Cruisers Forum
 


Join CruisersForum Today

Reply
 
Thread Tools Rate Thread Display Modes
Old 03-09-2013, 07:32   #16
Registered User
 
denverd0n's Avatar

Join Date: Jun 2008
Location: Tampa, FL
Posts: 3,953
Images: 6
Re: Can we dispel this WiFi myth?

No, we can't dispel it, because it is not a myth.

Just because the odds of having something stolen are relatively low, that doesn't make it a myth. Just because it has never happened to you, that doesn't make it a myth.

Securing your wifi connection is not the be-all and end-all of internet security. No one has ever said that it is. But it is, in fact, one more layer of security that makes it that much more difficult for someone who wants to steal your information.

Frankly, calling this a "myth" is a bit like saying that locking the front door to your house--as a means of deterring burglars--is a "myth." Locking your front door does not guarantee that you'll NEVER be burglarized. Everyone understands that. Leaving your door unlocked does not guarantee that you WILL be burglarized. Everyone understands that, too. But locking your door is still a reasonable layer of security to add to your home.

And just like not locking your front door is a bit foolish, so is not securing your wifi connection when you are able to.
__________________

__________________
denverd0n is offline   Reply With Quote
Old 03-09-2013, 07:41   #17
Registered User
 
svseachange's Avatar

Join Date: Aug 2012
Location: East Coast of Australia
Boat: Custom Steel 43 ft
Posts: 781
Re: Can we dispel this WiFi myth?

Quote:
Originally Posted by goboatingnow View Post
First what you call secure wifi are wifi that implement encryption, wep , wpa etc result In encrypted wireless traffic. Hence such traffic is actually more secure then cabled networks.
Huh? I am not sure where you go that from my post. I was simply using the word "secure" to differentiate between open WiFi networks and private WiFi networks protected by WPA etc. That's the word used by many cruisers.
If people want encryption they should use https (SSL). It really has nothing to do with WiFi.

Quote:
Originally Posted by goboatingnow View Post
It's not an access control system per say as there is no way to control individual users.
I did not say the private WiFi network users were controlling individual users. The owner of a private WiFi network is limiting the number of users, hence making more service (usually bandwidth) available to the authorized users.

Quote:
Originally Posted by goboatingnow View Post
The assignment of public IPs has nothing to do with wifi encryption. In almost all cases due to the scarcity of public ipV4 address space., you will be behind a NAT ( network address translation) and hence be handled out a private non routable IP address ( like 192.168.x.x )
Again, I was not talking about encryption. My point is public IP addresses are simply less secure than private non routable IP addresses. Even open ("non-secure") WiFi networks usually use NAT.
__________________

__________________
svseachange is offline   Reply With Quote
Old 03-09-2013, 07:49   #18
Registered User
 
svseachange's Avatar

Join Date: Aug 2012
Location: East Coast of Australia
Boat: Custom Steel 43 ft
Posts: 781
Re: Can we dispel this WiFi myth?

Quote:
Originally Posted by denverd0n View Post
No, we can't dispel it, because it is not a myth.
The problem is the risk is blown out of proportion. The risks of using most open WiFi networks are for all intensive purposes, insignificant. The alarmist posts about WiFi cause people to engage in much riskier behavior like using Internet cafe computers.

The easy solution is to always use https (SSL) and ensure your computer had a firewall and antivirus software. That is what we should be talking about.
__________________
svseachange is offline   Reply With Quote
Old 03-09-2013, 07:55   #19
Registered User
 
Teknav's Avatar

Join Date: Jul 2012
Location: Texas - USA
Boat: Twin Otter de Havilland Floatplane
Posts: 1,838
Re: Can we dispel this WiFi myth?

When purchasing on-line or going out to dinner, I use a credit card with a low credit line limit; intentionally requested a low limit of $500 USD. Before replenishing it, I check the transactions posted to it; 2-3 times/month. Never had any issues with someone stealing my numbers and trying to charge thousands of dollars. All my on-line transactions must go through a HTTPS website.

Mauritz
__________________
Retired - Don't Ask Me To Do A Damn Thing!
Teknav is offline   Reply With Quote
Old 03-09-2013, 08:23   #20
Registered User

Join Date: Mar 2013
Boat: 45' CC ketch
Posts: 332
Re: Can we dispel this WiFi myth?

