7 Lies You tell Yourself about Your Wifi

…think again, even if most of your wireless network activities revolve around your personal and family life. There are seven lies about wireless protection; have you fallen prey to any of them?

1W#1 “I’m protected with my password.”

Even an amateur hacker can get past a password. Don’t think that WEP (wired equivalent privacy) can keep out hackers. It’s outdated. Its encryption abilities are flawed. Avoid WEP. Use WPA or WPA2. If you are on a free Wifi get Hotspot Shield VPN which protects your entire wireless session.

#2 “My ISP set up my wireless network, so it must be safe.”

Do you really think that big stupid cable company that’s can’t get a simple customer service call right really has your back? Many ISPs and equipment makers often use WEP as default protection—even big ISPs. Technicians who install your service usually do not automatically install a stronger encryption technology, and you end up getting hacked.

Nevertheless, ISPs and equipment manufacturers are slowly coming around to realizing this problem. More recent wireless gateways and also routers are using WPA for the default. If you have WEP, you may need to change it manually. Don’t assume you automatically have WPA. Find out if you have WEP or WPA. If your router is old, you may need to buy a new one to get WPA.

#3 “Breaking into my wireless is too expensive and difficult.”

Not anymore. A determined hacker can use a plain ‘ol laptop to crack long passwords. Tools are available for free or just a few bucks to do all the dirty work. All Mr Hacker needs to get going is to download free tools to carry out the deed.

#4 “Nobody wants to bother hassling around trying to break into my wireless; it’s not worth it.”

It may seem complicated to you, but not to an experienced hacker. Give him just 5-10 minutes and your wireless network could be in his hands. Even a beginner hacker could crack through your network in under an hour, courtesy of online tutorials. You need superb protection, not just good.

#5 “My credits no good, I’m small potatoes. Nobody is paying attention to me. I’m safe.”

A bored hacker who wants some fun doesn’t care if your data is highly sensitive government information or your kid’s soccer team standings. Just knowing he busted into your private life is enough to thrill him.

#6 “I have firewalls and my computer is patched.”

A “man-in-the-middle” attack can gain a hacker invasion of your communications. This type of attack is stealthy and slick, bypassing the victim’s human radar.

#7 “I’ll see a hacker in front of my house and stop him.”

No, you won’t. Your wireless boundaries don’t stop at your front door; they can extend to neighboring space, meaning that your signal “bleeds” out—horizontally and even vertically. Savvy users know they can stretch the bleed into a few blocks’ distance via cheap antennas. So down your street your attacker may be sitting inconspicuously in his car.

Hopefully your awareness of these lies you tell yourself has prompted you to take measures to upgrade your wireless network’s security with the right design and implementation.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield VPN. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

WiFi Security Truths and Falsehoods

Security truths evolve—meaning, they change, and you must keep up with this, particularly with wireless security. Advice for wireless security can quickly become outdated. There are actually three big wireless security myths swirling around.

3W#1. Limit the IP address pool to restrict number of devices that can connect.

Even if your cable company tech recommends this, it’s no good. The unfounded idea is that when the range of allowable IP addresses is limited, this makes it hard for hackers to connect. However, the size of the pool doesn’t matter because hackers can just determine which IP addresses are open and use those.

#2. Hide your network’s SSID to conceal it from hackers.

Nope, this won’t work either. Wireless routers broadcast their service set identifiers (SSIDs); your device shows these so you can see which Wi-Fi options are in range. The idea is to hide your network’s SSID to prevent hackers passing by from using them.

However, most devices today see networks even if the SSID is concealed. An apparently unavailable SSID won’t stop a hacker. If you think there’s no harm in blocking the SSID nevertheless, think again: Hiding it may make your network more appealing to the criminal, kind of like hiding the cookie jar—something must be pretty rewarding in there.

#3. Enable MAC address filtering to select who can connect.

