WizGidget

May 18, 2011

Wireless Security Revisited

Filed under: Belton Journal, Danger! Danger!, Tips & Tricks, Warnings — pmckinley @ 8:00 AM

Recently I worked with a local client who had a relatively new wireless router that had a “guest” network feature. It’s a bit like having two wireless routers in one, because it could offer two independent SSID’s (Service Set ID, the “name” of a particular wireless network). Why would you want to do this? Imagine having two rooms, an “inside” room with all your valuables in it, and an “outside” room that only has the bare minimums. You would probably only let trusted individuals like family and maybe close friends into the room with the valuables. Someone you don’t know well would be ushered into the “guest” room with only the bare essentials. That’s how the guest network works: it allows internet access, but keeps the guest separate from your important stuff.

It would be possible with this particular router to set the “inside” wireless network to use the normal WPA (Wireless Protected Access) security measures, while setting the “guest” network to be unsecured. This would certainly make it easy for guests in your home or business to access the internet — they could just connect without bothering to put in the WPA password.

Even though they’re kept separate from your “inside” network, it’s still not a good idea to run the “guest” network without security being set. The challenge, as I’ve written about in the past, is that you can have neighbors or drive-by hackers using your network to do nasty things on the internet using your resources, and looking to the authorities as if you’re the one doing it. There was an article recently (http://wifinetnews.com/archives/2011/04/false_kid_porno_raid_gets_media_play.html – click the link in the first paragraph which is a link to the original AP article) describing an arrest made by ICE (Immigration and Customs Enforcement) where the person they arrested was guilty only of leaving their wireless network unsecured. It isn’t a crime to leave your wireless unsecured, but it sure leaves you open to abuse by ICE, FBI, or other don’t-let-civil-rights-get-in-the-way-of-crime-fighting organizations. The person in question had gotten frustrated with setting the security on his new wireless router, and almost instantly became victim to his 20-something neighbor’s taste for child pornography.

My point of view isn’t so much that I want to avoid false arrest; I just don’t want to enable spammers, pornographers and other morally disabled people by giving them free access to the internet.

There was a time when wireless routers were unsecured out-of-the-box. It seems that the manufacturers have wised up to this being a problem, and many are now shipping wireless routers with security enabled, and in many cases with tools to make it easy to add new computers and other wireless devices.

Interestingly, when I was working with the aforementioned client with the “guest” network router, I had the toughest time understanding why his laptop couldn’t “see” his other computer on the network. I finally realized that he’d set his laptop to connect to the “guest” network instead of the “inside” network, effectively blocking network traffic between the two.

January 26, 2011

Surf Safe at Public Hotspots and at Home

Filed under: Belton Journal, Danger! Danger!, Warnings — pmckinley @ 8:00 AM

You may remember me harping on wireless (WiFi) security in the past.  A surprising number of people have wireless routers set up in their home without having the WPA security set.  I have an app that runs on my smartphone that allows me to drive down the street and find “open” wireless routers that I can connect to freely without having to know a password, and most streets have several.  Since most people are also running PC’s running some version of Windows, and Windows has all the security of a butterfly net without the net, this seems pretty risky.  Granted that we live in an area that doesn’t have that many techno-geeks running around, but all it takes is one.  It doesn’t have to be someone who is acting maliciously, it could just be your neighbor “borrowing” some of your network bandwidth.  Not only are your files at risk, and your computer is at risk of damage due to viruses and other exploits that may be introduced through unfettered access to your home network, but access to your online banking accounts, email, facebook, and anything else that would be better if only you had access.

Recently there was a lot of hoopla on the internet about a new Firefox plugin called “Firesheep”.  I’m not sure why the author chose to call it “sheep,” maybe it’s because it’s like a wolf in sheep’s clothing.  In technical terms the plugin allows the user to intercept session “cookies,” which then allows the user to take over an unsuspecting victim’s web session.  A “cookie” in this context is a packet of information that is used to maintain a session with a website such as Facebook.  When you log into Facebook, the server passes your web browser a “cookie”, which your browser then uses to maintain your login session with the server.

