Re: Nothing is sacred... in http://www.dslreports.com/forum/r22124126 en Wed, 10 Feb 2010 04:50:32 EDT Wed, 10 Feb 2010 04:50:32 EDT Re: Nothing is sacred... http://www.dslreports.com/forum/remark,22146379 sapo : No, it's just expensive.]]> http://www.dslreports.com/forum/remark,22146379 Sun, 29 Mar 2009 03:36:37 EDT Re: Nothing is sacred... http://www.dslreports.com/forum/remark,22140946 DJMASACRE :
said by Doctor Olds See Profile :

Because it is 100% true and accurate. If you connect to and then use a Wireless Network without the prior express permission of the owner of that Network then you are a thief performing an illegal act that is punishable under the Law.
Which Law section is that again ?]]> http://www.dslreports.com/forum/remark,22140946 Fri, 27 Mar 2009 21:30:37 EDT Re: Nothing is sacred... http://www.dslreports.com/forum/remark,22137334 Doctor Olds :
said by DJMASACRE See Profile :

said by aefstoggaflm See Profile :

said by dcurrey See Profile :

I am in range of 3 wireless networks. 2 of them are close enough to connect to. Even logged into routers. Guess I should change the default password for them at least.
I would not do that, if I were you.

Because connecting to another network that you do not own is illegal.
where do you people get this shit

its not illegal, you are not breaking in .
Because it is 100% true and accurate. If you connect to and then use a Wireless Network without the prior express permission of the owner of that Network then you are a thief performing an illegal act that is punishable under the Law.
--
What’s the point of owning a supercar if you can’t scare yourself stupid from time to time?]]> http://www.dslreports.com/forum/remark,22137334 Fri, 27 Mar 2009 10:24:00 EDT Re: Nothing is sacred... http://www.dslreports.com/forum/remark,22133790 hottboiinnc : it's better than nothing and your regular next door neighbor isn't going to know how to crack it.]]> http://www.dslreports.com/forum/remark,22133790 Thu, 26 Mar 2009 16:35:36 EDT Re: Nothing is sacred... http://www.dslreports.com/forum/remark,22127644 k1ll3rdr4g0n :
said by damonlab See Profile :

said by k1ll3rdr4g0n See Profile :

If you leave the door open to your house, does that give the right to walk in and out as I please?
said by k1ll3rdr4g0n See Profile :

Is it legal for me to walk in your house and turn on your faucet to fill my glass with water that you pay for?
The discussion is about computers and wireless networks. Discussion of houses, doors, faucets, and glasses of water is an entirely different topic that is not applicable to computers and wireless networks.
Isn't that a Red Herring? This is the one place that is very easy to point out fallacies in people's "arguments". It's so much fun :).

Not to lead this down a off topic thread. But for the kids following at home what I was used was called an anology, a defense lawyer (or an argument that a District attorney) can use in the court room that is filled with the accused peers.]]> http://www.dslreports.com/forum/remark,22127644 Wed, 25 Mar 2009 15:50:47 EDT Re: Nothing is scared... http://www.dslreports.com/forum/remark,22127231 aefstoggaflm :
said by TomClancy See Profile :

DD-WRT makes you change your password and your username before you can change any settings in the router.
That is half correct / half wrong.

In the newer ones it does. In the older ones, well you get the point...
--
Please use the "yellow (IM) envelope" to contact me and please leave the URL intact.]]> http://www.dslreports.com/forum/remark,22127231 Wed, 25 Mar 2009 14:49:27 EDT Re: Nothing is sacred... http://www.dslreports.com/forum/remark,22127211 aefstoggaflm :
said by PapaMidnight See Profile :

said by aefstoggaflm See Profile :

said by dcurrey See Profile :

I am in range of 3 wireless networks. 2 of them are close enough to connect to. Even logged into routers. Guess I should change the default password for them at least.
I would not do that, if I were you.

