Why are there so many unprotected WIFI networks?

[PVR_Extremist]

You have to be careful on the insurance front. If an insurer can demonstrate that you haven't been diligent enough with your IT security they will not pay up in the event of someone else fraudulently using your banking details.

Go check the terms and conditions of your online bank and/or your insurer....

Back to Wifi.

If you have SOME security, be it WPA or WEP, it provides a deterent more than anything else. Since there are lots of unsecured wireless lans out there a casual hacker will always defer to the easy target unless he knows that choosing you has a much greater risk/reward ratio. In that knowledge resides our first layer of security, ANYTHING > NOTHING

Glad you've got WEP set up LB. Wasn't too hard was it ???

Perhaps you can try WPA at some stage too

 

[Bouncing Zabaglione Bros.]

That's why we have insurance. One can't be paranoid and looking over their shoulders 24/7, like he can't be held liable if something criminal happens to him without him knowing. Like car accidents, shit happens, but people have insurance so they don't need to worry about losing lots of money because of other people's fauls or crimes.

LOL! That really won't help you when it come to identity theft. Or when your ISP cancels your account because "you've" been hacking/spamming other customers from your IP. Or when the police knock on your door to ask why you've been trying to buy mail-order goods with stolen credit cards.

Security is inconvenient, it is something that you actively have to persue - but it's a lot less painful that the alternative. You lock your door everytime you leave your house don't you? You don't just say "well we locked the door when we went out last week, so it doesn't matter if I didn't bother when I left the house today and we get burgled, because we've got insurance"?

Ultimately, it's up to you. You could just plead ignorance as you did about Wi-Fi security at the beginning of this thread, as most people do. You could just do a little securing (as you now have done thanks to this thread) and keep your fingers crossed. You could actually do some research and try to actively protect yourself on an ongoing basis.

It's up to you to see a little work now as being a good deal against the alternative of having your bank/personal/identity details stolen. Shrugging your shoulders and saying "We have insurance, my neighbours arn't going to hack me or else they would have done it already, I don't keep my bank details on my PC, I've enabled WEP, etc" - that's just denial, because trying to protect yourself just seems like too much hard work to you.

 

[London Geezer]

Glad you've got WEP set up LB. Wasn't too hard was it ???

Perhaps you can try WPA at some stage too

See that's the thing, i mean if now someone wants to really get into my PC (not sure why, maybe to get into my immense collection of live performances by Mariah and other vocalists, cause i put all my *other stuff* on DVDs), he will crack WEP, and he will also crack WPA in case i put that one. Sure, it's harder, but in the end, a determined hacker will succeed if he really wants to.
So, i'll stay with WEP and MAC filtering.

I have bought something on my CC lately though, so u never know...

 

[Simon F]

That's why we have insurance.

But insurers often insist that you have certain types of locks installed on your doors and (pardon the pun) windows.

If you leave them wide open then they might not pay up.

 

[London Geezer]

That's why we have insurance.

But insurers often insist that you have certain types of locks installed on your doors and (pardon the pun) windows.

If you leave them wide open then they might not pay up.

MAC filtering should be a good enough lock, WEP or not WEP. Besides, if they ever told me they wouldn't pay, i'd hack (or get someone to do it for me) into someone's network and get enough money to pay for my loss

Eye for an eye.

 

[PVR_Extremist]

Some manufacturers are now making WPA security a one click operation to set-up on their kit.

My Zyxel Prestige 660HW with the latest firmware does just that.

You click a button, it sets up the router with a WPA key, gives you details of that key that you have to put into the clients adaptor within 5 minutes, then it changes the key and automatically updates the clients key with the new key (if you see what I mean)

Works well.

Sadly, WPA has a re-authentication feature which bombs my cheapo NIC off the network for a couple of seconds. Not good in the middle of a CS firefight. My laptop NIC though copes fine with it. I went back to WEP because of this.

So, should all manufacturers ship "secure" out of the box ??

 

[London Geezer]

So, should all manufacturers ship "secure" out of the box ??

I'm surprised they don't!!
I mean, they should leave the choice, really, but i think the default option should be "secured", cause most laymen won't know what to do.

 

[Frank]

So, should all manufacturers ship "secure" out of the box ??

I'm surprised they don't!!
I mean, they should leave the choice, really, but i think the default option should be "secured", cause most laymen won't know what to do.

Well, yes, but it has to work as well. And while it's now much better than a year ago, it's still trial and error getting encrypted WiFi to work most of the time.

If it was really transparent to do, no matter what hardware you're using, it would be secure out of the box.

