An open community 
of Macintosh users,
for Macintosh users.

FineTunedMac Dashboard widget now available! Download Here

Topic Options
#4994 - 10/14/09 03:20 PM Wi-Fi query
grelber Offline


Registered: 08/05/09
Loc: North of 49th ||
I've never used a Wi-Fi connection and am curious as to how one would use the ubiquitously free Wi-Fi access, such as in airports, hotels, university campuses, etc.
In particular, how does one protect one's computer from being hacked/exploited when using such a network?
Simple question. Simple answer?
When I googled the issue, all I found were methods for hacking Wi-Fi passwords. Now, that's very unsettling.


Edited by cyn (10/15/09 01:33 AM)
Edit Reason: Moved from the Lounge to Networking.

Top
#4998 - 10/14/09 03:57 PM Re: Wi-Fi query [Re: grelber]
crarko Offline


Registered: 08/04/09
Loc: Minnesota USA
Disable all sharing services (file, iTunes, etc) and if you do transactions on websites with passwords you care about make sure they are secure (https://) sites. This also includes email; if it is not encrypted (via SSL) your password is liable to be transmitted in plaintext, which may be picked up by someone running a packet sniffer on the same network.
_________________________
---

The opposite of a fact is falsehood, but the opposite of one profound truth may very well be another profound truth. - Niels Bohr

Top
#4999 - 10/14/09 04:01 PM Re: Wi-Fi query [Re: grelber]
tacit Offline


Registered: 08/03/09
Loc: Portland, Oregon, USA
When you connect to a public WiFi network, that does not allow people into your computer; to do that, you would need to turn on file sharing. As long as file sharing isn't on, you're not going to let anyone else in.

So the odds of someone "hacking in" to your computer are pretty much nonexistent as long as you're not running file sharing or some other sharing service.

However, that doesn't mean that public networks are completely safe. There are a number of other things you should be aware of.

The first is that people, especially in airports, will set up bogus wi-fi networks with names like "Free internet access".

There are two kinds of Wi-Fi network: regular networks, where your computer attaches to a wireless router, and peer-to-peer or "ad-hoc" networks, where your computer attaches to another computer that is attached to the Internet. When you use an ad-hoc network, yeverything you do passes through the other computer.

So the way the scam works is that the scammer will take his laptop into an airport and pay for access to the airport's wireless. He will then set up an ad-hoc network and name it something like "free internet access." Everyone who connects to him gets Internet access through his laptop, and he uses his laptop to record everything that passes through. Ever Web site password, every email, every mail password, everything goes through his computer and gets recorded.

Your Mac will clearly show you the difference between a regular and ad-hoc network. When you click on the airport symbol, you will see a list of regular wi-fi networks. Then, under a column heading labeled "Computer to Computer Networks," you will see a list of ad-hoc networks. Never choose an ad-hoc network in a public place; it's likely a scam.

The other thing to be aware of is that when you connect to a wireless network that has no password, all the things you send and receive are being transmitted by radio over the air. Anyone who is running a wireless packet sniffer program can see what you see.

This is not true for secure Web sites (Web sites you connect to using https:// rather than http://) but it is true of anything that is not secure, including email (if you connect to your email servers using non-secured connections), FTP, and ordinary non-secure Web sites. So if you are using a public network that does not have a password, you should be aware that it is at least theoretically possible for someone to eavesdrop on you.
_________________________
Photo gallery, all about me, and more: www.xeromag.com/franklin.html

Top
#5021 - 10/15/09 03:46 AM Re: Wi-Fi query [Re: tacit]
grelber Offline


Registered: 08/05/09
Loc: North of 49th ||
Merci, crarko and tacit.

So, the takeaway lesson for safe use of public Wi-Fi networks is:
(1) Disable filesharing, and
(2) Make sure to use 'regular' network access.

Ancillary query: Will the new device-to-device Wi-Fi standard bring with it a whole new set of 'insecurities'?

Top
#5034 - 10/15/09 11:19 AM Re: Wi-Fi query [Re: grelber]
Virtual1 Offline


Registered: 08/04/09
Loc: Iowa
I can recall numerous examples of where someone set up such an ad-hock network at a computer conference, harvested email logins and passwords, and used them during one of the security seminars on one of the following days.

Sobering for some to look up at the projector screen up front and see their email address and the first and last characters of their password...
_________________________
I work for the Department of Redundancy Department

Top
#5178 - 10/21/09 04:23 AM Re: Wi-Fi query [Re: tacit]
ryck Offline


Registered: 08/04/09
Loc: Okanagan Valley
Originally Posted By: tacit
.... when you connect to a wireless network that has no password, all the things you send and receive are being transmitted by radio over the air. Anyone who is running a wireless packet sniffer program can see what you see.


Any chance of a bit of clarification on "radio" versus the signal we transmit and receive using our wireless Airport? Am I correct to assume that this also applies to folks who use those 'other' computers?

ryck
_________________________
ryck

iMac (Retina 5K, 27", 2017), 3.4 GHz Intel Core i5, 8GB RAM, 2400 MHz DDR4
OS Mojave 10.14.6
Canon MX710 Printer
Epson Perfection V500 Photo Scanner
Carbon Copy Clone on 1TB LaCie USB-C
Carbon Copy Clone on 500GB OWC Mercury OTG Pro

Top
#5180 - 10/21/09 06:40 AM Re: Wi-Fi query [Re: ryck]
alternaut Offline

Moderator

Registered: 08/04/09
Yes, this also applies to the computer users on the other side of any 'conversation'. Anywhere such transmissions are unprotected they can be eavesdropped upon, and all participants are vulnerable to this including those who are 'hard wired' to the internet. The eavesdropper only needs to listen and record at the weakest link.