Because connecting to another network that you do not own is illegal.
That's not entirely accurate.

First of all, there's no federal law as of yet of such and such cases are being handled on either a state by state or municipality by municipality case basis.

Secondly, connecting to another network you do not known is not illegal. "Maliciously" connecting to another network you do not own is illegal.

Additionally, Simply the wording alone of what you stated is too broad and makes the entire premise of the internet illegal, after all, aren't you merely "connecting to another network that you do not own"?
Ok, I will correct my self...

Because connecting to another network that you do not own and you do not have permission to connect to, is illegal.

^^

Does that make you happy?
--
Please use the "yellow (IM) envelope" to contact me and please leave the URL intact.]]> http://www.dslreports.com/forum/remark,22127211 Wed, 25 Mar 2009 14:46:10 EDT Re: Nothing is scared... http://www.dslreports.com/forum/remark,22127060 kpatz :
said by Noah Vail See Profile :

The interesting thing will be how we deal with it. With a PC virus, we update our virus defs and maybe scan the system. Then we forget about it.

With this, we'd have to update the firmware, to either treat or prevent infection. That will mean having to enter our settings from scratch. That's a pain.
From what I've read, at present this malware doesn't touch the firmware, instead it loads into (volatile) RAM and runs from there; thus, it's gone as soon as you powercycle the router.

So, if something gets infected, just disconnect it from the WAN, powercycle it, then change the password to something stronger and/or disable telnet/ssh, plug it back in, and you're set.
--
To ISPs: Leave our ports alone! If I want ports blocked, I'll do it myself, thank you.]]> http://www.dslreports.com/forum/remark,22127060 Wed, 25 Mar 2009 14:20:36 EDT Re: Nothing is scared... http://www.dslreports.com/forum/remark,22125380 Eat Me :
said by Noah Vail See Profile :

There is no evidence that an available SSID causes any significant security risk, in and of itself. It's weak or non-existent encryption; weak or non-existent passwords that make or break a routers security.
That is quite true. However, I believe his point was that one of the default SSIDs is usually a tip off that the router was never configured away from its default and is most likely still wide open.

Most non-savvy users will just buy a wireless router in a store, plug it in and once it works they're happy.]]> http://www.dslreports.com/forum/remark,22125380 Wed, 25 Mar 2009 10:05:57 EDT Re: Nothing is scared... http://www.dslreports.com/forum/remark,22124345 sivran : I think his point was the owners never bothered to change the defaults. We all know SSID hiding and MAC filtering are useless. ;)]]> http://www.dslreports.com/forum/remark,22124345 Wed, 25 Mar 2009 02:11:45 EDT Re: Nothing is sacred... http://www.dslreports.com/forum/remark,22124194 TomClancy : I don't, I guess as long your password is not hard to guess and you limit the number of wrong passwords entered you'll be fine.
--
Freedom isn't free!]]> http://www.dslreports.com/forum/remark,22124194 Wed, 25 Mar 2009 01:11:12 EDT Re: Nothing is scared... http://www.dslreports.com/forum/remark,22124185 TomClancy : DD-WRT makes you change your password and your username before you can change any settings in the router.
--
Freedom isn't free!]]> http://www.dslreports.com/forum/remark,22124185 Wed, 25 Mar 2009 01:08:03 EDT Re: Nothing is sacred... http://www.dslreports.com/forum/remark,22124134 DJMASACRE :
said by aefstoggaflm See Profile :

said by dcurrey See Profile :

I am in range of 3 wireless networks. 2 of them are close enough to connect to. Even logged into routers. Guess I should change the default password for them at least.
I would not do that, if I were you.

Because connecting to another network that you do not own is illegal.
where do you people get this shit

its not illegal, you are not breaking in . ]]> http://www.dslreports.com/forum/remark,22124134 Wed, 25 Mar 2009 00:56:52 EDT Re: Nothing is sacred... http://www.dslreports.com/forum/remark,22124126 DJMASACRE :
said by Eat Me See Profile :

It's our plug and play culture. People just want to plug in things and have them work.

