Reply
 
Thread Tools Search this Thread Display Modes
 
Old 06-01-2005, 11:20 AM   #1
Moderator
 
jcanavera's Avatar

 
2004 30' Classic Slideout
Fenton , Missouri
Join Date: Mar 2002
Posts: 9,002
Images: 143
Send a message via AIM to jcanavera Send a message via Skype™ to jcanavera
Wireless Threats

Many of you are using wireless laptops and sometimes use free wireless services found at many public locations. Well here is an interview that gives me the shivers. Sort of changes how you may want to use that PC when connected to a free service.

I picked this up from a service that I subscribe to called Spam Busters.
__________________________________________________ __________
Today our guest is Anne P. Mitchell, Esq. Anne is a Professor of Internet Law at Lincoln Law School of San Jose, and the President and CEO of the Institute for Spam and Internet Public Policy. You can find her sharing her wisdom and wit (and she's very funny) at the immensely popular Aunty Spam

site:

==}
http://www.isipp.com

==} http://www.aunty-spam.com

Audri: Welcome, Anne! I really appreciate your taking the time to talk with me today -- this is a really great topic that I think will benefit ScamBusters subscribers a lot.

Anne: Thank you, Audri! It's absolutely my pleasure!

Audri: Let me begin by asking: what do you believe is the newest, most dangerous thing people often do on the Internet that doesn't seem dangerous at all?

Anne: Believe it or not, Audri, it's using public wifi hotspots. Well, not so much the hotspots themselves, Audri, but the inadvertent use of evil twin hotspots.

Audri: A lot of our readers don't know what evil twins are.

Can you explain?

Anne: Sure. Simply put, an "evil twin hotspot" is a hotspot that mimics a legitimate public wifi hotspot, such as those to which you may have access at your local Starbucks or bookstore.

However, it is really an Internet gateway which has been set up by a hacker hoping to trick you into connecting to the Internet through them.

When you access the Internet through this "hotspot," the hacker is logging everything you do and type, including your passwords and other sensitive information.

Audri: What exactly are the dangers of evil twins?

Anne: Once having trapped your sensitive information, such as account numbers, user names, and passwords, and knowing at which websites you entered that information, the person behind the evil twin hotspot can gain full access to bank accounts, credit card accounts, email -- anywhere that you went on the Internet while connected through their evil twin.

Audri: I think our subscribers can definitely see the dangers here! Can you give us an example?

Anne: Yes. Just last week I was sitting in my local Starbucks, where they offer wifi hotspots from T-Mobile. In order to log into a T-Mobile hotspot, you must have an account with T-Mobile, for which you must pay.

Even though I don't use the T-Mobile hotspots, I always check (with my laptop) to see what wifi hotspots are available at any given location because, well, that's part of my beat.

Sure enough, users at that Starbucks who opened their laptops and searched for a local wifi Internet connection were presented with the option of "T-Mobile Hotspot," as they should be, but were also presented with a second option, called "Free Wifi from Team WiFi," which I am 99% certain was an evil twin (and indeed Starbucks confirmed that there was no special offer going on which would have otherwise explained that second hotspot).

Now, notice a few things about this second, uninvited hotspot.

First, it uses the term "free wifi." Who wouldn't want to use that, especially compared to the T-Mobile hotspot, where you have to pay?

Second, though, note the friendly and familiar sounding "Team WiFi." By using familiar terms for their evil twin, along with telling people it is free, they are making it very easy for an unsuspecting user to go ahead and click and connect to that evil twin. In fact, users may just think that it's a special offer from the T-Mobile Hotspot people.

Sure enough, Audri, this evil twin caught some people. As the gentleman who was sitting next to me got up to leave, after being on his computer for quite some time, I asked him whether he had logged in to the Internet while he was there.

When he said that he had, I asked him whether he was a T-Mobile user. "Oh no," he replied, "they have a free wifi hotspot set up here."

I advised him that it was almost certainly an evil twin, and that if he had done anything online while logged in through that "free" hotspot which might have compromised any sensitive information, he should take immediate measures to remedy the situation, such as changing any passwords he had sent while logged in.

At this point your readers may be wondering why I didn't alert the authorities. And this is why user education is so very important.

There really was nobody for me to effectively alert. I could have called the police, but they would not have had the resources to even figure out where this evil twin was located, let alone to figure out who and how it was being done. The best thing I could do at that point was to let people know not to use that hotspot.

Audri: That's a really important point, and in fact, one of the reasons we started ScamBusters. Often, understanding the principles behind scams is about the only real protection you have.

For example, it's not enough to know that Team WiFi

(specifically) may be an evil twin. This name probably already has changed by the time you read this. But by understanding this evil twin scam, subscribers can be careful and make sure they don't compromise their personal information.

Moving on: can you explain in a non-technical way how evil twins work?

