Comments on: UK ISP Attacks “3-Strikes” with Proof Wi-Fi Piggybacking Easy

By: STUDY: Almost 65,000 Irish Suspected of Weekly Illegal P2P

STUDY: Almost 65,000 Irish Suspected of Weekly Illegal P2P — Wed, 17 Feb 2010 17:42:44 +0000

[...] address and not the actual person responsible. It’s already been shown that people can easily hijack a person’s Wi-Fi connection and that a inanimate objects like printers can also be [...]

By: Scary Devil Monastery

Scary Devil Monastery — Mon, 11 Jan 2010 11:35:27 +0000

Given that an ordinary security diagnostics suite like BackTrack 4 will make short work of the security-through-obscurity approach and the general difficulty in securing a network which broadcasts it’s access point openly, the only REAL approach to wireless security is to use a password of 20+ letters with high entropy or (better) an actual file key.

But to set up and maintain such a system isn’t going to be the norm for a few years yet and will leave the “average (L)user” even more bewildered.

If you want security worth the name, most wireless out-of-the-box solutions are useless against an adversary booting a dual-core laptop of moderate processing capability with BackTrack.

Or in the words of Bruce Schneier – “When people ask me ‘What can the average user do to improve his computer security’ I say ‘Nothing, you’re fucked’”…

By: 2009 – A ZeroPaid Year In Review – Part 3 of 3

2009 – A ZeroPaid Year In Review – Part 3 of 3 — Tue, 05 Jan 2010 09:50:55 +0000

[...] pirates. A British ISP also showed further evidence that the three strikes law was ill-conceived by showing just how easy it was to piggy-back WiFi. Ideologies also collided in the country when the major music business argued that The Pirate [...]

By: Boomer The Dog

Boomer The Dog — Wed, 21 Oct 2009 09:07:09 +0000

Thanks Bob, I can understand why that would be the case. I just saw a site, it might have been Steve Gibson’s site that said that hiding the SSID can cause more interference because other wi-fi routers could be set to your channel, and the owners wouldn’t know since they didn’t find yours there.

By: Oops, dimenticavo/ 19 ottobre 2009 - The New Blog Times

Oops, dimenticavo/ 19 ottobre 2009 - The New Blog Times — Sun, 18 Oct 2009 22:42:59 +0000

[...] Talk, il più grosso provider internet britannico, che se ne è andato in giro a fare Wardriving, rilevando oltre 1000 reti WiFi aperte e scaricandosi musica da Internet a sbafo. Fino a che punto è solo [...]

By: Bob Jonkman

Bob Jonkman — Sun, 18 Oct 2009 19:28:25 +0000

Hiding SSID or using MAC address filtering is security through obscurity. Both SSID and MACs are sent over the air in plaintext, even when hidden. Anyone with InSSIDer or Kismet can see them. It’s only effective when there’s an easier target in the same neighbourhood (ie. no encryption, visible SSID, no MAC filtering).

If your router is using WPA or WPA2 encryption, then hiding SSID or doing MAC address filtering offers no additional security.

–Bob.

By: mountain_rage

mountain_rage — Sun, 18 Oct 2009 17:59:03 +0000

The security level goes wep (useless since its easily cracked), WPA, WPA2, whatever ends up replacing WPA2

You should still have a pass phrase, even if you turn of SSID broadcasting. it encrypts your airwaves to prevent snooping. Otherwise all your communication between your router and computer can be fished out of the air, not very safe to do so, its not like giving someone your pass phrase to connect is time consuming or difficult.

Stopping SSID broadcasting only makes the network invisible to the uninformed user. It doesn’t send out information that this is a network and here are the details. To connect to the network you need to input the name and details manually. Blocking SSID braodcasting is just as much of a pain as a pass phrase but offers no data security.

Finally mac filters are simply an extra step in the security line. Most advanced users can just spoof their mac address to get access to your network, but its still an extra layer of security. It is however the most annoying security feature for when you want to allow someone access to your network. You have to manually add their mac address to the routers list for them to connect.

By: Boomer The Dog

Boomer The Dog — Sun, 18 Oct 2009 07:30:58 +0000

I think that SES uses WPA also, I’m sure from what I read it’s higher than WEP.

One of my friends sister got a plug in Linksys usb wi-fi antenna and when she got on it could see they had a Linksys router and said to set up a secure connection to click this button, and then push the button on the router. She thought it was the only way they could get on the net from the laptop, so they did it, but my friend couldn’t get on at all, locked out, and they spent an evening trying to get it back to the way it was.

Hiding the SSID, I have never tried that, but it sounds like a good idea and maybe that would be easier for guests to use than a pass phrase.

By: D.AN

D.AN — Sun, 18 Oct 2009 03:25:59 +0000

You are going in a circle, you know.

By: malcolm hume

malcolm hume — Sun, 18 Oct 2009 01:14:15 +0000

Yeah but WEP routers haven’t been manufactured since 2004 – though I guess most have it for backwards compatability. Either way it’s lack of responsibility and knowledge on the part of the user and if you follow the instructions in the manual there shouldn’t be a problem.