Reply
 
Thread Tools Display Modes
 
Old 11-19-2013, 02:35 PM   #1
Platinum Member
 
Join Date: Aug 2010
Location: Minnesota
Posts: 7,581
Default Wifi security story on news

This story appeared on the local news last night. Bottom line seems to be that if you are on wifi, no matter what kind, or where, secured or not, you are vulnerable to losing you personal information depending on how the institution you are dealing with handles encryption. Kind of scary if this is more than a news scare story.

This would imply that the way we use our traveling internet connection would not be adequate for doing our banking and other financial or personal data stuff, as we use a wifi hotspot to the laptop. I just tested, and we can hardwire tether the Galaxy tab hotspot to the laptop for the 4G connection, so I think we will start doing that instead of using the wireless hotspot option. That will also save some battery life, I think.

http://kstp.com/news/stories/S3221829.shtml
__________________

booster is offline   Reply With Quote
Old 11-19-2013, 03:42 PM   #2
Platinum Member
 
Davydd's Avatar
 
Join Date: Aug 2007
Location: Minnesota
Posts: 4,499
Default Re: Wifi security story on news

Kind of disturbing. They didn't name the product used but showed it and gave plenty of hints that I am sure anyone could Google and figure it out. I feel safe at home on wifi being way off the road and beyond reasonable signal interception. Also on the road we use cellular with our iPad and iPhones.

They wouldn't name the financial institutions that failed but I am assuming they must have tested the ones in the Twin Cities. I'd like to find out. When I scroll over the lock on my bank, online broker and two credit cards I access online I get three different verifying companies used.

Google gmail passed. I'll have to check how they verify.
__________________

__________________
Davydd
2015 Advanced RV Ocean One Mercedes Benz Sprinter
Previous Class Bs:
2011 Great West Van Legend Sprinter
2005 Pleasure-way Plateau TS Sprinter
Davydd is offline   Reply With Quote
Old 11-19-2013, 06:13 PM   #3
Platinum Member
 
Join Date: Aug 2010
Location: Minnesota
Posts: 7,581
Default Re: Wifi security story on news

Quote:
Originally Posted by Davydd
Kind of disturbing. They didn't name the product used but showed it and gave plenty of hints that I am sure anyone could Google and figure it out. I feel safe at home on wifi being way off the road and beyond reasonable signal interception. Also on the road we use cellular with our iPad and iPhones.

They wouldn't name the financial institutions that failed but I am assuming they must have tested the ones in the Twin Cities. I'd like to find out. When I scroll over the lock on my bank, online broker and two credit cards I access online I get three different verifying companies used.

Google gmail passed. I'll have to check how they verify.
We use cellular while on the road also, but usually use the tablet as a hotspot for the laptop, so it would be vulnerable to that kind of hack. If you tether directly with a usb tether to the laptop, you should be OK though cellular, or if you do the connection directly from the tablet or phone.
booster is offline   Reply With Quote
Old 11-19-2013, 07:56 PM   #4
Platinum Member
 
Davydd's Avatar
 
Join Date: Aug 2007
Location: Minnesota
Posts: 4,499
Default Re: Wifi security story on news

Even though I take my laptop with me on the road, I rarely use it other than to backup photos. The iPad is good enough for the limited stuff I need to do as I spend way less time on computers on the road. 4G and LTE cellular are generally faster than campground wifi anyway.
__________________
Davydd
2015 Advanced RV Ocean One Mercedes Benz Sprinter
Previous Class Bs:
2011 Great West Van Legend Sprinter
2005 Pleasure-way Plateau TS Sprinter
Davydd is offline   Reply With Quote
Old 11-19-2013, 08:12 PM   #5
Platinum Member
 
Join Date: Sep 2012
Posts: 973
Default Re: Wifi security story on news

I use Wi-fi fairly often (mainly to save bandwidth charges), but when I do, I use a VPN (virtual private network) that does encrypted tunneling. This is both for security (since all my traffic is then sent to the remote site encrypted) as well as privacy (I don't want some local hacker with access to the Wi-Fi router knowing everything about me.) If the hacker tries to redirect all my traffic through their servers, it still won't gain them anything.

For my stuff, I've found that LTE and 4G are good enough, and almost always better than any Wi-Fi other than my home connection. In fact, were it not for the fact that bandwidth used is so expensive, I'd just not bother with Wi-Fi whatsoever and stick with LTE.

When using a laptop, I tether through Bluetooth or a direct connection. This way, a wardriver doesn't see anything compromisable. Plus, in RV parks, there are so many people using Mi-Fi adapters, the whole spectrum can get crowded pretty quickly.
mlts22 is offline   Reply With Quote
Old 11-19-2013, 08:38 PM   #6
Platinum Member
 
Join Date: Aug 2010
Location: Minnesota
Posts: 7,581
Default Re: Wifi security story on news

Quote:
Originally Posted by mlts22
I use Wi-fi fairly often (mainly to save bandwidth charges), but when I do, I use a VPN (virtual private network) that does encrypted tunneling. This is both for security (since all my traffic is then sent to the remote site encrypted) as well as privacy (I don't want some local hacker with access to the Wi-Fi router knowing everything about me.) If the hacker tries to redirect all my traffic through their servers, it still won't gain them anything.

