fatmanskinny
Premium
join:2004-01-04
Wandering
 ·Comcast Digital Vo..
 ·Comcast
1 edit | It's amazing....
how so many people leave their networks unsecured. I was just checking out the settings on a nearby wireless router... the 2nd in about a month without having the default password changed.
I didn't screw around with it as "hacking" is not my thing. However, it astounds me that no one changes this stuff out of the box, making way for cybercrime to be even more rampant.
--
The only place where Success comes before Work is in the dictionary. |
|
jgkolt
Premium
join:2004-02-21
Lakewood, OH
clubs: | linksys
the number 1 wireless internet provider out there.
--
www.LakeSemaJ.com |
|
AnonDOG
@kaballero.com
| CALEA
CALEA already requires the carrier to be able to provide CII when requested by the FED.
Carriers who provided brodband or VoIP service have until tomorrow to file forms 445 and 447 stating their level of compliance *AND* until May 12 to actually *BE* compliant.
How all that impacts the unsecured access point eludes me.
They are everywhere. |
|
raccettura
join:2002-09-28
USA
| Too true
This isn't really news, we all knew this was happening for some time. Sadly nobody really cares.
I'd question what liability the owner of the wifi device has. Since it's left open, your a by default operating a free ISP. Just because you don't charge, doesn't change the nature of the transaction.
I don't see why WiFi routers don't ship with a default randomly assigned WPA Key and SSID. Just include an insert in the packaging (inside so you have to open to see it) with the key and SSID. The only extra step for the consumer would be connecting to the said SSID and entering the WPA key. Even if they did nothing else, since it's random it would be more complicated to hack.
That solution would rid 90% of this problem, with really no major changes. While true security guru's would know MAC filtering, and changing your WPA pass often is a good idea... even the most novice users would get some level of protection.
Most people don't even know they support identity theft and child molesters.
On a sidenote...
How many of these RIAA cases are really based around this problem? Yea, you know it's a lot. Unsuspecting people just get stuck in the middle.
It's all fixable. That's the good thing.... the sad thing is it would take a miracle for the fix to be in place. |
|
Nerdtalker
Working Hard, Or Hardly Working?
Premium,MVM
join:2003-02-18
Tucson, AZ
clubs:
1 edit | reply to fatmanskinny
Re: It's amazing....
This really isn't anything new, but it's high time that people start getting concerned. Basically, using wireless access points IS the new anonymous portal to the internet. As long as you don't have any responsibility over the network, you're free to do basically whatever you want. (I realize that legally that is not the case)
Regardless, I doubt it will ever be possible to fully eliminate every single unlocked/insecure AP. My own surveys have shown that roughly 2/3rds or less of people are running any encryption, including the worthless old WEP.
Filtering isn't going to do anything in the long run, it's more of a band-aid fix than a real solution. Perhaps one of the best way to combat this for real big public "hotspots" would be to use a captive portal system that somehow requires users to disclose a real identity. This is hard, but would it be possible to say, run a credit card through and charge a paltry 1 cent? Just to establish some user history? Even that will probably fail, because users can just as easily setup their own AP (joe's wifi cafe) without any grandiose authentication.
As long as the user is mobile, it will be equally as difficult to keep any user identity identification in place. |
|
Anomus
@rr.com
| reply to fatmanskinny
This aint hacking, I turn on my wireless and it connects to my neighbors all around me. So I use it pushing 2 years now. I set their password so everyone else will stay off. So I am managing their router for them and useing there considerable excess capacity for my own purposes. And all they have to do is push their reset button to put a stop to it and they never do.
Now why do I do this? Because I use p2p and I am tired of price fixing corporations that said CD prices will fall after the technology is paid for and they never did. I am tired of big corps lobying to thro out fair use laws then suiting eveyone into bancrupcy instead of getting real court opinions about fair use. Its David against Goliath and David just got a new weapon. Its called Cantenas and WiFi and now they cant figure out which one of us to suit. Tough tity for them. Anybody that thinks you can be moral and still fight the big guys has rocks for brains.
If you like Itunes and Ipods and song libraries with restrictions and limitations then its yours. When I pluck my money down, its mine to do when ever and where ever I choose. And I won't put up with anything less. Right now p2p is the only way to conveniently get it. And with WiFi, they will never be able to find me. |
|
TKJunkMail
Enjoy the sun
Premium
join:2002-03-03
Avalon, NJ
 ·Sprint Mobile Broa..
·Comcast
| reply to Nerdtalker
said by Nerdtalker  :As long as the user is mobile, it will be equally as difficult to keep any user identity identification in place. Just like with the Vin# burned into every car(and now on many of the parts as well) sold in the US to help track car thieves, we need a system where every device capable of communicating must have a serial number that is burned into the chip and that must communicate that number before access can be given to transfer data.