So, let’s say you’re teenager is spending their usual 8 hours a day on Facebook.  Somewhere within 1/4 mile is another teenager who is experimenting with what he can do with his computer and manages to get a connection on your wireless network.  They then run this cool new Firesheep tool (or a long list of other freely available hacking tools) to capture the Facebook session, which they later use to start posting things they shouldn’t using YOUR teenager’s facebook account.  You’d be hard pressed to figure out how it happened, and having unauthorized stuff posted to your teen’s facebook could have very serious consequences.

Public hotspots are another place where this could happen.  Many businesses now offer free WiFi hotspots, including Starbucks, McDonalds, and even many local mom-and-pop businesses around town.  Some of them require a password, but even that doesn’t guarantee security if the security method is the older WEP protocol.  If you’re using a public PC or even your own laptop from one of these places, you’re at risk.

Now that I’ve scared the bejabbers out of you, next week we’ll talk about how to keep yourself safe at public WiFi hotspots and at home.

December 15, 2010

Disaster Recovery

Filed under: Belton Journal, Info Bytes, Tips & Tricks, Warnings — pmckinley @ 8:00 AM

A computer disaster can come in many forms.  It might be a disk failure, or the computer is lost or stolen, or you just accidentally erase or overwrite a file you needed.  I wonder how many of my readers have taken steps to deal with a computer disaster?  Making backup copies is good practice.

Traditionally, backups were done with some form of tape drive.  Most large companies still do some form of tape backup, although backup-to-disk has also become popular especially with new deduplication technology.  Backup to disk basically means the data gets copied to a secondary disk device.

These days tape technology has just about become obsolete for the typical home or small business user.  I have a two-drive tape library that holds 10 tapes, with each tape holding something like 40 to 60 Gigabytes (Gb) per tape depending on how well the data compresses (some data compresses well, other not so much).  A few years ago when a 100Gb disk drive was really huge, having 10 tapes in the library was ample capacity.  Nowadays the disk drive capacity for the typical PC has grown to the point that even my strato-geek 10 tape library is struggling to keep up.  Spouse Ann’s new PC has a 500Gb drive.  I just upgraded the disk in my laptop to 500Gb.  That’s a terabyte (Tb) of data to store on tapes that might only get 40Gb per tape — I’d need something like 25 tapes just to take one full backup if both disks were reasonably full (fortunately they’re not).  And that doesn’t include another 100Gb or so spread across two Unix servers and a Windows server that I run.

Fortunately there is a good solution available for the casual user.  Not only is the capacity of disk drives  increasing, but external disk drives have gotten quite cheap.  It’s not uncommon to find an external 1Tb disk drive that will run off your USB port for something in the range of $100.  Many of these disk drives come with backup software that is quite adequate for the casual user.

Even though I have all the fancy equipment to do backups, I still need something to use when I travel.  Recently I bought a 1Tb external drive to use for backups when I’m on the road.  I paid a bit more for it because it was a model that has a dock accessory available.  It’s about the size of a largish deck of cards.  When I’m home, I plug the drive into its dock.  When I’m on the road, I take it with me, and use a regular USB cable to connect it at night, so that backups (I use the included backup software) will be done while I sleep.  Half my brains are on my laptop, if it were destroyed or lost, I would have a really hard time supporting my clients.  Having a backup of my data means that in a worst case scenario I could go buy a new laptop and restore the important data within a day or so.

October 20, 2010

Secure your Wifi, Part I

Filed under: Belton Journal, Tips & Tricks, Warnings — pmckinley @ 1:00 AM

I have an investment property that was built in 1977.  I would have thought that even at that late date, it would have been wired for phone service, but it isn’t.  Someone came along after the home was built and snaked phone lines all over the outside of the house.  Most modern houses are pre-wired for phone service.  Around 1995 I had a house built, and rode the cutting edge — I fixed the house not just for network cable, but also made it easy to rewire the house for newer technology that might come along.  I had every major room in the house network-ready.  Some modern homebuilders build networking capability into their homes.