For the radio specs involved check out this Wikipedia link, but realize that to listen in on WiFi conversations you essentially already have all the necessary hardware and software with a WiFi enabled laptop, and only need an access password, if that...
_________________________
alternaut moderator

Top
#5183 - 10/21/09 10:39 AM Re: Wi-Fi query [Re: alternaut]
ryck Offline


Registered: 08/04/09
Loc: Okanagan Valley
Thanks...so here's what I think it is.

I've done all the file Sharing, Firewall stuff and am transmitting at whatever frequency my computer uses. If I connect to an http:// site I have no "over the air" protection and a packet sniffer can receive the signal.

If I connect to an https:// site a password is required to read the "over the air" signal and the packet sniffer is out of luck.

ryck

Oh yes, and I also assume a packet sniffer isn't one of those airport dogs looking for contraband.
_________________________
ryck

iMac (Retina 5K, 27", 2017), 3.4 GHz Intel Core i5, 8GB RAM, 2400 MHz DDR4
OS Mojave 10.14.6
Canon MX710 Printer
Epson Perfection V500 Photo Scanner
Carbon Copy Clone on 1TB LaCie USB-C
Carbon Copy Clone on 500GB OWC Mercury OTG Pro

Top
#5194 - 10/21/09 07:30 PM Re: Wi-Fi query [Re: ryck]
tacit Offline


Registered: 08/03/09
Loc: Portland, Oregon, USA
Originally Posted By: ryck
Thanks...so here's what I think it is.

I've done all the file Sharing, Firewall stuff and am transmitting at whatever frequency my computer uses. If I connect to an http:// site I have no "over the air" protection and a packet sniffer can receive the signal.

If I connect to an https:// site a password is required to read the "over the air" signal and the packet sniffer is out of luck.

ryck

Oh yes, and I also assume a packet sniffer isn't one of those airport dogs looking for contraband.


Yep.

WiFi is radio. When you connect to a WiFi network, the radio receiver and transmitter in your computer exchange data with the radio receiver and transmitter in the base station.

When you use a WEP or WPA password to access a WiFi base station, the radio signal is sending encrypted information; other people can receive the radio signal but they can't decode it or make sense of it without the password.

When you connect to a Web site using https:// then your computer and that Web site are sending information to each other encrypted. If you connect to a wireless WIFi base station with no password, the information going between your computer and the Web site is still encrypted. When you connect to a WiFi base station using a WEP or WPA password, the information going between your computer and the Web site are encrypted twice (once by the radio link and once by the https:// protocol), so even a person who has the base station password still won't be able to decrypt and make sense of it.

A packet sniffer is nothing but a program that shows you all the network traffic going on around you. When you are communicating with a WiFi base station, you're sending data over the air, and anyone who has a packet sniffer program can see everything that your computer is sending and receiving. But if it's encrypted, by using a WiFi password or by using https:// or both, they can't read it.
_________________________
Photo gallery, all about me, and more: www.xeromag.com/franklin.html

Top
#5209 - 10/22/09 11:08 AM Re: Wi-Fi query [Re: tacit]
ryck Offline


Registered: 08/04/09
Loc: Okanagan Valley
Thanks very much. It's all appreciated.

I belong to a large association of broadcasting pensioners and travel is a big item for a lot of them. Many travel with their laptops (what better way to kill time between flights) and this will be very useful information. I'll be passing it along and, of course, advising the Mac owners that they should be signing up at MFF.

ryck
_________________________
ryck

iMac (Retina 5K, 27", 2017), 3.4 GHz Intel Core i5, 8GB RAM, 2400 MHz DDR4
OS Mojave 10.14.6
Canon MX710 Printer
Epson Perfection V500 Photo Scanner
Carbon Copy Clone on 1TB LaCie USB-C
Carbon Copy Clone on 500GB OWC Mercury OTG Pro

Top
#5212 - 10/22/09 01:59 PM Re: Wi-Fi query [Re: ryck]
artie505 Online


Registered: 08/04/09
> [...] advising the Mac owners that they should be signing up at MFF. (Emphasis added)

I certainly hope you meant F(ine)T(uned)M(ac). wink
_________________________
The new Great Equalizer is the SEND button.

In Memory Of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire

Top
#5216 - 10/22/09 03:09 PM Re: Wi-Fi query [Re: artie505]
ryck Offline


Registered: 08/04/09
Loc: Okanagan Valley
Originally Posted By: artie505
> [...] advising the Mac owners that they should be signing up at MFF. (Emphasis added)

I certainly hope you meant F(ine)T(uned)M(ac). wink


FTM absolutely. Chalk it up to either being in too much of a rush, or a synaptic short circuit.

ryck
_________________________
ryck

iMac (Retina 5K, 27", 2017), 3.4 GHz Intel Core i5, 8GB RAM, 2400 MHz DDR4
OS Mojave 10.14.6
Canon MX710 Printer
Epson Perfection V500 Photo Scanner
Carbon Copy Clone on 1TB LaCie USB-C
Carbon Copy Clone on 500GB OWC Mercury OTG Pro

Top

Moderator:  alternaut, dianne, MacManiac