If you can read this, either the style sheet didn't load or you have an older browser that doesn't support style sheets. Try clearing your browser cache and refreshing the page.

(Phys Org2)   WAKE UP, Sheeple   (phys.org) divider line 42
    More: Scary, Google, online mapping, Right- and left-hand traffic  
•       •       •

14201 clicks; posted to Geek » on 30 Jul 2012 at 1:12 PM (2 years ago)   |  Favorite    |   share:  Share on Twitter share via Email Share on Facebook   more»



42 Comments   (+0 »)
   
View Voting Results: Smartest and Funniest

Archived thread
 
2012-07-30 11:47:23 AM
"Tech people think sniffing is fine; people who understand privacy think it's terrible,"

Black people drive like this:
i.minus.com
 
2012-07-30 12:34:25 PM
In before XKCD
 
2012-07-30 12:35:01 PM
Somebody in my neighbourhood has a WIFI network with no security named "default". There are routinely cars and vans parked at the end of the street for hours on end with people sitting in them looking down at their laps. I'm just waiting for the OPP to come in some night and bust them all for CP.
 
2012-07-30 01:16:00 PM

Ghastly: I'm just waiting for the OPP to come in some night and bust them all for CP


You're not down with OPP?
 
2012-07-30 01:18:27 PM
Best wall time ever: seeing the creds go up of a 'security guru' from our corp. Mind you, a security guru who was always rubbing folks the wrong way with his awesome attitude. Secondary bonus? After it got posted back at corp, he went on a defensive tirade for days blaming Apple.
 
2012-07-30 01:29:28 PM

Ghastly: Somebody in my neighbourhood has a WIFI network with no security named "default". There are routinely cars and vans parked at the end of the street for hours on end with people sitting in them looking down at their laps. I'm just waiting for the OPP to come in some night and bust them all for CP.


Doesn't Hammer town have their own police force?

The home owner deserves what ever happens from his ignorance. It's not like wireless networks are new, everyone who owns one should know it needs to be secured.
 
2012-07-30 01:38:54 PM

Ghastly: I'm just waiting for the OPP to come in some night and bust them all for CP.


www.railpictures.net
 
2012-07-30 01:39:38 PM

Saborlas: In before XKCD


Fine, I'll do it:

imgs.xkcd.com
 
2012-07-30 02:01:20 PM
Their justification that unsecured wireless comms deserve to be compromised is like saying grandma is too unsophisticated to figure out that the nice man is conning her out of her life savings, so she has it coming. Being ignorant or unsophisticated isn't a reason to let people take advantage of others.
 
2012-07-30 02:06:24 PM
Ghastly

"Somebody in my neighbourhood has a WIFI network with no security named "default"."

Someone that clueless deserves at least a little help. Toss envelopes with wifi 101information on front porches or nail notices to phone poles. It's definitely the right thing to do.
 
2012-07-30 02:14:37 PM

Sudlow: Ghastly

"Somebody in my neighbourhood has a WIFI network with no security named "default"."

Someone that clueless deserves at least a little help. Toss envelopes with wifi 101information on front porches or nail notices to phone poles. It's definitely the right thing to do.


Screw that. Take over the router, set up WPA2 with some long ass password and wait for the cable / telco to show up for the service call. Rinse. Repeat.
 
2012-07-30 02:20:12 PM
My Mom did the smart thing with her wireless. She is well aware that she knows little about computers, so she got me to come over and set it up for her. Her neighbors have trouble with people using their wireless, but she doesn't.

It's actually somewhat beneficial to have unsecured wireless near your home, though... Which one will the leechers go for; the open, visible network, or the hidden one with a 16-digit hex access code?

Of course, she called me six months later to ask how to disable the security. Apparently her house-sitter couldn't figure out how to follow the simple instructions I left for accessing the network. Instead of disabling it for her, I just called the house-sitter and walked her through getting connected.
 
2012-07-30 02:21:13 PM

jjorsett: Their justification that unsecured wireless comms deserve to be compromised is like saying grandma is too unsophisticated to figure out that the nice man is conning her out of her life savings, so she has it coming. Being ignorant or unsophisticated isn't a reason to let people take advantage of others.


LOL, ah humans, how can one not laugh?
 
2012-07-30 02:28:45 PM
Wifi has a 26-character/digit password here.

/Nobody getting in. Ever.
 
2012-07-30 02:31:42 PM

Lego_Addict: Doesn't Hammer town have their own police force?


Hammer town?
For Hamilton, Ontario?

/Srsly? LOL
 
2012-07-30 02:48:18 PM
Bankston said a key point was that while overhearing conversations isn't crimes, capturing wireless communications is unless the communication "is readily available to the general public."