For my stuff, I've found that LTE and 4G are good enough, and almost always better than any Wi-Fi other than my home connection. In fact, were it not for the fact that bandwidth used is so expensive, I'd just not bother with Wi-Fi whatsoever and stick with LTE.

When using a laptop, I tether through Bluetooth or a direct connection. This way, a wardriver doesn't see anything compromisable. Plus, in RV parks, there are so many people using Mi-Fi adapters, the whole spectrum can get crowded pretty quickly.
With the VPN, is the data sent over the wifi to be sent? The story claimed that the device they showed would intercept an encrypted wifi signal and strip the encryption off of it. The problems start when the destination you are dealing with accepts the unencrypted signal I assume the VPN site wouldn't accept the signal?
booster is offline   Reply With Quote
Old 11-19-2013, 08:40 PM   #7
Platinum Member
 
Join Date: Aug 2010
Location: Minnesota
Posts: 7,581
Default Re: Wifi security story on news

Quote:
Originally Posted by Davydd
Even though I take my laptop with me on the road, I rarely use it other than to backup photos. The iPad is good enough for the limited stuff I need to do as I spend way less time on computers on the road. 4G and LTE cellular are generally faster than campground wifi anyway.
In the past, you have stated that you put a data plan on only one of the devices, to save the across the board data changes on all the devices, and then use it as a hotspot, for the other devices. If you are still doing that, you are using a wifi signal that could be compromised, according to the story.
booster is offline   Reply With Quote
Old 11-19-2013, 08:46 PM   #8
Platinum Member
 
Join Date: Sep 2012
Posts: 973
Default Re: Wifi security story on news

It depends on the device. If I'm using PDANet and have the device with LTE plugged directly in, no wireless signal between the devices is going on. BlueTooth is similar, because of its short range. However, if I flip on normal tethering, most devices have an extremely short default password and are easily cracked into.
mlts22 is offline   Reply With Quote
Old 11-19-2013, 09:16 PM   #9
Platinum Member
 
Davydd's Avatar
 
Join Date: Aug 2007
Location: Minnesota
Posts: 4,499
Default Re: Wifi security story on news

I don't do any hotspotting or tethering on the road but do have multiple devices with Verizon and ATT data to pretty much have coverage just about anywhere but the remotest spots. I have apps on the iPhone for my credit cards, bank and online brokerage to easily do anything. Other than that I might read message boards and also have easy to use apps for Twitter and Facebook where I can post a travel report message and photo a lot easier than to a message board. Then there are the many apps dedicated to finding campsites, coffee, Walmart and such, and the GPS map apps. For news I'd rather use the many dedicated news apps quickly rather than an Internet browser. Other than looking stuff up and reading email on cellular underway I spend very little time on the Internet.
__________________
Davydd
2015 Advanced RV Ocean One Mercedes Benz Sprinter
Previous Class Bs:
2011 Great West Van Legend Sprinter
2005 Pleasure-way Plateau TS Sprinter
Davydd is offline   Reply With Quote
Old 11-22-2013, 03:07 AM   #10
Platinum Member
 
Mike's Avatar
 
Join Date: Aug 2008
Location: Sarnialabad, The Newly Elected People's Republic of Canuckistan
Posts: 3,215
Default Re: Wifi security story on news

OK, I'll play the skeptic. We've had these discussions before on here and on Yahoo, and I think we agreed to disagree, since we couldn't come to a definitive yea or nay on how safe is public wifi usage on the road. Everyone has to stay within their own comfort level when using it, I guess?
There were an awful lot of unstated variables in their "testing" process that might affect the outcomes that were reported. For example, how tech savvy was the reporter? Was he using the HTTPS versions of signing into the various websites, or was he using the default HTTP version (most free email clients like Gmail, Hotmail, Ymail, require the user to choose/set one or the other manually)? There are lots of wifi capable packet sniffing software packages available with variable pricing and capabilities. Why did they appear to use a black box, when most laptops have enough range to capture wifi traffic without any extra hardware (I googled wifi packet sniffing black boxes and came up with nowt, but found plenty of software available - admittedly, my googling isn't always perfect, so there may be black boxes out there, but I couldn't find them). The guy doing the "testing" left one computer forensics company and started his own company a few years ago. What better way to get some free publicity than to suggest something sensational like this? The follow up newscast results will be interesting to see, if they actually do follow up on this, or just suggest that the companies in "non-compliance" resolved their problems to the satisfaction of the reporter and the forensics expert, and leave it at that. I believe they all stated their data security was fine, when challenged? Is the reporter just assuming the forensics guy was a guru and accepted his evaluation at face value? No second opinion to corroborate before going to air bothers me.
I always use HTTPS when logging into email or online banking when on public wifi. My browser always uses security certificate verification, and I try to use bookmarks to get to my preferred sensitive websites, to avoid misspelling website names (knowing that my typos on here are many and legendary).
At home, the router and our laptops are secured and data is encrypted using the best firmware and software options available on them.
Knock on wood, we have never had a problem.
__________________

__________________
It's not a sprint(er) (unless you make it one), it's (hopefully) a marathon.
RV - 2018 Navion 24V + 2016 Wrangler JKU
Mike is offline   Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


» Featured Campgrounds

Reviews provided by

Powered by vBadvanced CMPS v3.2.3

All times are GMT. The time now is 05:52 AM.


Powered by vBulletin® Version 3.8.8 Beta 4
Copyright ©2000 - 2019, vBulletin Solutions, Inc.