Sounds like a plan, but it isn’t: Using router settings to enter the MAC (media access control) address of every device that connects to your network; entering the MAC address will permit only users with these addresses to gain access to your router, thereby keeping hackers off-limits.

But forget this hassle because all a hacker need do is analyze a network, identify allowable MAC addresses, and he’s in.

Security that actually works

  • Go for encryption—and the best, at that—for your router. The best currently is WPA2. Coupled with a strong password, this is a winning security plan. A strong password has at least 12 characters combining letters (upper and lower case), numbers and symbols. Get new hardware if your router doesn’t support WPA2.
  • VPN—a virtual private network such as Hotspot Shield VPN provides private communication over a public network. Transmissions of sensitive data will be private, such as between you (at home) and your employer.
  • VPN again, but this time, one you can use for when you’re using your device in unprotected public realms such as an airport or coffee shop. Using your device in public makes your data vulnerable to hijacking. This type of VPN protects you from hackers and other voyeurs from peeping in on your web surfing activities, credit card information, messages, etc.

Protect all your web surfing activities with a VPN, which secures your connection not only at home but in public (wired and wireless). Your identity is protected with a free proxy by providing HTTPS to secure all of your online transactions.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield VPN. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

Small Business Protect Your Wifi

With Wi-Fi, your data is literally in the air, up for grabs by anyone with the right tools. It needs protection from nearby users who may want to freeload off you (which can slow you down) or…hijack your accounts. You need encryption.

1WEspecially when you’re connected in airports, hotels, coffee shops, etc., almost always the connection is not secure.

Wi-Fi Security Options

Varying security levels are provided by WEP, WPA and WPA2. WEP is not secure. WPA provides moderate protection. WPA2 is the best. But you can use both WPA and WPA2. Use the “personal mode” (for one or two users) of WPA/WPA2 with a long, non-dictionary word passphrase.

For more than a few users, the “enterprise mode” is suitable, but requires a server. It has stronger security than personal, and each Wi-Fi user has his or her own password and username. Enterprise prevents snooping and hijacking among your organization’s employees.

Personal: To enable personal mode WPA2 on a wireless router, create a passphrase on access points or the wireless router. Type the IP address of each AP or router into a web browser to log into the control panel of each AP or router. Then enable WPA2-Personal with encryption/cypher type by finding the wireless security settings. Create a non-dictionary-word long passphrase—which is required to connect to the Wi-Fi.

Enterprise: You need a RADIUS server to get WPA/WPA2-Enterprise going. A hosted service will set up the server if you can’t. Some APs have built-in RADIUS servers. After the RADIUS server is all set up, input a password (shared secret), etc., for each AP or router. Input usernames and PWs for your organization’s Wi-Fi users into the RADIUS server.

Configure each AP or router with authentication and security settings. Log into the control panel of each AP or router by typing its IP address. Find the wireless security settings; enable the enterprise WPA2 (“WPA2”). Enter the IP address; input the password (shared secret). Users can now connect.

Robert Siciliano is an Identity Theft Expert to AllClearID. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him knock’em dead in this identity theft prevention video. Disclosures.

Crack Your WiFi Password To Protect Yourself

Ever wanted to be a hacker? Today, anyone can learn code and understand the ins and outs of all the technology we are simultaneously blessed and cursed with. But once you know how all this technology works to the point of calling yourself a hacker (which, by the way, isn’t necessarily a bad word), then everyone in your life will be calling you to fix their devices. Hackers are often technologists that are inventive, curious and take technology to the edge of its limits. They often break it so they can fix it.

2WAnyway, one of the more interesting hacking professions is the “penetration tester,” which is someone hired by companies to determine the vulnerabilities in a company’s networks and then patches those vulnerabilities so bad guys can’t get in. “Penntesters,” as they are known, are good-guy hackers also known as “white hats.” Their counterpart bad-guy hackers, known as “black hats,” are also penntesters—but they don’t do it to look for vulnerabilities to then secure the network; they do it to ultimately get in and steal stuff for their own personal gain.