Security? What's that?
ya just like... watching stupid tv shows without actually thinking about if its actually a good show. ]]> http://www.dslreports.com/forum/remark,22124126 Wed, 25 Mar 2009 00:55:48 EDT Re: Nothing is sacred... http://www.dslreports.com/forum/remark,22124005 Kearnstd : what is needed is something like SIM cards for wifi, and the router would have a little slot in it for programing the cards. buy a new wifi gadget it has a little SIM slot, you pop out the card, slide it into the router and push the "secure" button, card is programed, place in device and off you go.

on initial setup the router would only ask for what you want the network name to be. it would internally setup the rest and the cards would be programed with the right info.

main and glaring hole of course with this is connecting to networks other then your own. but im sure a userfriendly work around could be done, im thinking a "travel mode" switch that would disconnect the SIM(so that someone couldnt try and DL its data when on say a coffee shop network).

but maybe i am thinking too much into wireless security for absolute idiots.
--
[65 Arcanist]Filan(High Elf) Zone: Broadband Reports]]> http://www.dslreports.com/forum/remark,22124005 Wed, 25 Mar 2009 00:29:27 EDT Re: Nothing is sacred... http://www.dslreports.com/forum/remark,22123673 Noah Vail :
said by PapaMidnight See Profile :

said by en102 See Profile :

I personally use Ethernet over powerline - HDX101 200Mbps bridge. Better range, more stable, and doesn't mess up with my bluetooth.
Also expensive as hell.
»www.jr.com/netgear/pe/NTG_HDX101/ -$66.94 ea delivered.

You ARE on a tight budget.

NV
--
In my perfect religion, a giant hole appears and sucks up all the lousy people.
I call it the Crapture.]]> http://www.dslreports.com/forum/remark,22123673 Tue, 24 Mar 2009 23:16:21 EDT Nothing is scared... http://www.dslreports.com/forum/remark,22123663 Noah Vail : There is no evidence that an available SSID causes any significant security risk, in and of itself. It's weak or non-existent encryption; weak or non-existent passwords that make or break a routers security.

I manage dozens of routers that fall squarely in the zone for this bot. They're all running dd-wrt. I use MAC filtering and TPIK enhanced WPA2. My passwords are sufficiently strong, so I don't worry about having telnet and http access available via the web/LAN.

They're not going to get infected by this thing; not one.

However, I'm tempted to throw one out there as a honeypot so I can get a look at this bug.

The interesting thing will be how we deal with it. With a PC virus, we update our virus defs and maybe scan the system. Then we forget about it.

With this, we'd have to update the firmware, to either treat or prevent infection. That will mean having to enter our settings from scratch. That's a pain.

For giggles I stopped by the dd-wrt forums to see what they make of the bug and I found a grand total of 1 thread w/ 2 posts; neither by a mod. I had hoped for something a bit more proactive. Perhaps after enough news blurbs connecting their firmware with the bot, they'll feel a bit more attentive.

NV
--
In my perfect religion, a giant hole appears and sucks up all the lousy people.
I call it the Crapture.]]> http://www.dslreports.com/forum/remark,22123663 Tue, 24 Mar 2009 23:12:36 EDT Re: Nothing is sacred... http://www.dslreports.com/forum/remark,22123304 damonlab :
said by k1ll3rdr4g0n See Profile :

If you leave the door open to your house, does that give the right to walk in and out as I please?
said by k1ll3rdr4g0n See Profile :

Is it legal for me to walk in your house and turn on your faucet to fill my glass with water that you pay for?
The discussion is about computers and wireless networks. Discussion of houses, doors, faucets, and glasses of water is an entirely different topic that is not applicable to computers and wireless networks.]]> http://www.dslreports.com/forum/remark,22123304 Tue, 24 Mar 2009 21:57:24 EDT Re: Nothing is sacred... http://www.dslreports.com/forum/remark,22122753 james :
said by k1ll3rdr4g0n See Profile :