Quote:
Originally Posted by captain58sailin View Post
Does using a VPN keep you anymore secure on a unsecured public Wi Fi network?
Absolutely yes. No matter how unsecure is a network, VPN is your very own, private, fully-encrypted channel of data transfer. They can intercept the data but that would not give them anything because they are all encrypted. If you are worrying about security, VPN is a way to go, and then you can connect using ANY network no matter how "unsecure" it is.

Oh and if you think that using SSL (i.e. connecting using https protocol) means you are safe, you should learn about "ssl hijacking"
__________________
Sea Frog is offline   Reply With Quote
Old 03-09-2013, 08:27   #21
Wayfaring Mariner
 
captain58sailin's Avatar

Cruisers Forum Supporter

Join Date: Mar 2009
Location: Homer, AK is my home port
Boat: Skookum 53'
Posts: 4,045
Images: 5
Re: Can we dispel this WiFi myth?

Okay, thanks for the info. I used to use a VPN, then they went out of business. So I guess I can start searching for another.
__________________
" Wisdom; is your reward for surviving your mistakes"
captain58sailin is offline   Reply With Quote
Old 03-09-2013, 08:34   #22
Senior Cruiser
 
rebel heart's Avatar

Cruisers Forum Supporter

Join Date: Oct 2005
Posts: 6,190
Images: 3
Re: Can we dispel this WiFi myth?

From my understanding:

- bs in computer science
- ~15 years in the field
- primarily a software guy, not a network guy

Who cares about wifi encryption from a data transfer security prospective? If you're on a network you're on a network. You can secure the wifi connection as much as you like but if I run the router (or an upstream router) I can plug a sniffer in anywhere and start scooping packets to do whatever I like.

Now if the data itself is encrypted, via SSL, VPN, SFTP, or whatever other properly secured encryption transport method than it really doesn't matter what packets you get. At least for now; I've heard people say that stuff from PRISM will eventually get cracked just because it's only a matter of time until computing power catches up with SSL encryption.

Wifi security, and again I'm not a network guy, is to keep:

- Only authorized people using your network.
- Reduce the amount of unauthorized people using your network who might do nefarious things like port scan everyone and look for exploits. But that's primarily the responsibility of all the client machines.

I've never used anti-virus or malware tools on any of my personal computers despite international travel and back in the day my desktops having public IP's. I keep things up to date, don't download stupid things, don't leave ports open, and all has been well for over a decade.

Regarding SSL man-in-the-middle attacks, your browser will spot the difference. If you're dumb enough to keep entering your banking account info when the green SSL bar flashes red, that's your own business. Most browsers will give you a warning and try to get you to exit the page as well, alerting you that your connection is no longer secure.
__________________
rebel heart is offline   Reply With Quote
Old 03-09-2013, 08:35   #23
Registered User
 
ShaktiGurl's Avatar

Join Date: May 2013
Location: West Palm Beach
Boat: Leopard 40
Posts: 365
Images: 1
Quote:
Originally Posted by captain58sailin View Post
Okay, thanks for the info. I used to use a VPN, then they went out of business. So I guess I can start searching for another.
I use Cisco VPN to login to my company network. No idea of cost since I don't pay it.
__________________
ShaktiGurl is offline   Reply With Quote
Old 03-09-2013, 08:36   #24
Senior Cruiser
 
rebel heart's Avatar

Cruisers Forum Supporter

Join Date: Oct 2005
Posts: 6,190
Images: 3
Re: Can we dispel this WiFi myth?

Quote:
Originally Posted by captain58sailin View Post
Okay, thanks for the info. I used to use a VPN, then they went out of business. So I guess I can start searching for another.
OpenVPN - Open Source VPN

I've used them with good results. A more common problem I've found internationally, especially in South America or Asia, is that a lot of web servers (particularly banks) block traffic from known geographic areas. With openvpn you can change your traffic origination to San Jose, CA from wherever you happen to be in the world.
__________________
rebel heart is offline   Reply With Quote
Old 03-09-2013, 08:48   #25
Registered User
 
denverd0n's Avatar

Join Date: Jun 2008
Location: Tampa, FL
Posts: 3,953
Images: 6
Re: Can we dispel this WiFi myth?

Quote:
Originally Posted by shanedennis View Post
The problem is the risk is blown out of proportion.
Yes, sometimes the risk is blown out of proportion. So you think that pretending there is no risk at all is the correct response? Great.
__________________
denverd0n is offline   Reply With Quote
Old 03-09-2013, 08:53   #26
Marine Service Provider
 
fstbttms's Avatar

Cruisers Forum Supporter

Join Date: Oct 2006
Location: Under a boat, in a marina, in the San Francisco Bay
Posts: 3,594
Re: Can we dispel this WiFi myth?

