Do you believe mobile device viruses and wireless bandwidth thieves are major threats? I don't. At least not today. I installed and reviewed a Pocket PC antivirus application already two years ago and I have still not seen a Pocket PC virus that would justify the existence of Pocket PC antivirus software. Some argue that it is just a matter of time before the viruses arrive. Very likely I say, but let's not cry "wolf!" until it happens. Which brings me to "bandwidth thieves".<br /><br />The article <a href="http://www.wi-fiplanet.com/tutorials/article.php/3085251">Beware the Bandwidth Thieves</a> is one of the latest that warns us from bandwidth thieves, bandits that are willing to spend time and resources breaking into locked wireless networks. The article goes: "If you use MAC address authentication as your only security mechanism, especially if you have an 802.11b-based wireless infrastructure, it's ridiculously easy for savvy hackers to break in. The MAC (Media Access Control) address is the supposedly fixed identifier on a network client device. ... Here's the problem. Contrary to what you may believe -- and what some vendors may tell you -- the MAC address on a wireless device can be changed."<br /><br />I do see that WiFi software is getting smarter and more easily detects open networks. Pocket PC 2003 does a really good job from out-of-the-box. But properly configured and just using the simplest of lock-down settings (not broadcasting SSID, WEP and specifying MAC addresses), I doubt "bandwidth thieves" would be inclined to spend energy getting a free ride from your bandwidth. There must be easier methods of getting Internet access. I am not trying to downplay the risks if you really have sensitive information behind your firewalls, but for the average home/office network I don't see a real threat. Agree?

The biggest risk that occurs to me is that if people can get onto your wireless network, they are inside your private space, i.e. behind any firewall device you might have connecting you to the Internet.

That allows them to bypass one of the most significant barriers to attacking your system.

As you say, chances are this is only going to interest them if you have sensitive information but ... what if you have a corporate laptop that you are using at home? Someone engaged in industrial espionage might decide that it is easier to break into your laptop at home, slightly vulnerable on your home WiFi network. Once they've done that, the next possible step is over the VPN client on your laptop and into the corporate network.

Fantasy? Not really - apart from the hacking of home WiFi networks, this is what is happening whenever a remote sales person forgets to patch their laptop, gets infected by a worm and then that worm has an easy way into the corporate network.

Yes, there are ways of countering it, e.g. restricting access to devices in the corporate network, but what is harder to do is to police any WiFi installations that staff might do in their own homes. As more and more laptops come with WiFi built in, it is going to be harder to think of ways to lock these systems down.

--Philip

It's a classic case of focusing on the new concerns, and ignoring the old ones.

Articles are constantly being written criticising wireless security protocols; yet unsophisticated viruses such as SoBig can cause millions of dollars in damage in a matter of hours, simply because average people around the world don't know better than to not open executable attachments.

One out of every ten laptops is stolen, and 88% are never recovered. Over 300,000 laptops were stolen last year, at a cost of over $1,000,000,000 US dollars. Yes, billion.

Yet Gerry Blackwell finds time to write an article on people sucking a few cents of bandwidth off of your WiFi network even though you have MAC filtering, WEP, and SSID broadcast turned off.

Perspective. It's a wonderful thing. Too bad more people don't have it.

...yet unsophisticated viruses such as SoBig can cause millions of dollars in damage in a matter of hours, simply because average people around the world don't know better than to not open executable attachments.

...even though you have MAC filtering, WEP, and SSID broadcast turned off.


Speaking of perspective. I think if you look at your first paragraph on how hard it is to get your "average" user to not execute .exe from email and then think about how little your "average" user is going to know about MAC/WEP/SSID and you get a pretty clear understanding of the vulnerability.

It's nothing that keeps me up at night, but then again I'm locked down. I've seen what some people do when they set up their home networks and if I was the CIO/CSO of a company I'd be a little concerned.

Back to catching the falling sky... :lol:

so, where's a good place to learn what to do beyond MAC filtering, WEP, and SSID non-broadcast?

I don't have any encription turn on at all on my wireless network. There is no need. Where I live not many people know about this technology. And even fewer know that I have WiFi. If some kid takes the time to go out to my house then he can sit outside my bum some bandwith off me.

One out of every ten laptops is stolen, and 88% are never recovered. Over 300,000 laptops were stolen last year.

If I was the CIO/CSO of a company, I would be more concerned on this figure and trying to prevent that type of access to corporate information than I would be concerned about someone having a "weak" security home Wi-Fi connection.

But in all honesty, I think that it's still a small percentage of the people that fall under each of these categories. I just recently got a WiFi connection in my residence and the first few things we did were the mentioned items. And I'm one of the few people I know that has WiFi now. So, until it becomes more common, then I don't see a major disaster approaching.

I don't think anyone is trying to defeat wireless security just to use your bandwidth. There's much better/worse things to do behind the firewall than surf the net or spam email.

If its got WEP or MAC auth, someone could just walk across the street to find one that doesn't. APs (in this area) are that plentiful and the people using them who are very short on security knowledge is a high percentage. The time it takes to defeat security measures just to get an internet connection usually nullifies the point of making the connection, ie. quick access to the net.