One of the best ways to protect your own network is to hack your own network, as Lifehacker shows us here. “A new, free, open-source tool called Reaver exploits a security hole in wireless routers and can crack most routers’ current passwords with relative ease. Here’s how to crack a WPA or WPA2 password, step by step, with Reaver—and how to protect your network against Reaver attacks.”

What this hacker does is explain how the attack works, seeing the vulnerabilities users can use to reverse engineer this process to protect themselves.

Whether on your own network or on someone’s free wireless network, a VPN such as Hotspot Shield VPN  will mask a user’s IP address and protect all wireless data from thieves. But if a router is hacked, that vulnerability may still allow for an attacker to plant code on various devices. So check out the Lifehacker post and lock down your router with encryption.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield VPN. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247.

Beware of iOS app vulnerabilities when on WiFi

We know WiFi is insecure. When logging onto any open (often public and free) unencrypted WiFi, your data is there for all the snoopy snoopers to see and download for their own personal gain.

1W

But now researchers have found a whole new hack for you to protect yourself from. When iPhone users launch an application, the app sometimes has all its data right there on the device. But more often, the app is talking to its home server, meaning it’s calling home, and will download what you need on demand. An example would be a weather application that is definitely getting all its data from the app’s home server, while a game might have everything it needs on the device.

Still, even in the case of the game, there still may be ads on the game, and those would be streamed to the app. Researchers discovered that there seems to be an issue within iOS that allows for hackers to manipulate the server address the app calls out to in a way that allows the attacker to change the URL address to one that serves up malicious links that would download to the iOS device.

Currently, it is not known if criminal hackers are using this exploit; there are no known reports. The hopes are that Apple will make a quick fix and patch this vulnerability before attackers latch onto it.

Meanwhile, you should only download applications from trusted sources such as Google Play or iTunes—and only use a secure wired or wireless connection when going online. A VPN such as Hotspot Shield VPN will protect users data from the snoopy snoopers…but until Apples fixes this issue, all users are vulnerable.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield VPN. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247.

Employees putting data at risk on WiFi

Employees expect to uses their mobile devices at work, and employers often don’t mind because of the cost savings. However, being able to use personal smartphones and other mobile devices at the office creates problems for IT managers. A small business with 100 employees might have an additional 300 “bring your own device” users to contend with, all using phones, tablets and laptops. There are a lot of potential leaks there.

While a company’s IT department may have a solid grasp on company-issued laptops, desktops and mobile phones, it is almost impossible to control the various types of personal devices on the company’s network. When you get that new, shiny device and install various apps, and then plug it into your work desktop to update or sync necessary settings, files and folders, you’re putting all the data in the company at risk. Further, the IT guy has to worry about whether that last app you downloaded might infect the entire network.

A recent survey showed just how much employees who use public WiFi while commuting back and forth to work shows they are putting their companies’ data at risk. A survey conducted by GFI Software doesn’t paint a pretty picture. “The research findings reveal a stark and concerning trend among commuters—one of using their personal devices to catch up on work during their commuting downtime, but doing so over highly insecure internet connections that can be easily intercepted by other users or the operator of the access point. Mobile internet access is now firmly entrenched as a day-to-day norm, but with that has come an increasingly relaxed user attitude to data security, compliance and data governance policy. Companies need to address mobile device management to ensure that use in insecure environments doesn’t create vulnerabilities that could be exploited by criminals—both cyber and conventional.”

In the least, these companies should have policies that explicitly spell out what employees can and can’t do on their devices and if they are allowed at all on the network. But in reality, policies are only as effective as the consequences of not following them. If employers want to prevent data leakage, then enterprise-level software must be installed on each device that allows IT to lock, locate and wipe data, along with to restrict the device’s access to certain activities.

Having each device equipped with a VPN (virtual private network) like Hotspot Shield VPN is an effective way to encrypt the devices’ WiFi communications when on unencrypted public WiFi.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield VPN. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247.