For example, while the Windows zero config thing works well most of the time, it still messes up your connections when there is more than one network in the neighborhood. And even if it works as expected, quite a lot of the older cards will only function if you disable the windows auto-config, and use the supplied driver and wireless utility instead.

So, we still have some way to go for secure WiFi out of the box.

 

[randycat99]

Is it just certain brand wireless routers that do MAC filtering? I looked into doing that on mine, but there doesn't seem to be anywhere to adjust something like that. There is an area to do IP scopes, but not MAC filtering. By "MAC filtering", are you referring to static MAC entries or something else entirely different? ...or is it just switch-type of devices (rather than a router device) that allows you to work with MAC tables and such?

 

[PVR_Extremist]

Yes with Mac filtering you usually get a number of fields into which you can enter mac addresses of client NIC's, and then choose to either ENABLE them or DISABLE them.

Most modern wireless routers and access points support it.

Maybe a firmware upgrade might make the feature available on yours. Check your manual for references to it too.

HTH

 

[ndoogoo]

Just imaging how many open Wifi networks there are going to be when mum and dad buy little Tom a next generation console and a little black Wifi box to play games online for Christmas.

Dad gets a letter through the door. RIAA is taking you to court for illegally having over 5000 MP3s. Dad charges upstairs and shouts at Tom, what have you been doing?

Meanwhile Mr X next door hears the shouts while downloading MP3s... Teeheeheeheehee.

P.S Little Tom thinks his new console is crap because he keeps getting very high pings(1000+ms) and Halo 3 feels really sluggish

 

[see colon]

i know a guy who has an unprotected wireless network simply for the "it wasn't me i have an unprotected wireless network" excuse should the time come. of course, i think that defense might fall to pieces if they actualy take a look at how everything is configured. he's limiting the speed to B standards and capping the upload rate even further so it won't slow down his connection. it's a pretty funny idea, though.

 

[Randell]

That's why we have insurance. One can't be paranoid and looking over their shoulders 24/7, like he can't be held liable if something criminal happens to him without him knowing. Like car accidents, shit happens, but people have insurance so they don't need to worry about losing lots of money because of other people's fauls or crimes.

Tell me the insurance policy that pays your debts/refills your bank account after identity theft?

 

[London Geezer]

That's why we have insurance. One can't be paranoid and looking over their shoulders 24/7, like he can't be held liable if something criminal happens to him without him knowing. Like car accidents, shit happens, but people have insurance so they don't need to worry about losing lots of money because of other people's fauls or crimes.

Tell me the insurance policy that pays your debts/refills your bank account after identity theft?

I don't bank online.

 

[Randell]

I don't bank online.

not the point - you say no worries - that's why we have insurance as a general I couldn't care less to online id theft issues. I'm asking you to point to the policy that will reimburse those average joes who are lax in pc security and get money stolen.

 

[Bouncing Zabaglione Bros.]

I don't bank online.

Ever buy anything online using your credit card?

 

[randycat99]

Is that not encrypted on the protocol level, anyway? (https)

Now if you were referring to the habit of keeping credit card numbers stored on your computer, well that takes a certain level of computer naivety, no? To that, it should be noted- Don't store credit card numbers on your computer! The same strategy should apply to bank account numbers, as well.

 

[pcchen]

Is that not encrypted on the protocol level, anyway? (https)

Now if you were referring to the habit of keeping credit card numbers stored on your computer, well that takes a certain level of computer naivety, no? To that, it should be noted- Don't store credit card numbers on your computer! The same strategy should apply to bank account numbers, as well.

I store my credit card number in my brain
However, sometimes on-line stores like to keep their customer's credit card numbers (to make it "more convenient" to customers, and maybe thieves), although in most cases you can ask them to not to do it.

 

[randycat99]

Agreed, and it's my personal policy to always opt to "not store" on websites I do retail at. There's only one website I deal with that insists on keeping a CC on file. Luckily I don't have to do frequent business with them. I guess the big violation of that policy is the direct-pay accounts I have for my utilities. I guess that's the point where I have to throw my hands up and think they better damn well have their security like a friggen bank vault if they are going to be holding my "jewels" like that.

 

[London Geezer]

I don't bank online.

not the point - you say no worries - that's why we have insurance as a general I couldn't care less to online id theft issues. I'm asking you to point to the policy that will reimburse those average joes who are lax in pc security and get money stolen.

Hey i know, but we were talking about me! And well, i don't know about you, but i have insurance on my bank account to prevent this kind of thing... I pay for it, so why can't i be a little wrecky...