wi-fi - Blog - Global Risk Community2024-03-29T11:51:57Zhttps://globalriskcommunity.com/profiles/blogs/feed/tag/wi-fiHow a Wi-Fi Hacker Snoops on Your Laptop and Mobilehttps://globalriskcommunity.com/profiles/blogs/how-a-wi-fi-hacker-snoops-on-your-laptop-and-mobile2020-01-30T15:57:26.000Z2020-01-30T15:57:26.000ZRobert Sicilianohttps://globalriskcommunity.com/members/RobertSiciliano<div><p>You have likely heard of the dangers of using unsecure public Wi-Fi, so you know that hackers are out there snooping. It is pretty easy to hack into a laptop or mobile device that is on a public Wi-Fi connection with no protection. Hackers can read your emails, steal passwords, and even hijack your website log ins.</p><p><img src="https://activerain-store.s3.amazonaws.com/image_store/uploads/agents/robertsiciliano/files/4W.jpg" alt="" width="300" height="328" align="right" /></p><p>Let’s imagine that you are in a local coffee shop with your laptop. All someone has to do is download a wireless network analyzer, which usually has a free trial, and with the right hardware and additional software they can often see what everyone is viewing online…unless they are protected. In some cases they can also read your emails that are going out and received, as well as texts you might be sending. Scary, right?</p><p><strong>Tips on How to Use a Wi-Fi Hotspot Safely</strong></p><p>You now know what you are up against when you connect to a public Wi-Fi spot, but you should also know that you can use them with some safety in mind. Here are some tips:</p><ul><li>When you log onto a website, only use an encrypted connection. This means use the URL that begins with HTTPS, not HTTP. Keep an eye on that as you move from page to page because some sites will send you to an unsecured page, which makes you vulnerable.</li><li>There are also many websites out there that will allow you to encrypt your browsing session automatically. Facebook, for instance, has this. To turn it on, go to your “Security” settings on the site, and then enable “Secure Browsing.”</li><li>If you are going to check your email, login to your web browser and then ensure that your connection to your email client is encrypted. (Check by looking at HTTPS). If you are using Outlook, or another email client, make sure that your settings are set for encryption.</li><li>Don’t use any service that is not encrypted when you are on a public Wi-Fi connection.</li><li>Consider using a VPN when you are connecting to a public Wi-Fi connection. There is a small fee for this, but it’s well worth it.</li><li>Beware of “evil twins” which are rogue networks designed to mimic legitimate networks. Example “ATT WiFi” my be “Free ATT WiFi”. Other than downloading special software that detects evil twins, the best case is to ask someone who’s knowledgeable as to which network is the safest.</li><li>If you are on a private network, make sure you realize that they are also vulnerable. Anyone who knows how can spy on the network. Again, use WPA or WPA2 security so the connection is encrypted. However, if someone guesses or knows the password, they can still spy on any device that is connected</li></ul><p>ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of<span> </span><a href="https://creditparent.com/" target="_blank">CreditParent.com</a>, the architect of the<span> </span><a href="https://protectnowllc.com/" target="_blank">CSI Protection</a><span> </span>certification; a Cyber Social and Identity Protection<span> </span><a href="https://safr.me/actnow/" target="_blank">security awareness training</a><span> </span>program.</p></div>“Angst” Against Encryption: National Security and the Surveillance State. The Global Crackdownhttps://globalriskcommunity.com/profiles/blogs/angst-against-encryption-national-security-and-the-surveillance2015-12-07T21:33:02.000Z2015-12-07T21:33:02.000ZEnrique Raul Suarezhttps://globalriskcommunity.com/members/EnriqueRaulSuarez<div><p><a href="{{#staticFileLink}}8028241873,original{{/staticFileLink}}"><img width="286" class="align-center" src="{{#staticFileLink}}8028241873,original{{/staticFileLink}}" alt="8028241873?profile=original" /></a></p><h2 style="text-align:center;"><strong>“Angst” Against Encryption: National Security and the Surveillance State. The Global Crackdown</strong></h2><p></p><p style="text-align:center;">Source:</p><p></p><div class="meta"><div class="post-info"><div class="author" style="text-align:center;"><a title="Posts by Binoy Kampmark" href="http://www.globalresearch.ca/author/binoy-kampmark">Binoy Kampmark</a></div><div class="author" style="text-align:center;"></div><div class="author" style="text-align:center;"></div><div class="grDate" style="text-align:center;"></div><div class="grDate" style="text-align:center;">Global Research, December 07, 2015</div><div class="grDate" style="text-align:center;"></div><div class="grDate" style="text-align:left;"></div><div class="grDate" style="text-align:left;"><p></p><p id="yui_3_16_0_1_1449493935811_4490"><em>State bureaucracy has a universal operating rationale: if an error occurred because of a flaw in the system, an oversight perhaps, or because of ill-planning, the solution shall relate to something else. It should be termed the iron law of non-resolution. It is one that holds resolutely in intelligence and security circles.