Quote:
Originally Posted by Fuss View Post
Does anyone have a first hand example of their bank details being stolen over an unsecured wifi connection and then funds being withdrawn from their account????
Yes. I used a debit card at my local brewpub last year. Apparently somebody was nearby, monitoring/stealing the wifi transactions the pub used to run the card. My card was debited for a duplicate sale, as were many others over a day or two. Fortunately, they discovered the problem quickly and shut down their wifi. My bank reimbursed me for the theft.
__________________
fstbttms is offline   Reply With Quote
Old 03-09-2013, 08:59   #27
Senior Cruiser
 
rebel heart's Avatar

Cruisers Forum Supporter

Join Date: Oct 2005
Posts: 6,190
Images: 3
Re: Can we dispel this WiFi myth?

Quote:
Originally Posted by fstbttms View Post
Yes. I used a debit card at my local brewpub last year. Apparently somebody was nearby, monitoring/stealing the wifi transactions the pub used to run the card. My card was debited for a duplicate sale, as were many others over a day or two. Fortunately, they discovered the problem quickly and shut down their wifi. My bank reimbursed me for the theft.
You had an SSL connection to your bank, someone intercepted the packets, broke a 128 bit encryption algorithm, and then with the million dollars of hardware they used they double charged you at the same pub?

or

You were man-in-the-middle attacked where your browser would have clearly shown that you were shifted from SSL to regular http unencrypted traffic.

Sounds a lot more likely that someone ran the point of sale gear incorrectly and then blamed it on mysterious hackers. "Hackers" are the equivalent of the CIA in that whenever something can't be explained, it must be the work of hackers.
__________________
rebel heart is offline   Reply With Quote
Old 03-09-2013, 09:02   #28
Registered User

Join Date: Jun 2013
Posts: 66
Re: Can we dispel this WiFi myth?

I never go with my laptop directly to the internet, only via router. He's my personal AP, he uses UMTS or any free Wi-Fi connection. See WISP-AP.

Advantage: All devices are always behind a smal firewall and not directly connected with the Internet.
__________________
tom1263 is offline   Reply With Quote
Old 03-09-2013, 09:03   #29
Marine Service Provider
 
fstbttms's Avatar

Cruisers Forum Supporter

Join Date: Oct 2006
Location: Under a boat, in a marina, in the San Francisco Bay
Posts: 3,594
Re: Can we dispel this WiFi myth?

Quote:
Originally Posted by rebel heart View Post
You had an SSL connection to your bank, someone intercepted the packets, broke a 128 bit encryption algorithm, and then with the million dollars of hardware they used they double charged you at the same pub?

or

You were man-in-the-middle attacked where your browser would have clearly shown that you were shifted from SSL to regular http unencrypted traffic.

Sounds a lot more likely that someone ran the point of sale gear incorrectly and then blamed it on mysterious hackers. "Hackers" are the equivalent of the CIA in that whenever something can't be explained, it must be the work of hackers.
Well, while I have no idea what you just said, the story I related is what was told to me by the restaurant and what was reported in the media. As I said, it was an ongoing issue for several days, affected many patrons and was enough of a story that the local TV news came out and reported it.
__________________
fstbttms is offline   Reply With Quote
Old 03-09-2013, 09:05   #30
Registered User

Join Date: May 2011
Location: Toronto
Boat: Sandpiper 565
Posts: 2,943
Re: Can we dispel this WiFi myth?

Quote:
Originally Posted by Teknav View Post
When purchasing on-line or going out to dinner, I use a credit card with a low credit line limit; intentionally requested a low limit of $500 USD. Before replenishing it, I check the transactions posted to it; 2-3 times/month. Never had any issues with someone stealing my numbers and trying to charge thousands of dollars. All my on-line transactions must go through a HTTPS website.
This.

Follow the above precautions and you will absolutely minimise your exposure to online (or offline) card fraud.

I believe that one potential threat from being able to intercept packets over wifi is that the interloper could theoretically spoof the user's ids (MAC address etc) and take over a session, but it's so complex to do in practice that no-one but the NSA would do it.
__________________

__________________
Lake-Effect is offline   Reply With Quote
Reply

Tags
paracelle

Thread Tools
Display Modes Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off




Copyright 2002- Social Knowledge, LLC All Rights Reserved.

All times are GMT -7. The time now is 19:29.


Google+
Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
Social Knowledge Networks
Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, vBulletin Solutions, Inc.

ShowCase vBulletin Plugins by Drive Thru Online, Inc.