If you leave the door open to your house, does that give the right to walk in and out as I please?
No, but if you lived around here someone would close the door for you if it seemed the right thing to do. I've closed my neighbors backyard gate and back door many times when the dog has opened it (smart dog). Yeah, it's trespassing, but intent has more to do with criminal charges than you seem to realise.]]> http://www.dslreports.com/forum/remark,22122753 Tue, 24 Mar 2009 20:20:21 EDT Re: Nothing is sacred... http://www.dslreports.com/forum/remark,22122459 k1ll3rdr4g0n :
said by PapaMidnight See Profile :

said by aefstoggaflm See Profile :

said by dcurrey See Profile :

I am in range of 3 wireless networks. 2 of them are close enough to connect to. Even logged into routers. Guess I should change the default password for them at least.
I would not do that, if I were you.

Because connecting to another network that you do not own is illegal.
That's not entirely accurate.

First of all, there's no federal law as of yet of such and such cases are being handled on either a state by state or municipality by municipality case basis.

Secondly, connecting to another network you do not known is not illegal. "Maliciously" connecting to another network you do not own is illegal.

Additionally, Simply the wording alone of what you stated is too broad and makes the entire premise of the internet illegal, after all, aren't you merely "connecting to another network that you do not own"?
Lets start our own lawyer firm :).

But in all reality, connecting to a network that you do not have authorization for is most likely illegal as its not *your* network. If you leave the door open to your house, does that give the right to walk in and out as I please?
As far as using network resources, that is illegal - revisiting the concept of the open door. Is it legal for me to walk in your house and turn on your faucet to fill my glass with water that you pay for? Even if you have access to a system, resource, or wireless router does NOT mean you have authorization to use said items. Accessing a system, resource, or wireless router without authorization IS illegal.]]> http://www.dslreports.com/forum/remark,22122459 Tue, 24 Mar 2009 19:23:31 EDT Re: Nothing is sacred... http://www.dslreports.com/forum/remark,22122268 PapaMidnight :
said by hottboiinnc See Profile :

True. But ISPs could do "rebates" like ATT does for Wireless Routers. All 2Wire routers come with some sort of WEP or other security setting turned on. Each is also different for each router. And they print the code bottom next to the MAC address.
You aren't seriously suggesting WEP is "security"? :P
Though I have seen cases, especially with people still using old 802.11b equipment - though they may have g routers (And why replace it? It works for them) - be limited to using WEP.]]> http://www.dslreports.com/forum/remark,22122268 Tue, 24 Mar 2009 18:47:56 EDT Re: Nothing is sacred... http://www.dslreports.com/forum/remark,22122256 PapaMidnight :
said by en102 See Profile :

I personally use Ethernet over powerline - HDX101 200Mbps bridge. Better range, more stable, and doesn't mess up with my bluetooth.
Also expensive as hell.]]> http://www.dslreports.com/forum/remark,22122256 Tue, 24 Mar 2009 18:45:29 EDT Re: Nothing is sacred... http://www.dslreports.com/forum/remark,22121446 hottboiinnc : thats also what i said. ATT does this with 2-Wire]]> http://www.dslreports.com/forum/remark,22121446 Tue, 24 Mar 2009 16:15:09 EDT Re: Nothing is sacred... http://www.dslreports.com/forum/remark,22121079 Kearnstd :
said by PapaMidnight See Profile :

said by aefstoggaflm See Profile :

said by dcurrey See Profile :

I am in range of 3 wireless networks. 2 of them are close enough to connect to. Even logged into routers. Guess I should change the default password for them at least.
I would not do that, if I were you.

Because connecting to another network that you do not own is illegal.
That's not entirely accurate.