Markus considered wireless transmissions to be just that, since gear to "sniff" the airwaves is easily available.


That's nerd logic right there. "ALL you have to do is..."
 
2012-07-30 03:07:15 PM

HotIgneous Intruder: Lego_Addict: Doesn't Hammer town have their own police force?

Hammer town?
For Hamilton, Ontario?

/Srsly? LOL


I forgot who I heard it from but it's a fitting name for an industrial wasteland.

You'll need a thick pair of goggles for the ladies in that town.
 
2012-07-30 03:20:48 PM
The Wall, created by Aires Security

Aries, dumbass. You know, like the ram.
 
2012-07-30 03:26:28 PM
Inspired by a Fark thread a few months ago, my router is named "fbi-van-12." Sure, someone could decipher my password and link in, but why would they risk it?
 
2012-07-30 03:36:50 PM
A person came into chat yelling at me about how Cloud Computing is going to destroy our jobs. He was mad because his company is going to Office 365 and they wont need him to manage a server anymore. That is a Public Cloud, he came yelling at me about it, in Private Cloud, where the company still manages the server. Guess since he didn't know the difference he is ready to put himself out of work.
 
2012-07-30 03:59:53 PM

jjorsett: Their justification that unsecured wireless comms deserve to be compromised is like saying grandma is too unsophisticated to figure out that the nice man is conning her out of her life savings, so she has it coming. Being ignorant or unsophisticated isn't a reason to let people take advantage of others.


If grandma is standing naked in front of a glass window which faces the sidewalk, is it still indecent exposure or do we not blame her because she can't figure out the curtains?

If you're broadcasting things, the contents of those broadcasts should be your responsibility. If you're unfit to control those broadcasts, you should either be not broadcasting anything at all or be prepared to suffer any consequences. Whining about wifi sniffing is the equivalent of printing out your personal information on leaflets, throwing them at people on the street , and then complaining when they read them. THOSE LEAFLETS WEREN'T MEANT FOR THEM. I DIDN'T REALIZE OTHER PEOPLE COULD READ!

Rhames: A person came into chat yelling at me about how Cloud Computing is going to destroy our jobs. He was mad because his company is going to Office 365 and they wont need him to manage a server anymore. That is a Public Cloud, he came yelling at me about it, in Private Cloud, where the company still manages the server. Guess since he didn't know the difference he is ready to put himself out of work.


Probably for the best. Doesn't seem like a good fit for managing other people's information.
 
2012-07-30 04:46:56 PM

Grapple: Ghastly: I'm just waiting for the OPP to come in some night and bust them all for CP

You're not down with OPP?


Yeah, you know me.
 
2012-07-30 04:48:09 PM

Lego_Addict:
Doesn't Hammer town have their own police force?


If I'm not mistaken in Ontario CP is under the jurisdiction of the OPP.
 
2012-07-30 04:48:22 PM

ProfessorOhki: If grandma is standing naked in front of a glass window which faces the sidewalk, is it still indecent exposure or do we not blame her because she can't figure out the curtains?


There is a reasonable expectation that you expect all people to know how curtains and a window work. Is it reasonable for elderly people to understand how wifi works and how packet sniffers work? Now as populations age and people have been using wifi for decades by the time they are elderly it would probably become a resonable expectation.
 
2012-07-30 05:06:19 PM

Sudlow: Ghastly

"Somebody in my neighbourhood has a WIFI network with no security named "default"."

Someone that clueless deserves at least a little help. Toss envelopes with wifi 101information on front porches or nail notices to phone poles. It's definitely the right thing to do.


When I worked for a tiny newspaper in Providence, we used to have meetings downtown at a tiny office with balky wifi (later fixed). One night when it went out, and I wanted to get online, I surveyed nearby signals. All were secured, but on a hunch I plugged in the SSID for one of them as the password. Bingo.

We noticed that their router was set to the wrong timezone. We set it correctly on the way out. We were tempted to change their SSID to something like ChangeYourPW, but felt that might be douchy.
 
2012-07-30 05:16:34 PM

marsgwar: ProfessorOhki: If grandma is standing naked in front of a glass window which faces the sidewalk, is it still indecent exposure or do we not blame her because she can't figure out the curtains?

There is a reasonable expectation that you expect all people to know how curtains and a window work. Is it reasonable for elderly people to understand how wifi works and how packet sniffers work? Now as populations age and people have been using wifi for decades by the time they are elderly it would probably become a resonable expectation.


