PDA

View Full Version : a wifi hypothetical .. ??



bigdazzler
19-06-2009, 5:46pm
lets say ,, hypothetically of course ,, one was to use his airport wifi utility on his macbook to search for unsecure networks to establish an internet connection ,, hypothetically ,, would there be any risk to ones macbook by connecting to said unsecure internet connection ?? ,, if yes, what are the risks and whats the worst that could happen to ones machine ?? Would the owner of the network be able to see this hypothetical macbook connected to their internet connection ?? What are the risks in doing such a thing ?? Can anything bad happen to ones hypothetical macbook by doing this ?? ,, hypothetically of course :D

Charmed
19-06-2009, 5:52pm
lol hypothetically , if the "hypothetically" network owner was silly enough NOT to lock it, I doubt he / she would even know where to look, to see if someone was "hypothetically" piggy backing on "hypothetically' network.

milspec
19-06-2009, 5:52pm
That would depend on how you have set up your security ie: do you have a firewall set up, do you have any public shares etc etc.

If your not too familiar with security settings on your laptop then it would probably be a good idea not to hook into unsecured networks. You can be guaranteed that there is a bored computer geek out there somewhere ready to pounce on unsuspecting laptop users.

Charmed
19-06-2009, 6:24pm
That would depend on how you have set up your security ie: do you have a firewall set up, do you have any public shares etc etc.

If your not too familiar with security settings on your laptop then it would probably be a good idea not to hook into unsecured networks. You can be guaranteed that there is a bored computer geek out there somewhere ready to pounce on unsuspecting laptop users.

Yes milspec makes a very valid point. Don't even think about it unless you're all firewalled up etc.

You would be surprised on how many ppl don't secure themselves, & how easy it is to. Even easier if done from your ph. No one none the wiser. I've been one of those computer geeks, just to prove the point.

Got carried away with all the hypothetically

ricktas
19-06-2009, 6:34pm
There are two very good and different trains of thought here.

1. Secure your network and it will (mostly) stop others from using it. Your cost savings by not supplying network (usually internet) access for free loaders is worth securing your network for. Stealing bandwidth is an offence.

2. Now this will cause an interesting discussion on AP. Don't secure your network! Let your friends, neighbours etc use it. Let them use your internet. Go ahead, be a friend to one and all. Provide something for free.

Now why would you do number 2? Hmmm, you are all probably thinking I am an idiot right now for even suggesting it. OK, well, how many of you have downloaded the occasional song/movie etc illegally. Now suppose you get a knock on the door from the powers that be advising you to visit a court house near you because you have been caught for stealing songs etc. You get to court, and the legal team for the record label comes forth and says you had a secure wireless network. You get asked if you have given your password to anyone..answer No..hmmm

But, say your network was not secure. Guess what..your legal team has a great case to argue that because you didnt have a secure network, those supposed stolen songs, could have been downloaded by anyone. Neighbour, the kids who sit at the bus stop outside your front door. The telstra worker who has been working on the cable in your street for the last two months...anyone really.

Lots to consider there!

Kym
19-06-2009, 7:29pm
I share my wi-fi with friends who visit.
I give them the pass phrase - which gets changed regularly.
I never run unsecured wi-fi.

Please read the AP Guide to safer computing...
http://www.ausphotography.net.au/forum/showthread.php?p=197369#post197369

The airport (Qantas club) has free wi-fi anyway.

Some of our neighbours had unsecured wi-fi - I left a note in their letter box that I could 'steal' their bandwidth (and in one case could delete their files). They fixed it.

There are people who 'war-drive' - they travel with wi-fi enabled vehicles (usually a notebook with a hi-gain antenna) and steal bandwidth (usually for (c) infringed downloads).
http://en.wikipedia.org/wiki/Wardriving
SO KEEP YOUR NETWORK SECURED!!!

I use NetStumbler for scanning the local area to see who else is out there.

MarkW
19-06-2009, 7:29pm
Darren
As a Mac user you can forget the firewall provided nothing (no folders etc) is set to share. The OP can't send you any files if all your setting don'tt permit sharing and like all Macs you can't be harmed by any malicious software unless you permit installation by using your password.