First of all, there's no federal law as of yet of such and such cases are being handled on either a state by state or municipality by municipality case basis.

Secondly, connecting to another network you do not known is not illegal. "Maliciously" connecting to another network you do not own is illegal.

Additionally, Simply the wording alone of what you stated is too broad and makes the entire premise of the internet illegal, after all, aren't you merely "connecting to another network that you do not own"?
another thing to add to yours is that if it where 100% illegal to connect to wifi that isnt yours then 1000s of windows users would be guilty without pushing a button. i have seen winXP laptops that see default SSID'd WLANs with no security and just autoconnect with no user input.
--
[65 Arcanist]Filan(High Elf) Zone: Broadband Reports]]> http://www.dslreports.com/forum/remark,22121079 Tue, 24 Mar 2009 15:13:06 EDT Re: Nothing is sacred... http://www.dslreports.com/forum/remark,22121069 Eat Me :
said by hottboiinnc See Profile :

True. But ISPs could do "rebates" like ATT does for Wireless Routers. All 2Wire routers come with some sort of WEP or other security setting turned on. Each is also different for each router. And they print the code bottom next to the MAC address.
They could but they don't. They could also do like Verizon and offer their own routers free with the install. But even Verizon leaves the default WEP kep open.

What they could do (someone else suggested this) is simply make the password unique for each router, such as the serial number.]]> http://www.dslreports.com/forum/remark,22121069 Tue, 24 Mar 2009 15:11:19 EDT Re: Nothing is sacred... http://www.dslreports.com/forum/remark,22121011 hottboiinnc : True. But ISPs could do "rebates" like ATT does for Wireless Routers. All 2Wire routers come with some sort of WEP or other security setting turned on. Each is also different for each router. And they print the code bottom next to the MAC address.]]> http://www.dslreports.com/forum/remark,22121011 Tue, 24 Mar 2009 14:57:57 EDT Re: Nothing is sacred... http://www.dslreports.com/forum/remark,22120913 en102 : Every day, I pass by dozens unsecured open WiFi connections.
Similarly, I pass by hundreds of secured (default naming 2WIRE-xxx) wifi routers. It fills up the screen on my HTC Tilt.

I personally use Ethernet over powerline - HDX101 200Mbps bridge. Better range, more stable, and doesn't mess up with my bluetooth.
--
Canada = Hollywood North]]> http://www.dslreports.com/forum/remark,22120913 Tue, 24 Mar 2009 14:39:51 EDT Re: Nothing is sacred... http://www.dslreports.com/forum/remark,22120786 PapaMidnight :
said by Eat Me See Profile :

It's our plug and play culture. People just want to plug in things and have them work.

Security? What's that?
Heh, 5 networks in range of me at home are still carrying the SSID's:
linksys
d-link
belkin
eHome]]> http://www.dslreports.com/forum/remark,22120786 Tue, 24 Mar 2009 14:16:18 EDT Re: Nothing is sacred... http://www.dslreports.com/forum/remark,22120778 PapaMidnight :
said by SSX4life See Profile :

um..... i've got DDWRT v. 24 but no defaults and a fairly heavy password.

should I disable SSH even though I use it from time to time? =/
Yes. I'd suggest just using a VPN and Telnet. I used to keep a PPTP server open for myself.]]> http://www.dslreports.com/forum/remark,22120778 Tue, 24 Mar 2009 14:15:32 EDT Re: Nothing is sacred... http://www.dslreports.com/forum/remark,22120773 PapaMidnight :
said by aefstoggaflm See Profile :

said by dcurrey See Profile :

I am in range of 3 wireless networks. 2 of them are close enough to connect to. Even logged into routers. Guess I should change the default password for them at least.
I would not do that, if I were you.

Because connecting to another network that you do not own is illegal.
That's not entirely accurate.

First of all, there's no federal law as of yet of such and such cases are being handled on either a state by state or municipality by municipality case basis.