It is reasonable that you understand the risks of any device you use before you use it. IMHO, the wifi device manufacturers would do well to include a little blurb about wireless security and the reasons for its importance in their manuals. This is the same reason you see warnings like "check to make sure saw is not locked in on position before plugging in." It's a tool that has a danger associated with its use, especially if done carelessly. If the user shouldn't be responsible for the use of the device, who should be?

If you're blasting RF through my body, I should have the right to inspect its nature. That doesn't necessarily imply the right to break encrypted packets because you can make an argument for an expectation of privacy. Idly, how about the people in the car next to you picked up your iPod FM broadcast accessory on the radio and they can hearing your cheap romance audio book?

/Yeah, active v. passive listening, but still
//What if you put a copyrighted song lyric as your SSID?
 
2012-07-30 05:35:09 PM

HotIgneous Intruder: Wifi has a 26-character/digit password here.

/Nobody getting in. Ever.


What a coincidence, WEP's length is 26 characters and its the weakest of them all ;)
 
2012-07-30 05:53:41 PM
In after XKCD
 
2012-07-30 06:18:02 PM
"If you overhear a conversation in a public place, a Starbucks for example, you are not doing anything illegal," Aires chief Brian Markus said as private data of "sheeple" was projected on a wall behind him. "For wireless, if you are monitoring it passively and you don't have to break into anything that should be legal."

Uh, no, it's not like "overhearing." It's like using a very sensitive microphone to listen in on people while they talk inside their homes. Nothing about getting into a wireless network is passive.
 
2012-07-30 06:37:03 PM
I don't quite get the big deal about secure wireless.

I understand somone could connect and download CP, inviting a midnight raid resulting in my dog being shot. In the event someone hacks it, and participates in a DOS or downloads CP, I'll actually have a tougher time convincing them it wasn't me than if I had an open network.

I also understand that someone locally can packet sniff any unsecured transmission*. From what I understand this is just as easily done across the internet (without the need to be local). Hence the use of HTTPS for secure transmissions. *I think packet sniffing is the term for listening secured transmissions in order to determine the password, I don't know what the other term is.

So, if you are on an unsecured network (your own or any other public place), what is the danger? I'm either on a Https connection or don't care what people sniff.

/for what it's worth I don't have an open network, but one that is easily hacked because of some older devices that don't support more secure protection.
 
2012-07-30 07:13:25 PM

TheGogmagog: I also understand that someone locally can packet sniff any unsecured transmission*. From what I understand this is just as easily done across the internet (without the need to be local). Hence the use of HTTPS for secure transmissions. *I think packet sniffing is the term for listening secured transmissions in order to determine the password, I don't know what the other term is.


Sniffing wired connections requires physical access to the wiring or some other access to the systems managing the data flowing over them (e.g. access to the routers). This is not exactly trivial in most cases. Nonetheless, using SSL/TLS for secure connections is indeed a good idea.

Wireless connections can be sniffed remotely (usually within a hundred meters or so, though antennas for longer ranged sniffing are widely available) with no need for physical intrusion or any evidence of said sniffing.

So, if you are on an unsecured network (your own or any other public place), what is the danger? I'm either on a Https connection or don't care what people sniff.

Indeed. I configured an OpenVPN server on a trustworthy, wired connection. Whenever I'm on a wireless or cellular connection I connect to the VPN -- anyone listening in will only see encrypted VPN packets being exchanged with the server. This protects all traffic from my system, not just SSL/TLS-secured sites, and so is quite useful.

I don't expect users to have a full, in-depth understanding of the systems they're using any more than I expect drivers to have a mechanics-level understanding of their vehicles. Still, I expect that a driver knows how to safely operate their vehicle, reasonably handle unexpected situations like a dog in the road or a tire blowout, know how to change a tire, know when to have the vehicle serviced, know how to check the levels of basic fluids (oil, washer fluid, etc.), and be able identify when something is out of the ordinary ("The car wasn't making that particular sound yesterday...").

Similarly, I expect people in a modern technical environment to keep their home systems reasonably secure: setting up a good wireless password is a good start, but things like keeping software patched and up to date is important. Kudos to Microsoft, Adobe, Google, Mozilla, and other software vendors for providing automated, no-user-intervention-required automatic updating for major systems and software. Also, kudos to Cisco: their new home wireless routers make a really big deal about properly setting up wireless security during the initial setup.

/all new wireless devices should default to WPA2-AES. WPA and WEP should be hidden behind some sort of "legacy security methods, not for use with modern devices" warning and not shown by default.
 
2012-07-30 07:25:24 PM
I am not surprised. Google is evil, and is slowly trying to take over the world. But the problem is they're so farking good at it. I mean who wouldn't sign up for cable and 1 gb/s internet at $120/month given the chance.
 