Can the OP see you on their system - most probably but they just as probably won't. Too dumb to password protect the wifi then they're definitely dumb enough not to see you or even recognise what an additional user would look like on their system. In OSX your machine would show up in finder where as in Windoze its in My Computer in network but in Windoze it will in all likelyhood be hidden as a sub-folder. Your machine will show as a directory but nothing else.

I have seen this situation a couple of times including when I at my partners relo's. They live in a large complex of units and some knuckle head there has an unsecured system. Then there are the stacks of commercial hot spots which are free to their customers like Wests Leagues at Newcastle (Where I stay if working up there). There's no security in the system but the signal is so weak that you can only log on in the Hotel foyer.

bigdazzler
19-06-2009, 7:29pm
well im at home right now on my own broadband service so no theft going on for now .. however, my airport has picked up 8 separate wifi networks .. and only one of those is secured .. so it seems lots of popele dont mind giving away their bandwidth :confused013

reason im asking is that when im at work and have my macbook with me, my airport detects a heap of unsecured wireless networks (i work in the Sydney CBD) and on the odd occasion i might need to the internet for something (i dont have access at work because in my work i dont need it) and was wondering if i was to utilise one of these unsecure networks, would my machine be vulnerable in any way ??

kiwi
19-06-2009, 7:43pm
my neigbours use our wifi connection as for some bizarre reason there is a problem with the pipe so that only 50% of us in our 10 house cul-de-sac can get access to ADSL

ricktas
19-06-2009, 7:44pm
well im at home right now on my own broadband service so no theft going on for now .. however, my airport has picked up 8 separate wifi networks .. and only one of those is secured .. so it seems lots of popele dont mind giving away their bandwidth :confused013

reason im asking is that when im at work and have my macbook with me, my airport detects a heap of unsecured wireless networks (i work in the Sydney CBD) and on the odd occasion i might need to the internet for something (i dont have access at work because in my work i dont need it) and was wondering if i was to utilise one of these unsecure networks, would my machine be vulnerable in any way ??

not unless you had some folders set for sharing.

Harves
19-06-2009, 7:45pm
According to a motel owner where I last stayed, they have been advised not to offer 24/7 broadband to their guests because scammers will park outside motels where they can get a signal, leave their notebook locked in the vehicle overnight, downloading at the expense of the motel owner. He gave me a couple of hours worth of internet access time which was password protected.

However, I did log on the next morning on someone's signal.

kiwi
19-06-2009, 7:49pm
I dont think that scammers/drive-by surfers are an issue. Sure it happens, but a bit of an urban myth too.

bigdazzler
19-06-2009, 7:50pm
I can honestly say ive never done it in my life. I have USB mobile broadband so i usually just take that to work with me but since Bella got retrenched ive been leaving our internet at home for her to look for work. Lately ive found myself needing internet on the odd occasion at work and not having access .. i wouldnt set out to steal large amounts of bandwidth from anyone, i was just wondering what the deal was if i was to log onto a couple of web pages every now and then .. no intentions of downloading the entire season of the Sopranos on someones elses connection :D

kiwi
19-06-2009, 7:54pm
I dont see any issue. If ppl thought it was an issue to them they should secure their wifi.

I see the day, hopefully within five years, that the whole of Australia is free wifi enabled, certainly the cities anyhow.

Kym
19-06-2009, 7:56pm
I dont think that scammers/drive-by surfers are an issue. Sure it happens, but a bit of an urban myth too.

More than you think. Some of my 22yo son's mates - the geeky ones - well say no more.

kiwi
19-06-2009, 7:57pm
well, maybe, but maybe you hang out with the wrong people :) (geeks)

Charmed
19-06-2009, 8:26pm
my neigbours use our wifi connection as for some bizarre reason there is a problem with the pipe so that only 50% of us in our 10 house cul-de-sac can get access to ADSL

That's Telstra for you. It took me a good year to get adsl for home while friends at the end of the st, which is about 1k & considered out of town, had it. Not with them for home ph etc but every time I asked for a report they would fail their own line test. Have wireless network setup, secured, when family, friends come around, log them in. Only need to do it once & their good for the next time.

Macca's in town has free WiFi. A couple of business in the main st have unsecured networks ;)


More than you think. Some of my 22yo son's mates - the geeky ones - well say no more.