Hard-wired network is the best — it’s the most secure, and gets the best network speed internal to the network although the speed of the connection to the internet is usually still defined by your cable or dsl internet connection.  More commonly these days we tend to use wireless networks, called WiFi.  It’s relatively easy to set up, and you don’t need a network jack next to your computer.  You can take your laptop (or any wifi-capable device) anywhere in the house and get to the network.  This is very convenient, and way cheaper than having your house wired for network.  A good WiFi router is about as cheap as the same network switch you’d need to hook up the wired connections.

As with everything else, the WiFi has a price in addition to the dollars and cents.  The newer wireless-N can handle speed nearly that of the 100Mbs links, but they’re still not quite as fast, although since the internet speed is still limited by the cable or DSL connection, that’s usually not a problem.   The real challenge is that not only can you get to your network from just about anywhere, so can your neighbors and the strangers driving down your street. I even have a utility on my cell phone that I can use to find WiFi connections that are “open” (unsecured), just driving down the street.

“I don’t care” you may say, thinking that your internet connection is blazing fast and you don’t mind if your neighbors “borrow” a bit of your bandwidth.   The problem with that attitude is that, your neighbor’s computers may be infected with a virus that uses the network to find other computers to infect.  If you happen to have a budding computer genius living nearby, they would have full access to your network — they could potentially snoop all of your internet activity, read all your emails, etc.  The more sinister possibility is that someone in a car somewhere within a quarter mile or so of your house could use your network connection to perpetrate internet crimes such as sending out spam — which would be tracable to your network.  The first person convicted under the Can-Spam law happened to be someone who was doing his spamming via “borrowed” WiFi network (see http://articles.techrepublic.com.com/5100-22_11-5398787.html)

Next week, we’ll talk about how to fix this issue by securing your WiFi connection.

July 21, 2010

Gone Phishing

Filed under: Belton Journal, Danger! Danger!, Tips & Tricks, Warnings — pmckinley @ 12:00 AM

Phishing (pronounced “fishing”) is one of the more insidious cybercrimes going on today.  Phishing is the process of fraudulently acquiring sensitive information such as account passwords, credit card information and the like by masquerading as your bank or other trusted organization, usually by email but also by instant message, phone or other means. Phishing attempts are usually “socially engineered” to get you to do what they’re wanting.  They try to create fear in the victim, which leads them to take hasty action without closely examining the email.  Phishing goes hand-in-hand with spam, because most of the phishing attempts are done through email, and they have to get your address from somewhere.  The phishing attempts are often very well crafted, using graphics they’ve “borrowed” from legitimate websites or emails.  People who fall victim to phishing attempts are then subject to identity theft, having their bank accounts drained or fraudulent credit card charges, or even having their accounts like AOL or Facebook used to perpetrate other crimes.

Fortunately it’s fairly easy to spot phishing attempts, especially in emails.  The first clue is that often something looks fishy (pardon the pun) about the email.  Words may be misspelled or the grammar may be poor — the people who are crafting the messages are often natives of foreign countries like Poland, Romania, Russia or China.  Sometimes the name in the To: field may not be your name, or the To: field may be blank.  Another clue is that there’s something wrong with the link in the message — it doesn’t match the text or the domain name isn’t quite right.  Outlook users can check this by hovering the mouse pointer over the link in the message.  Outlook will pop up a window that shows the actual location for the link.  If the actual location doesn’t match, it’s a good bet that email is a phishing attempt.  For example, the email might show www.wizgidget.com/articles, but the actual link that the popup window will show is www.wizgidget.com.abxrt.com.pl/articles — see the difference in the domain? The “.pl” in the domain name means it’s from Poland although there’s nothing keeping them from using .com domains.  Sometimes the link will show text like “click here”, but the actual link in the popup will be an “IP” address like “http://173.201.16.100″.  Don’t be fooled by domain names that have the legitimate name imbedded, like www.paypal.com.gotcha.pl!

You may remember the discussion of using “throwaway” email addresses in both the “Can the Spam” and “Free Email” series.  This is another technique that is helpful in detecting phishing email.  If I get an email that looks like it’s coming from Paypal, but it’s to an address that I used for an online electronics vendor, I know it’s not legit.