Secondly, connecting to another network you do not known is not illegal. "Maliciously" connecting to another network you do not own is illegal.

Additionally, Simply the wording alone of what you stated is too broad and makes the entire premise of the internet illegal, after all, aren't you merely "connecting to another network that you do not own"?]]> http://www.dslreports.com/forum/remark,22120773 Tue, 24 Mar 2009 14:14:06 EDT Re: Nothing is sacred... http://www.dslreports.com/forum/remark,22120645 Eat Me :
said by pnh102 See Profile :

Probably because there's no real incentive to do so. ISPs won't disconnect users who do not take security seriously.
That's because they'd lose 3/4 of their customer base. ISPs these days cater primarily to non computer savvy people. Unfortunately we the computer savvy folks get lumped in with them too. ]]> http://www.dslreports.com/forum/remark,22120645 Tue, 24 Mar 2009 13:53:37 EDT Re: Nothing is sacred... http://www.dslreports.com/forum/remark,22120471 pnh102 :
said by SSX4life See Profile :

should I disable SSH even though I use it from time to time? =/
Personally I use a VPN to get into my home network. I used to have SSH open when I had a linux box on the other end but I disabled root logins and had a pretty strong password for the other accounts. I never had a problem.
--
Blagojevich / Madoff 2012!]]> http://www.dslreports.com/forum/remark,22120471 Tue, 24 Mar 2009 13:26:38 EDT Re: Nothing is sacred... http://www.dslreports.com/forum/remark,22120444 SSX4life : um..... i've got DDWRT v. 24 but no defaults and a fairly heavy password.

should I disable SSH even though I use it from time to time? =/
--
»www.google.com is your best friend... please use it before asking your question.]]> http://www.dslreports.com/forum/remark,22120444 Tue, 24 Mar 2009 13:21:30 EDT Re: Nothing is sacred... http://www.dslreports.com/forum/remark,22120440 aefstoggaflm :
said by dcurrey See Profile :

I am in range of 3 wireless networks. 2 of them are close enough to connect to. Even logged into routers. Guess I should change the default password for them at least.
I would not do that, if I were you.

Because connecting to another network that you do not own is illegal.
--
Please use the "yellow (IM) envelope" to contact me and please leave the URL intact.]]> http://www.dslreports.com/forum/remark,22120440 Tue, 24 Mar 2009 13:21:04 EDT Re: Nothing is sacred... http://www.dslreports.com/forum/remark,22120428 pnh102 :
said by S_engineer See Profile :

Why don't people change the defaults....I guess alpha-numeric is too big of a concept to grasp!
Probably because there's no real incentive to do so. ISPs won't disconnect users who do not take security seriously.

However, most off-the-shelf routers have these ports plugged by default. The same usually goes for remote access to the router. In most cases, someone would have to go out of their way to open these ports or enable remote web access to a router.
--
Blagojevich / Madoff 2012!]]> http://www.dslreports.com/forum/remark,22120428 Tue, 24 Mar 2009 13:18:12 EDT Re: Nothing is sacred... http://www.dslreports.com/forum/remark,22120390 dcurrey : I am in range of 3 wireless networks. 2 of them are close enough to connect to. Even logged into routers. Guess I should change the default password for them at least.]]> http://www.dslreports.com/forum/remark,22120390 Tue, 24 Mar 2009 13:11:54 EDT Re: Nothing is sacred... http://www.dslreports.com/forum/remark,22120389 Eat Me : It's our plug and play culture. People just want to plug in things and have them work.

Security? What's that?]]> http://www.dslreports.com/forum/remark,22120389 Tue, 24 Mar 2009 13:11:51 EDT Nothing is sacred... http://www.dslreports.com/forum/remark,22120373 S_engineer : Why don't people change the defaults....I guess alpha-numeric is too big of a concept to grasp!]]> http://www.dslreports.com/forum/remark,22120373 Tue, 24 Mar 2009 13:09:55 EDT