Oh yes I can relate to that

SpaceJunk
20-06-2009, 5:40am
and of course there is always this :- honeypot (http://en.wikipedia.org/wiki/Honeypot_(computing)) :banana:

Kym
20-06-2009, 9:17am
As a Mac user you can forget the firewall provided nothing (no folders etc) is set to share. The OP can't send you any files if all your setting don't permit sharing and like all Macs you can't be harmed by any malicious software unless you permit installation by using your password.

Ditto Linux.

BUT Security is a defence in depth game (belt and braces) so have the firewall AND secured wireless network is best practice.

The fact is that as soon as a computer is connected to the net there is an attack vector - so the more you can do in terms of protective measure the better.

MarkW
20-06-2009, 11:24am
Ditto Linux.

BUT Security is a defence in depth game (belt and braces) so have the firewall AND secured wireless network is best practice.

The fact is that as soon as a computer is connected to the net there is an attack vector - so the more you can do in terms of protective measure the better.

Kym are you a PC or Mac user (or both) - Them words sound pretty much like a dedicated PC user :)

Leopard OSX actually comes with its own firewall but nobody uses it. I'm a member of Mactalk, an Australian Mac users forum and this issue of security comes up again and again and again (I wish people would do a search first). Nobody uses firewalls or virus scans or anti-maliscious (sp?) software. The only way for you to get "infected" is for you to download the file and in windoze speak "execute it". To execute a file will involve you entering your permission password and no other way, its just not automatically vunerable like a PC. I look long and hard for any file asking for permission and always have a system backup when adding new apps.

On the other side of this fence is the legality of using somebody elses bandwidth, whether its a commercial entity or a private user. If caught, it is akin to theft and a number of cases in the US has set presidence. In this country I'm not sure but my aging memory seems to recall something about using a "Starbucks" or similar but can't confirm this.

Kym
20-06-2009, 11:45am
Kym are you a PC or Mac user (or both) - Them words sound pretty much like a dedicated PC user :)

Leopard OSX actually comes with its own firewall but nobody uses it. I'm a member of Mactalk, an Australian Mac users forum and this issue of security comes up again and again and again (I wish people would do a search first). Nobody uses firewalls or virus scans or anti-maliscious (sp?) software. The only way for you to get "infected" is for you to download the file and in windoze speak "execute it". To execute a file will involve you entering your permission password and no other way, its just not automatically vunerable like a PC. I look long and hard for any file asking for permission and always have a system backup when adding new apps.

On the other side of this fence is the legality of using somebody elses bandwidth, whether its a commercial entity or a private user. If caught, it is akin to theft and a number of cases in the US has set presidence. In this country I'm not sure but my aging memory seems to recall something about using a "Starbucks" or similar but can't confirm this.

Use Mac's in the past - use PC's for work - use Linux for a bunch of server work.

Most personal computer (any flavour) attacks happen from executing something bad.

But - there are other attacks. Eg. buffer overruns attacking web servers.
IIS and MS SQL Server had a run of these a few years ago.
Apache has had a few over the years as well.
Various softwares have had these vulnerabilities as well. phpBB as a good example.

So just because a particular platform is difficult to attack (Mac or Linux) does not mean it cant or wont be attacked.

Having written the web server security architecture for a Govt department a few years ago (previous job) - I do have clue in this space. :rolleyes: (and that was for mainly *nix systems)

With security it is not that you are paranoid - but are you paranoid enough?
Defence in depth is a very important concept.

One day (when not if) there will be a hole in Mac or Linux security and some bugga will let loose an attack and many will lose data etc.
Only those with a multi layer defence and good backups will be ok.

The good thing is MS platforms are used widely and are relatively easy to attack so the malicious people (being generally lazy and after a quick $) will focus on the MS platforms and leave the better platforms alone.

bigdazzler
20-06-2009, 12:04pm
The good thing is MS platforms are used widely and are relatively easy to attack so the malicious people (being generally lazy and after a quick $) will focus on the MS platforms and leave the better platforms alone.

i know very little when it comes to the tech stuff .. but that seems a good enough reason for me to not use windows at all

Kym
20-06-2009, 12:11pm
i know very little when it comes to the tech stuff .. but that seems a good enough reason for me to not use windows at all

Well yes.
But Windoze is the lowest common denominator and we have to live with it.
Not all the software I need is on the other platforms (and vice versa - some stuff I want for Windows is Linux only).

