantum computers - well, consider that
there are machines today, are networked together - they all share the data and processing power together
(each computer is called a node) and together represents HUGE processing power. They already have this
and they already have the power to crack passwords but not necessarily by using these systems solely.
There are *many* other ways to do the same and the easiest of all is to read the password IN THE CLEAR
TEXT due to the many protocols in use today. Simple examples are HTTP, FTP, TELNET, POP, and so on
so this is why encryption is VERY IMPORTANT! But don't be fooled - even ENCRYPTION is not a magic bullet,
it can be CRACKED! All we are doing is trying to make it more difficult for the "average joe" hacker but
by no means can we circumvent the PTB with the puny little "tools" given to us by them.

Actually I was talking specifically about cracking encryption and not general passwords etc. Check out this page (and the accompanying pages on the left navigation of that site):
http://www.mycrypto.net/encryption/encryption_crack.html

This is an article about how quantum computers can be used to crack encryption, and why nothing that exists on the planet today in terms of conventional computer technology (based on 1's and 0's) comes even close to the power and speed of a quantum computer in certain applications like encryption. We're talking trillions, quadrillions, (this is probably a vast underestimation because the article talks about numbers like 2^500 etc that are much too hight to actually have a name) and more times faster than the fastest supercomputers of today, or at any time using conventional circuitry.
http://www.cs.caltech.edu/~westside/quantum-intro.html
(I think the photon experiment described is fascinating, it really messes with my 3rd density mind)

Speaking of PTB though, the C"s have spoken a few times about the level of secret technology on the planet.

A: Sometimes "they" even monitor these communications. Long ago, we told you how technology now existent makes such things as phone taps, for but one example, totally, completely, and ridiculously obsolete.
Q: (L) Should I try to tell him anything, either by the phone, or by e- mail, about this?
A: Pointless.
Q: (T) You don't have to. He has to be aware of it on his own, and from what you've already told us, he's aware. The cult thing has to have really blown him away... where would that come from?
A: Assumptions. Awareness needs to be increased. And, we must tell you that "secret world government" technologies are approximately 150 years in advance of anything that you have access to.

Q: (T) Of course. Most people would say that 'cutting edge' science is 25 years ahead of what we see, and I say it is more like a hundred years, and I am even off? Cutting edge science on this planet is more like 3 or 4 hundred years ahead?
A: More like 30 to 40,000 years "ahead!"
Q: (L) Is that because of 4th density influence and information?
A: Yes.
Q: (T) 30 to 40 thousand years? Let me get that number right...
A: Yes, at least.

And 30-40 thousand years is certainly an insane number. If they are talking about that many years at today's technological pace (consider what has been accomplished in the past 100 years...), it is mind boggling...

But the group that has the 30-40 thousand yr technologies is probably higher up than the group that has the 150 yr ahead technologies, which is still higher than the group that is only 25 yrs ahead, etc. But even the last group would probably have quantum computers. And yet you see governments purchasing very expensive supercomputers today, which are made using conventional non-quantum technology, so it seems that either this is a cover to pretend that they really need them, or the level of government doing the purchasing and using those computers really have no access to the higher level technologies, like perhaps the pentagon and/or whitehouse etc. And it is that "low level" that would be all worked up about the public suddenly developing this technology first I think.

 

[Youngfox]

It is very cool that some of the more tech literate have chimed in and given some hard facts for those who compute wirelessly,
(I knew they would that‘s why I thought to post the problem here).

As to the even greater problem posed by

And 30-40 thousand years is certainly an insane number. If they are talking about that many years at today's technological pace (consider what has been accomplished in the past 100 years...), it is mind boggling…

I was thinking more toward protecting yourself from the itsy-bitsy petty tyrants firmly rooted in the 3rd D.
The facts put forward by ‘Scio’ regarding the control system types with the 4th D tech help are unavoidable and uncontrollable with what is available on a store shelf.

If someone utilizing 4th D tech wants to download your hard drive (or brain content, for that matter ), the knowledge required for protection would surely require the “work" and a state far closer to impeccable.

Good stuff though.

 

[Craig]

Oh God, wireless networking is so frustrating. I have a question for the techies: is it possible for somebody to block a signal merely from their presence? I gave my Dad the desktop having bought a wireless laptop for myself at Christmas. He hates me going near him when he's playing online poker because as soon as I walk past, the signal just completely dips... yet it stays completely normal with everybody else!

Anybody got an explanation for that?

 

[Peto]

Hi Craig,

In general, it is not possible for a person to block wireless signal from a wireless access point since the signal can reflect off other objects and get to the destination. So I have no explanation for your specific case. Maybe, your body has some particular EM property (due to the Work you've done perhaps) that causes the signal dip. Don't know if anyone else has similar experience?