2012-07-30 07:52:43 PM

heypete: Also, kudos to Cisco: their new home wireless routers make a really big deal about properly setting up wireless security during the initial setup.


Yeah, I'm not quite sure if "kudos" is the right word for that one: Link. Pushing firmware updates by default is probably for the greater good... but there's a bit of a temptation there from the business side of things.
 
2012-07-30 08:02:51 PM
"Tech people think sniffing is fine; people who understand privacy think it's terrible," University of Pennsylvania distributed labs director Matt Blaze said during the session, referring to capturing wireless data.

As someone raised when the internet was a thing in the literal sense, but not yet in the figurative sense of the entire world being connected to it, here is what my mother had to say about information security in the 1980s, a saying that she got from my Grandmother, who grew up in the 1920s/1930s:

"Never say anything that you'd be ashamed for anyone, anywhere to hear. Never write anything if there's a single person in the world you don't want to read it."

I mean, the intended moral was more about gossip and being a nice person than actual information security as such, but it probably applies to your data as well: if you're kinda worried about your data, don't transmit it casually. If you're really worried about your data, don't transmit it at all unless absolutely necessary.
 
2012-07-30 09:02:20 PM

snake_beater: Fine, I'll do it:


This one works, too, and is more appropriate:
imgs.xkcd.com
 
2012-07-31 02:34:29 AM

ProfessorOhki: heypete: Also, kudos to Cisco: their new home wireless routers make a really big deal about properly setting up wireless security during the initial setup.

Yeah, I'm not quite sure if "kudos" is the right word for that one: Link. Pushing firmware updates by default is probably for the greater good... but there's a bit of a temptation there from the business side of things.


True. That is a dick move. Automatic firmware updates can definitely be for The Greater Good (THE GREATER GOOD!), particularly when they do Bad Things to other systems. Indeed, I frequently see Mikrotik routers get abused to send spam -- they evidently had an open proxy configured by default.

Similarly, making it easy to set up wireless security and hard (but not impossible, sort of like adding new certificate to Firefox) to skip configuring it is a good thing. Screwing around with those updates to do stupid crap like what you linked...no so much.
 
2012-07-31 04:15:18 AM

Anagrammer: snake_beater: Fine, I'll do it:

This one works, too, and is more appropriate:
[imgs.xkcd.com image 376x401]


It's always sent a chill through my circuits how all the posters that seriously use the word "Sheeple" all sound the same, like a flock of future lamb chops.
 
2012-07-31 07:15:05 AM

BumpInTheNight: HotIgneous Intruder: Wifi has a 26-character/digit password here.

/Nobody getting in. Ever.

What a coincidence, WEP's length is 26 characters and its the weakest of them all ;)


Even if it is WPA, a lot of new routers have a very convenient feature called WPS that will hand over all of the connection details in 11,000 attempts or less.
 
2012-07-31 07:21:00 AM
Every time I read a security panic article I wonder whether I'm doing enough to secure my WiFi. So I ask around, people who know more about network security than I do. The router's already hidden and encrypted, I've got the firewall and the antivirus software, but I always wonder if there's something more. The gurus I know all say it's fine.

Of course, they might just be saying that to make it easier to break in. Why give themselves a whole bunch of hoops to jump through?
 
2012-07-31 10:37:06 AM

marsgwar: ProfessorOhki: If grandma is standing naked in front of a glass window which faces the sidewalk, is it still indecent exposure or do we not blame her because she can't figure out the curtains?

There is a reasonable expectation that you expect all people to know how curtains and a window work. Is it reasonable for elderly people to understand how wifi works and how packet sniffers work? Now as populations age and people have been using wifi for decades by the time they are elderly it would probably become a resonable expectation.



It's socially irresponsible to release (broadcast) anything into public without understanding how it works and how it will effect yourself and others.
 
2012-07-31 10:42:49 AM

TheGogmagog: I don't quite get the big deal about secure wireless.

I understand somone could connect and download CP, inviting a midnight raid resulting in my dog being shot. In the event someone hacks it, and participates in a DOS or downloads CP, I'll actually have a tougher time convincing them it wasn't me than if I had an open network.



I've often wondered about that defense. Lets say someone gets into your local network and maliciously downloads that information to get you in trouble. Might be kind of hard as a System/Network Admin to claim ignorance.

This is genius ... I need to think this out real quick. Thanks for the idea mate!
 
2012-08-02 11:41:04 AM
Punish the stupid.
 
Displayed 42 of 42 comments

View Voting Results: Smartest and Funniest


This thread is archived, and closed to new comments.

Continue Farking
Submit a Link »






Report