Anne: Basically someone sits nearby with either a laptop hidden in a backpack or under a coat -- or they may even be sitting there with the laptop in front of them, pretending to work.

But that laptop is really set up as an Internet server which has been programmed to announce itself as a public Internet access point.

This is essentially how legitimate wifi hotspots are set up as well. The difference is that the evil twin has additional software on it that is designed to capture all of the data from the Internet traffic that goes through it.

If you send unencrypted text, the hacker will be able to simply read it.

But even if you send something that is encrypted, such as a password, it isn't very hard for the hacker to figure that password out.

Audri: How?

Anne: First of all, some hacking software can install a virus that actually records keystrokes. Second, there is plenty of software out there designed to crack many types of passwords.

In fact, Aunty Spam wrote just last month about a website where you can plug in an encrypted password, and it will decrypt it for you.

That sort of encrypted password is exactly what the evil twin will capture.

Audri: So what that means is that you're not completely safe if you use encrypted passwords.

How widespread is this problem?

Anne: Nobody really knows for sure, but I can tell you that I hear about instances every week. In one recent infamous case, someone walked into an IT conference in England and walked around with a live evil twin in their backpack, and caught several people. At a conference full of Internet security experts!

Audri: Wow!

Here's a related question we got this week: can you tell us what is "email sniffing"?

Anne: Email sniffing also involves interception of data, but it is typically a situation where one person is sending and receiving email on a network, and another person on that same network is intercepting the email data.

Audri: How can our subscribers keep their email safe from sniffing?

Anne: For the average user, the safest thing to do is to use a secure webmail service. For example, both Hotmail and Gmail services use a secure protocol.

For users who must access their work email while on the road, and because there are so many different enterprise email systems, the user should work with their IT department to ensure the most secure access.

Audri: How can you know if you're connected to an evil twin?

Anne: Well, of course, that's the lion's share of the problem.

You can't, really.

The best defense is a good offense, meaning take precautions to ensure that you don't connect to an evil twin in the first place.

Audri: "The best defense is a good offense" is one of my favorite sayings.

Is this a serious enough problem that some people should simply not use wifi? If so, who?

Anne: People who don't feel competent to identify the wifi spots they know and trust, or to distinguish other hotspots from those trusted few, should probably think twice before connecting.

If it's so important that you can't wait until you get home or back to the office to check from your regular connection, then it's probably too important to risk sending across an un-secure and potentially malicious wifi connection.

Audri: Let me ask you two questions on related topics: Is there anything you can do to protect yourself when you're not at home or are traveling? What about people who live in large cities -- how big an issue is this for them? What should they do?

Anne: By definition, this is an issue which is most likely to arise when you are not at your home or office (unless your workplace offers free public wifi!).

It's extremely unlikely that someone is going to create an evil twin of your home wifi.

People in big cities may be more likely to encounter evil twins than, say, people out in rural areas, but only because of numbers, not because rural hackers are any less sophisticated!

Audri: Are there any rules of thumb that could help our subscribers protect themselves?

Anne: As to how best to protect yourself, first and foremost, check your wifi settings on your laptop!

Is your computer set to search and automatically log on to the nearest wifi hotspot? If so, that's a recipe for disaster.

Change that setting!

Audri: I bet most people didn't know that, Anne.

Anne: Second, whenever possible avoid sending sensitive information from public wifi locations. The more important the information is, the less chance you should take with it.

If you really must conduct financial business from public wifi spots, such as if you are on the road a lot, either use a credit card with a special limited line of credit, or use a debit card in which you keep only as much money as you are willing to lose if someone compromises your data.

Finally, really scrutinize the sites through and to which you connect. If something doesn't look or "feel" right, it probably isn't.

And make sure that any page to which you connect and through which you have to transmit any sensitive data really is a secure page (look for the little key at the bottom of your browser or whatever your browser uses to indicate "secure").

Audri: This is great advice. Is that what you do every time you connect to a public hotspot?

Anne: <laugh>...no, I actually avoid all of these problems by connecting my laptop to the Internet through my cell phone.

Many cell providers now have unlimited Internet access rate plans, and with the higher speed cell data networks, while it's not as fast as a wifi hotspot, it's plenty fast, and they haven't been cracked yet.

Audri: Can you summarize what action steps should our subscribers take so they don't become vulnerable (or become less vulnerable)?

Anne: Yes. Be careful. Be cautious. Be wary. And be aware.

Audri: Thanks so much, Anne! I think we'll stop here and finish this interview in next week's issue. I really appreciate you sharing your advice on evil twins with our subscribers. Stay tuned...