</em></p><p id="yui_3_16_0_1_1449493935811_4496">For the vast sums being put into defence and security, states across the globe find themselves numerous steps behind anticipating attacks. The starkest illustration of this was the November 13 attacks on Paris, a cruel unmasking of the national security state’s inability to do what it was meant to. All that surveillance, all that eye-gazing and accumulation – to what end?</p><p>A notable point in all of this is that it took human indifference, an arrogant callousness that refused to accept intelligence from another agency. The excuse: security agencies get that all the time. Shrug the shoulders and go back to bed. Not that it was the sole cause – far from it – but it was fundamental. Errors are ultimately traceable to human agency.</p><p id="yui_3_16_0_1_1449493935811_4497">The one system that remains a perceived friend and foe of government and state authorities in general is the Internet and the labyrinthine channels of communication it offers. It could not be anything else, being itself a child of the military. It was initially built to facilitate survival and secrecy, rather than its anti-twin, transparency. Unsurprisingly, it has become a rather vigorous battleground over encryption technologies.</p><p id="yui_3_16_0_1_1449493935811_4499">Political representatives, feeling the pinch about the need to do something – anything – after a dramatic attack, have found the subject nearest to their loathing: encryption. Ranking intelligence committee chair Senator Dianne Feinstein from California has gone so far as to call encryption the Internet’s “Achilles’ heel” when it is, in fact, its invaluable, strengthened torso.<a title=""></a>[1]</p><p>Feinstein’s Jekyll-Hyde reasoning here is that privacy will be protected by the surveillance state because the State is not particularly interested in the frivolities of the ordinary citizen. It is the greatest canard of all: data collection programs, and the means to access communications data, actual serve a broader public good. We are the eyes in the background overseeing that good is done. But repeatedly, Feinstein’s assertions that such programs target “foreign governments, terrorist groups and overseas criminal syndicates” have been shown to be a product of either a deceptive mind, or at least an overly convinced one.</p><p>What a tease and annoyance encryption has become for intelligence and security personnel who struggle to fulfil their briefs. Chatter between terrorist cells, it was said, took place discretely and secretly. Yet even French authorities admit that the November 13 attacks were not facilitated by encrypted communications.</p><p id="yui_3_16_0_1_1449493935811_4500">Many such attacks tend to be preceded by boisterousness, a screech promising martyrdom plastered across social media postings. A notable feature of ISIS recruits and others who have joined the jihadi fruit salad of brutal converts is their distinct inability to shut up. Gabble before you die. If you want to find them, just scroll down the lists, scour the search engines, and sip your coffee.</p><p>In France, a heated effort is underway to target systems that ensure strong encryption protections. While these are still at a planning stage, the fact that they have made it to the memorandum continues to show the jittery nature of responses to November 13. According to <em>Le Monde</em>, it has obtained an internal document from the Ministry of Interior authored by the French Department of Civil Liberties and Legal Affairs outlining two key proposals to be brought before France’s parliament.</p><p>One proposed bill involves looking at ways to ban Tor (the onion router), a service that is attractive in anonymising Internet users.<a title=""></a>[2] The document suggests that efforts could be made “to block or forbid communications of the Tor network” that would go beyond that of a state of emergency. This would be a tall order, but not impossible, if authorities can arm-wrestle internet service providers to do their bidding.</p><p id="yui_3_16_0_1_1449493935811_4501">“Shared or open” Wi-Fi networks during a state of emergency are also on the table, and would be the subject of a second bill, ostensibly as a counter-terrorist measure. Again, the rationale here is that suspects can engage in clandestine communications using publically available Wi-Fi networks beyond tracking.</p><p>The markedly daft suggestion? Shut down the hotspots; close down the access points. Never mind the basic fact that many such suspects use open communications on unencrypted technologies.</p><p>Much of this is also state sloth, the imperative of the failed; officials simply uninterested in making efforts to, for instance, crack Tor communications. Researchers at Carnegie Mellon’s Computer Emergency Response Team staged an attack on the service last year between February and July that demonstrated that deanonymizing could also be initiated.<a title=""></a>[3] Bad for Tor, but surely a point that should have been jotted down by the sleuths.</p><p>Other efforts have also been made to limit Tor’s use in China, whose authorities work around the clock to limit various services available through the Internet in what has been called the Great Firewall of China. Blocking sites is a regular feature, and VPN services have become a subject of particular interest.