If someone takes the time to break security they usually have an objective. I wouldn't think that objective would be to check the forums on PPCT. :twisted:

so, where's a good place to learn what to do beyond MAC filtering, WEP, and SSID non-broadcast?
ArsTechnica has a couple of good technical blackpapers on wireless security for the home user:


Security Practicum: Essential Home Wireless Security Practices (http://arstechnica.com/paedia/w/wireless-security-howto/home-802.11b-1.html)
Wireless Security Blackpaper (http://arstechnica.com/paedia/w/wireless/security-1.html)

Ars is a great site for just about anything PC or technology related. In fact, it's one of the very few sites that I love and visit more than PPCT! :wink:

JoshB

Good thing you mentioned it Andy. I am only using MAC filtering because I thought it was safer than WEP and did not bother to turn WEP on. :oops:

I was on a long businees trip recently I used to "borrow" bandwidth from unprotected WiFi networks. I don't have any moral issue since all I did was to check private emails and PPT website :lol: And I pay my monthly broadband subscription too!

Wouldn't it be great to have a worldwide community of "borrowed" WiFi access points? Only known people who have a broadband subscription and who are sharing their access could be part of this community. I thought about it before. But it would be quite difficult to allow only legitimate users access to your WiFi connection. That does not mean it is impossible. I have lost patience with wireless operators. Where is the promised highspeed Internet access in your Pocket? And if it happens it will probably be for a high premium. Come on, together we can do it!

You may not have a moral issue with "borrowing" bandwidth, but I, as an AP owner, am watching and logging. If you illegally use my AP for your private email I will have your login and password. Could you also check your paypal and ebay accounts while you're on?

It's gonna be hard Kaber since I use a https connection for checking mails on public access. Not the foolish :wink:

You may not have a moral issue with "borrowing" bandwidth, but I, as an AP owner, am watching and logging. If you illegally use my AP for your private email I will have your login and password. Could you also check your paypal and ebay accounts while you're on?

It's not like I have to deal with the encryption over the line the same day. It's logged. Unless you change your password I have plenty of time. And if you checked some sites that require you to log in to their forums... and you use the same password a lot...

Sure there's a lot of hypothetical. I'm just saying, it may be easy to use other peoples WiFi without permission, but it is rude, and may get you some trouble you didn't expect.

Yes, you raised a good point, unprotected WiFi networks could actually be traps setup by some hackers. So, as a precaution, no sensitive data should be transmitted on any public access.

I don't think it is rude to use other people's access point as long as it is done in an ethical way. It's not like I am hacking into poeple's netowork. The door is warmly wide opened. I hope you have your WiFi network protected if you are so concerned. And there are good reasons to be! That's why it would be nice to have some way of authentificating legitimate users and be able to relate to them in case of any unlegitimate use (like terrorists?). Yeah, it sounds impossible to do, even Echelon would possilby fail :roll:

How long is the encryption key for https? How much time would it take to crack it. Probably depends on porcessing power available? You got me curious.

... If you illegally use my AP for your private email I will have your login and password. ...
Do you mean to say you capture all traffic that comes across your network just on the off chance that somebody wanders by and "borrows" your wireless LAN? That seems a little extreme to me.

--Dave

The door is warmly wide opened. I hope you have your WiFi network protected if you are so concerned. And there are good reasons to be!

Kind of a silly arguement on your part. Does that mean that if I choose to leave my door unlocked, that you are welcome to come in, prop your feet up and watch some TV??? Heck no!!! Not even if you do it then clean up after yourself...

Leaving a network unprotected does not give you the right to use it...

Steve

You may not have a moral issue with "borrowing" bandwidth, but I, as an AP owner, am watching and logging. If you illegally use my AP for your private email I will have your login and password. Could you also check your paypal and ebay accounts while you're on?
Ehm. Paypal traffic is over an encrypted connection.

... If you illegally use my AP for your private email I will have your login and password. ...
Do you mean to say you capture all traffic that comes across your network just on the off chance that somebody wanders by and "borrows" your wireless LAN? That seems a little extreme to me.

--Dave

Of course I don't. I am being hypothetical in these posts. However, yes, there are people producing wifi "honeypots" and they ARE logging all data.

You may not have a moral issue with "borrowing" bandwidth, but I, as an AP owner, am watching and logging. If you illegally use my AP for your private email I will have your login and password. Could you also check your paypal and ebay accounts while you're on?
Ehm. Paypal traffic is over an encrypted connection.

Encryption does not erase data, it merely conceals it. Any encryption can be broken. Some takes a very very long time however.

Can anyone tell me how to change the MAC address on a PPC 5550. I have an Orinoco Classic Gold PC card and sometimes I use the built-in WNIC. Thanks for your time!

Can anyone tell me how to change the MAC address on a PPC 5550. I have an Orinoco Classic Gold PC card and sometimes I use the built-in WNIC. Thanks for your time!

This totally defies belief - How did you find a year old thread and post a question about changing MAC addresses?

To answer your question, I doubt you can change the MAC easily. Usually its a read-only, however devices can 'spoof' another mac, but usually a registry hack is needed.