__________________

__________________
Jack Canavera
STL Mo.
AIR #56
'04 Classic 30' S.O.,'03 GMC Savana 2500,'14 Honda CTX 700
jcanavera is offline   Reply With Quote
Old 06-01-2005, 11:42 AM   #2
Moderator
 
Stefrobrts's Avatar

 
1968 17' Caravel
Battle Ground , Washington
Join Date: Dec 2002
Posts: 11,906
Images: 50
Blog Entries: 1
As I understand, people can also 'eavesdrop' on your wi-fi transmissions while using a public hotspot. I would avoid doing anything that requires passwords or using VISA cards while on a public line. Save secure stuff for a landline.
__________________

__________________
Stephanie




Stefrobrts is offline   Reply With Quote
Old 06-01-2005, 11:56 AM   #3
Rivet Master
 
ALANSD's Avatar

 
1966 26' Overlander
Woodstock , Georgia
Join Date: Feb 2002
Posts: 8,462
good info. On a similiar note, I alsways check the locations of the phisihing web sites that come thru my email. Most are overseas, and so i ignore them, but on occasion I have caught one or two that were in the US. I notify their ISP that fraudulent activity is taking pace throught their service, forwarding them the email and ip address.
Recently I received over 5000 very nasty emails from one of the phishers who had been shut down by his ISP. He used an untraceable email address this time, and must have been mighty mad, as over two days the total to my email account was 9000 plus.
Actually made me feel good, like I had shaken him up some.
The web is such a great tool, but loaded with schemes to rip us all off...I would suggest everyone be on their guard, and use a good spyware program to clean out the crap on a regular basis.
__________________
1966 Overlander
AIR #005
Please visit our blogs and web pages:
OUR AIRSTREAM PASSION! BLOG
RESTORING AN AIRSTREAM
Our AIRSTREAM and TIN CAN TOURIST Rallys
ALANSD is offline   Reply With Quote
Old 06-01-2005, 12:03 PM   #4
Rivet Master
 
LOST , Hawaii
Join Date: Jun 2002
Posts: 2,193
Quote:
Originally Posted by ALANSD
Recently I received over 5000 very nasty emails from one of the phishers who had been shut down by his ISP. He used an untraceable email address this time, and must have been mighty mad, as over two days the total to my email account was 9000 plus.
Actually made me feel good, like I had shaken him up some.
Kind of make you wonder about an ISP that would forward your email address to the pinhead they were shutting down. Seems like they would just go in and shut off the account, no real explanation necessary.

John
__________________
74Argosy24MH is offline   Reply With Quote
Old 06-01-2005, 01:21 PM   #5
Aluminut
 
Silvertwinkie's Avatar
 
2004 25' Safari
. , Illinois
Join Date: Feb 2003
Posts: 10,334
Better standards for security are sorely needed for wireless Ethernet. Wired has had it for years, but wireless I think is sort of just now starting to tackle some of these issues.

One shameless plug is that you wouldn't have to worry about keystroke software being installed if you had a Mac...even less so if you had your firewall configured correctly.

But as the interview suggests, you go on someone else's network, anything is theirs for the taking if you transmitt through their equipment. Someone, somewhere can get it.

I agree and disagree with the idea that these can't be found. The police might not have the equipment, but there are tools that can narrow down the area the device is located. More over, if credit cards are being stolen, that starts to fall under a federal crime.... the FBI has a special group of folks that can get even more precise and make an arrest closing these evil twins down one at a time....but they are right, it's a fools paradise out there. You have to be careful.....
__________________
Computers manufactured by companies such as IBM, Compaq and millions of others are by far the most popular with about 70 million machines in use worldwide. Macintosh fans note that cockroaches are far more numerous than humans and that numbers alone do not denote a higher life form. -NY Times 11/91
Silvertwinkie is offline   Reply With Quote
Old 06-01-2005, 04:19 PM   #6
3 Rivet Member
 
somefun's Avatar
 
1974 27' Overlander
Puyallup , Washington
Join Date: Apr 2003
Posts: 124
Like my grandma used to say, "Never write down anything that you don't want anyone else to see." Even though this was in the pre-PC days, the same principle applies. I only feel semi safe on my encryped, firewalled home network. Even on employers' networks, all internet traffic goes through a proxy server, which can log all of your travels! As far as bank card numbers, etc., there's way more of a chance for that info to be stolen via dishonest merchants (or their employees) that you deal with face to face in everyday life, than online. (But you still need to be aware of such things as mentioned above!!)