But if lets say Apple suddenly halves their prices and open the HW platform and everybody jumps from Windoze to MacOS...
then the malicious people would go after the biggest platform simple because of the percentage game they play.
Why do you think you keep getting 419 emails (Nigerian scams)? Coz they only need a few suckers out of millions of people.

JM Tran
20-06-2009, 1:36pm
i spoke to a security analyst in IT for the SA state government a while ago

he actually said that the more defences you put up, the more attention u will attract from hackers, they will be very curious at the layered defences u have - and wonder whats behind that. Curiosity killed the cat.

concluding that sometimes, going naked is a safer choice. I agree with what he says in many ways.

Kym
20-06-2009, 1:54pm
i spoke to a security analyst in IT for the SA state government a while ago
he actually said that the more defences you put up, the more attention u will attract from hackers, they will be very curious at the layered defences u have - and wonder whats behind that. Curiosity killed the cat.
concluding that sometimes, going naked is a safer choice. I agree with what he says in many ways.

Defence in depth for serious apps looks like... (assuming Java EE)
- outer firewall (router)
- DMZ reverse proxy server with intrusion detection, NAT
- inner firewall (router private IP addresses)
- web server / container
- EJB container (proxy DB user to access stored procs)
- database firewall (router - only EJB server can access)
- database stored procs
- database tables/views <<< this is what is being protected

So from the outside you just see a web server (aka reverse proxy). It also limits internal access to the transactional database. Given that more attacks occur from internal networks. ;)

The above model is used by banks etc. Fairly standard in the corporate space.

Naked is not genuine option.

bigdazzler
20-06-2009, 2:10pm
Defence in depth for serious apps looks like... (assuming Java EE)
- outer firewall (router)
- DMZ reverse proxy server with intrusion detection, NAT
- inner firewall (router private IP addresses)
- web server / container
- EJB container (proxy DB user to access stored procs)
- database firewall (router - only EJB server can access)
- database stored procs
- database tables/views <<< this is what is being protected

So from the outside you just see a web server (aka reverse proxy). It also limits internal access to the transactional database. Given that more attacks occur from internal networks. ;)

The above model is used by banks etc. Fairly standard in the corporate space.

Naked is not genuine option.

you gotta get out more mate .. :eek: :D

Kym
20-06-2009, 2:20pm
you gotta get out more mate .. :eek: :D

Have to do something to pay for the camera gear :D

ving
20-06-2009, 6:52pm
not an awful lot could happen to the thief, but one has to look at the moral implications... it is theft... much like stealing petrol out of someones car.

mt wireles network at home is secure... cause there are plenty of scum out there that like to steal stuff.

MarkW
20-06-2009, 7:05pm
not an awful lot could happen to the thief, but


Unless you reside in the US where the thief actually did time - do the crime do the time

milspec
20-06-2009, 7:38pm
So, to sum it all up .... turn your wireless off when your at the airport :p

MarkW
20-06-2009, 7:44pm
So, to sum it all up .... turn your wireless off when your at the airport :p


Huh ????

In the US it was proven that the thief was aware that the WiFi was only for the use of their customers due to previous attandance and since he had not purchased any goods from the supplier then he wasn't entitled to use the WiFi usage.

As for the airport, the only one I have been able to get is Qantas where its $5 per hour password secured as I don't have Qantas Club. Thats what you get for flying cattle class.

JM Tran
20-06-2009, 7:50pm
Defence in depth for serious apps looks like... (assuming Java EE)
- outer firewall (router)
- DMZ reverse proxy server with intrusion detection, NAT
- inner firewall (router private IP addresses)
- web server / container
- EJB container (proxy DB user to access stored procs)
- database firewall (router - only EJB server can access)
- database stored procs
- database tables/views <<< this is what is being protected

So from the outside you just see a web server (aka reverse proxy). It also limits internal access to the transactional database. Given that more attacks occur from internal networks. ;)

The above model is used by banks etc. Fairly standard in the corporate space.

Naked is not genuine option.

I have almost zero idea of anything u just mentioned up there LOL

bigdazzler
20-06-2009, 8:01pm
Just to clarify .. when i said airport , i meant "AirPort" - Apples wireless network connection utility , not "the airport" - as in where you might board an aeroplane .. :D