And every communications capable device being sold would match its serial number or numbers with the name and address of the person buying the device. In effect you would have a national registry matching a person with the devices they own and it could track everytime that device links to a provider network.
Of course, there would be hot, stolen devices - just like there is with cars and guns. But 95% of the devices would be able to be traced back to a specific person. Of course, all the people who think they have a right to privacy will whine, but I never hear them whining about how their car can be tracked back to them.
--
--
My BLOG
My Web Page |
|
raccettura
join:2002-09-28
USA
| reply to TKJunkMail
Re: It's amazing....
This already exists in a way, each network device has a unique MAC address.
1. It can be forged/modified
2. It only lives between the first hop. So hard to track.
Fixing #2 would require a massive undertaking in changing how TCP/IP works... and cost way more than anyone would even invest. |
|
TKJunkMail
Enjoy the sun
Premium
join:2002-03-03
Avalon, NJ
·Sprint Mobile Broa..
·Comcast
| said by raccettura :This already exists in a way, each network device has a unique MAC address. 1. It can be forged/modified I was thinking about an encrypted serial number that couldn't be forged.
--
--
My BLOG
My Web Page |
|
Nerdtalker
Working Hard, Or Hardly Working?
Premium,MVM
join:2003-02-18
Tucson, AZ
clubs:
| said by TKJunkMail :I was thinking about an encrypted serial number that couldn't be forged. Sadly (or for the better), that's an illusion of wishful thinking.
Conceivably, that "serial number" should already exist in the form of a mac address, but even that isn't worth anything, at all.
As long as the user controls the product, there will remain a way for it to be tampered with, period.
The day that simple fact of logic becomes false is the day I throw my computer away, lock myself inside, and sigh myself into a catatonic state, because that day, freedom of speech and anonymity is truly dead.
--
"Some people never see the light till it shines thru bullet holes." -Bruce Cockburn
I'm testing Gmail's spam filters: Broadbandreports1@gmail.com
Spam: 12900+ messages currently using 406 MB. |
|
fiberguy
My views are my own.
Premium
join:2005-05-20 | reply to jgkolt
Re: linksys
Very original. |
|
matthew330ci
join:2005-02-10
·Comcast
| I never see them around where I live
Where I live now, in collegetown next to a major university, there are no open networks, not even 1.
At the last 2 places I used to live in, again, there were no open networks.
Maybe I just live where people are a little smarter than your average jane/joe...
 |
|
roamer1
sticking it out at you
join:2001-03-24
Atlanta, GA
clubs:
| reply to Nerdtalker
Re: It's amazing....
said by Nerdtalker :Perhaps one of the best way to combat this for real big public "hotspots" would be to use a captive portal system that somehow requires users to disclose a real identity. This is hard, but would it be possible to say, run a credit card through and charge a paltry 1 cent? Not everyone has a credit or debit card. Besides, doing something like this would probably lead to more identity theft (stealing card numbers on an even larger scale, etc.)
-SC
--
said to me: "it seems like all you ever buy is Abercrombie and cell phones"  |
|
gatorkram
Spelling and Grammer impared
Premium
join:2002-07-22
Winterville, NC
clubs: | reply to TKJunkMail
You make me sick. |
|
TKJunkMail
Enjoy the sun
Premium
join:2002-03-03
Avalon, NJ
·Sprint Mobile Broa..
·Comcast
| reply to Anomus
said by Anomus :
I set their password so everyone else will stay off. So I am managing their router for them and useing there considerable excess capacity for my own purposes.
And that is breaking the law in the US. Get caught and you can go to jail. As soon as you took that 1 step you can no longer claim you didn't hack their system.
--
--
My BLOG
My Web Page |
|
Anomus
@ameritech.net
| I cant get caught. Period. To gain access someone has to push the reset button. Then everything I did absolutely vanishes. Period. End of story. No jail, No arrest, No proof, No lawsuit. Join the invinsible army and help put an end to big corp price fixing monopoly. Dont be a naysayer, be a participator. |
|
russotto
join:2000-10-05
Collegeville, PA | reply to TKJunkMail
Wow, you're not going for half measures; you want to institute the surveillance state whole hog. You work for Fatherland Homeland Security by any chance? |
|
NormanS
Premium,MVM
join:2001-02-14
San Jose, CA
 ·Pacific Bell - SBC
| reply to Anomus
You probably won't get caught as long as you are a parasite on some poor, clueless user's W-LAN. But if he gets suspicious, and has friends who know a thing, or three, all bets are off. Even I could catch you if the owner did not press that reset button; and I am not the smartest network guru in the world.
--
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum |
|