Good info!
__________________
somefun is offline   Reply With Quote
Old 06-01-2005, 11:43 PM   #7
Aluminut
 
Silvertwinkie's Avatar
 
2004 25' Safari
. , Illinois
Join Date: Feb 2003
Posts: 10,334
There will be a special report on ABC news tomorrow night at 10pm (channel 7 local news here). Loved all the drama music in the background and scare methods they use to draw you into the story.
__________________
Computers manufactured by companies such as IBM, Compaq and millions of others are by far the most popular with about 70 million machines in use worldwide. Macintosh fans note that cockroaches are far more numerous than humans and that numbers alone do not denote a higher life form. -NY Times 11/91
Silvertwinkie is offline   Reply With Quote
Old 06-02-2005, 01:17 AM   #8
Dan&Barb 25'Safari FB/SE
 
CaliforniaStreamin's Avatar
 
2006 25' Safari FB SE
La Mesa , California
Join Date: Jul 2004
Posts: 159
Images: 33
Quote:
Originally Posted by Silvertwinkie
One shameless plug is that you wouldn't have to worry about keystroke software being installed if you had a Mac...even less so if you had your firewall configured correctly.
Does this mean a macs info can't be intercepted....I can breathe easier if the answer to this is "yes"!

We're going on our big trip soon and I pay my bills online so was going to use these "hotspots" along the way...maybe I'll rethink this and look into a more up to date cell phone?

Thanks for this post BTW, will pass this info on.

Barb
__________________
CaliforniaStreamin is offline   Reply With Quote
Old 06-02-2005, 07:33 AM   #9
Just an old timer...
 
85MH325's Avatar

 
Tipton , Iowa
Join Date: Mar 2003
Posts: 4,031
Images: 37
Jack, thanks for posting this. I hope you don't mind, but I copied your post in its entirety and reposted it on Fiberglassrv.com (properly crediting you, and AirstreamForums, of course) for the benefit of the members there. Great information.

Roger
__________________
AIR 2053 Current: 2006 Born Free 32 RQ Kodiak Chassis, & 1995 Coachmen B-van
Former Airstreams: 1953 Flying Cloud, 1957 Overlander, 1961 Bambi, 1970 Safari Special, 1978 Argosy Minuet, 1985 325 Moho, 1994 Limited 34' Two-door, 1994 B190 "B-Van"
85MH325 is offline   Reply With Quote
Old 06-02-2005, 08:00 AM   #10
Aluminut
 
Silvertwinkie's Avatar
 
2004 25' Safari
. , Illinois
Join Date: Feb 2003
Posts: 10,334
Quote:
Originally Posted by CaliforniaStreamin
Does this mean a macs info can't be intercepted....I can breathe easier if the answer to this is "yes"!

We're going on our big trip soon and I pay my bills online so was going to use these "hotspots" along the way...maybe I'll rethink this and look into a more up to date cell phone?

Thanks for this post BTW, will pass this info on.

Barb

I don't believe the Mac is exempt from someone doing packet sniffs, but they are exempt from 99% of the viruses, spyware and keystroke monitoring software thats our there. So the Reader's Digest version of all this is that you still should be extremely careful who's network you're using because no matter what platform you use on the Internet, we all talk on it using the same IEEE protocol.
__________________
Computers manufactured by companies such as IBM, Compaq and millions of others are by far the most popular with about 70 million machines in use worldwide. Macintosh fans note that cockroaches are far more numerous than humans and that numbers alone do not denote a higher life form. -NY Times 11/91
Silvertwinkie is offline   Reply With Quote
Old 06-02-2005, 08:33 AM   #11
Well Preserved

 
1993 21' Sovereign
Colfax , North Carolina
Join Date: Jun 2003
Posts: 20,193
Quote:
Originally Posted by Silvertwinkie
I don't believe the Mac is exempt from someone doing packet sniffs, but they are exempt from 99% of the viruses, spyware and keystroke monitoring software thats our there. So the Reader's Digest version of all this is that you still should be extremely careful who's network you're using because no matter what platform you use on the Internet, we all talk on it using the same IEEE protocol.
Hackers usually go for the biggest impact, most people use PC's, not MAC's. Sometimes, like this one, it is a good thing to be unpopular.
__________________

__________________
Meddle not in the affairs of dragons, for you are crunchy, and taste good with ketchup.
Terry
overlander63 is offline   Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Using Wi-Fi (AKA WLAN or wireless) in your AS silverback On The Road... 24 05-16-2011 09:28 AM
Wireless backup camera gklott Electronics & Connectivity 5 01-11-2005 01:23 AM
Wireless internet? krowsea Electrical - Systems, Generators, Batteries & Solar 9 08-20-2004 11:17 AM
Wireless Detector jcanavera Off Topic Forum 0 12-12-2003 10:23 AM
Wireless Web Reception niftypkg General Interior Topics 1 11-08-2002 09:03 PM


Virginia Campgrounds

Reviews provided by




Copyright 2002- Social Knowledge, LLC All Rights Reserved.

All times are GMT -6. The time now is 04:34 AM.


Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, Jelsoft Enterprises Ltd.

Airstream is a registered trademark of Airstream Inc. All rights reserved. Airstream trademark used under license to Social Knowledge LLC.