You can find more information online about phishing.  Paypal has a lot of good information, go to www.paypal.com and look for the “Security Center” link at the top of the page.  Also see the Wikipedia.org page on phishing.  As always, this article is available online at wizgidget.com

February 8, 2010

Browser add-on security

Filed under: Danger! Danger!, News, Warnings — admin @ 4:27 PM

According to the Mozilla add-ons blog there were two Mozilla addons recently that contained trojans.  The Sothink Web Video Downloader version 4.0 and all version of Master Filer were affected.

The trojans are directed at Windows users.

The takeaway from this is that there is no substitute for having good antivirus-antispyware installed on all of your computers.  Having good, up-to-date antivirus software installed would probably have prevented either of the trojans from being installed.

The other thing is to be wary of anything you are going to install on your computer, including add-ons for browsers and such.

January 9, 2010

Typhoid Mary of the Internet

Filed under: Belton Journal, Netiquette, Tips & Tricks, Warnings — admin @ 6:56 PM

The problem is that about 1 in 20 people have a virus on their computer that collects email addresses.   When the virus finds a new email address in emails, it then targets that address with virus-infected email, trying to infect that person’s computer as well.   It also passes the address on to the virus’s author, who then sells the address to spammers.

When you send email with a bunch of addresses in the To: or Cc: fields, all those addresses are published to everyone who receives the email — including the virus.  1 in 20 means if you send the email to 20 people, you’re approaching 100% likelihood that all of those addresses will be compromised!

The same thing applies to addresses in the body of the message, or in any attachments.  They will be picked up by the virus too.

The solution is fairly simple:

  1. If you need to send an email to a bunch of people, especially people who don’t necessarily know or email one another, use the Bcc: instead of To: or Cc:.  The B in Bcc means “Blind”, which means that the recipients don’t see  the list of recipents.
  2. If you forward or reply to an email, be sure to strip out any email addresses in the body of the message you’ve included.
  3. Be sure you have a good and up-to-date virus- and spyware-scanning software on ALL your PC’s.  You don’t want to be the unwitting stoolie for the cybercriminals!
  4. When you get an email from someone who’s included zillions of people in the To: or Cc:, gently remind them that it’s a Really Bad Idea.  You may  refer them to this article by including the link http://www.wizgidget.com/typhoid.

If you think about it, this all makes good sense.  Let’s say I come across something  interesting or funny and email it to 5 of my friends.  Each of them in turn also thinks it’s worth passing on and they forward it to 100 of their friends.  500 people now have the first 6 addresses.  Then let’s say 100 of those people either like or dislike it and forward it to 100 of their friends.  Now 1500 people, mostly total strangers, have my address, along with my 5 hapless friends.  It’s about like having my email written on the walls of all the restrooms in Texas.  I don’t know about you, but I don’t want 1500 strangers to have my email address.  And the geometric progression goes on – 10% of the next round forwards it on, and 10% of the next round forwards it on.  Pretty soon everyone on the internet has my email address – including spammers, and cybercriminals.

So, don’t be the Typhoid Mary of the Internet.  Use the Bcc:, and be careful what you forward to friends, stripping out all addresses so that they don’t get propagated.  Educate your friends when they make the same mistake – it’s as easy as doing a reply-all and then move the addresses into the Bcc:, and give them the link to this article.

Update: 2010 04 09:
It’s fairly common for people to send an email to an email list such as a Yahoo! group, and copy some of their friends on the To: or Cc:.  All of the above caveats apply many times over.  For example, we participate in the Midtex Inclusive Homeschoolers Yahoo group, which has 285 members as of this posting.  The 1 in 20 rule says that there are 14 members of that group who have an email-collecting virus on their computer.  So, for a Midtex member to copy one or more of their friends on a message to the list, their friend’s email would now be compromised 14 times over, not to mention being published to 285 strangers.  Not very friendly, eh?

WizGidget

Powered by WordPress

Bad Behavior has blocked 34 access attempts in the last 7 days.