<a title=""></a>[4]</p><p id="yui_3_16_0_1_1449493935811_4502">That will not come as surprising to the tech watchers and liberty lovers who insist that the PRC is prone to such measures. But when the President of the United States does more than hint at weakening encryption to defeat a foe, all take notice. In his Oval Office address on Sunday, Barack Obama revealed he would “urge high-tech and law enforcement leaders to make it harder to use technology to escape from justice.” It should, however, be said that the White House rejected a proposal in October that would have permitted authorities the means to weaken encryption technologies.<a title=""></a>[5]</p><p>FBI director James Comey, undeterred, will keep up the pressure to do so, having badgered Apple and Google for some time to render their products more readily accessible to law enforcement authorities. (Call it Comey’s “back-door” rationale to encryption, if you will.)</p><p>The disease that misrelates the actual cause to the hypothetical extends into coverage of terrorist attacks as well, with media outlets running blind with the official line of speculation that the terrorists involved in Paris just might have used encrypted services.</p><p>Trevor Timm in the <em>Columbia Journal Review</em> noted the trend all too well: “Why were officials saying it was ‘likely’? Not because they had actual evidence, but because they assumed that if authorities <em>didn’t</em> know about the plot in advance, the terrorists <em>must have</em> used encryption.”<a title=""></a>[6]</p><p>Timm rounds off with the obvious point that encryption had become “an important tool for journalists of all stripes,” protecting computers, phones, daily conversations with sources via text message or email that might be snared in the surveillance dragnet. And not just journalists. Undermining end-to-end encryption services may make accessing information by state authorities easier; but it will not make them more competent. What diminishes online security for some invariably diminishes it for all.</p><p> </p><div><em><strong>Dr. Binoy Kampmark</strong> was a Commonwealth Scholar at Selwyn College, Cambridge. He lectures at RMIT University, Melbourne. </em></div><div><strong>Notes:</strong></div><div><p id="yiv3700375826ftn1"><span>[1] <a id="yui_3_16_0_1_1449493935811_4514" href="http://www.cbsnews.com/videos/feinstein-the-achilles-heel-in-the-internet-is-encryption/" target="_blank" name="yui_3_16_0_1_1449493935811_4514">http://www.cbsnews.com/videos/feinstein-the-achilles-heel-in-the-internet-is-encryption/</a></span></p><p id="yui_3_16_0_1_1449493935811_4513"><span>[2] <a id="yui_3_16_0_1_1449493935811_4512" href="http://www.lemonde.fr/attaques-a-paris/article/2015/12/05/la-liste-musclee-des-envies-des-policiers_4825245_4809495.html" target="_blank" name="yui_3_16_0_1_1449493935811_4512">http://www.lemonde.fr/attaques-a-paris/article/2015/12/05/la-liste-musclee-des-envies-des-policiers_4825245_4809495.html</a></span></p><p><span>[3] <a id="yui_3_16_0_1_1449493935811_4510" href="http://gizmodo.com/attack-on-tor-has-likely-stripped-users-of-anonymity-1613247621" target="_blank" name="yui_3_16_0_1_1449493935811_4510">http://gizmodo.com/attack-on-tor-has-likely-stripped-users-of-anonymity-1613247621</a></span></p><p id="yui_3_16_0_1_1449493935811_4509"><span>[4] <a id="yui_3_16_0_1_1449493935811_4508" href="http://techcrunch.com/2015/09/07/china-continues-its-crackdown-on-vpn-services/" target="_blank" name="yui_3_16_0_1_1449493935811_4508">http://techcrunch.com/2015/09/07/china-continues-its-crackdown-on-vpn-services/</a></span></p><p id="yui_3_16_0_1_1449493935811_4507"><span>[5] <a id="yui_3_16_0_1_1449493935811_4506" href="http://www.dailydot.com/politics/obama-encryption-backdoors-debate-status-quo/" target="_blank" name="yui_3_16_0_1_1449493935811_4506">http://www.dailydot.com/politics/obama-encryption-backdoors-debate-status-quo/</a></span></p><p id="yiv3700375826ftn6"><span><span><a title=""></a>[6]<a href="http://www.cjr.org/first_person/misinformation_and_misconceptions_how_not_to_report_on_the_encryption_debate.php" target="_blank">http://www.cjr.org/first_person/misinformation_and_misconceptions_how_not_to_report_on_the_encryption_debate.php</a></span></span></p><p></p></div></div><div class="grDate" style="text-align:center;"></div><div class="grDate" style="text-align:center;"></div></div></div></div>Don't's and Do's when using Public Wi-Fihttps://globalriskcommunity.com/profiles/blogs/don-t-s-and-do-s-when-using-public-wi-fi2015-08-31T14:03:15.000Z2015-08-31T14:03:15.000ZRobert Sicilianohttps://globalriskcommunity.com/members/RobertSiciliano<div><p>Curl up in a chair at your favorite coffee house, the aroma of premium coffee filling the air, take a few sips of your 700 calorie latte, and then enter cyberspace. Little do you know that you could have a stalker. Or two. Or 3,000. Because public Wi-Fi is there for the picking for hackers. Online transmissions can be intercepted. The credit card number that you enter onto that retailer’s site can be “seen.”</p><p><img src="http://activerain.com/image_store/uploads/agents/robertsiciliano/files/3W.jpg" alt="" align="right" height="178" width="320" /></p><p><strong>Don’t Do These at a Public Wi-Fi Site</strong></p><ul><li>Never leave your spot without your device on you—not even for a moment. You may come back and still see your computer where you left it…but a thief may have installed a keylogger into it to capture your keystrokes.</li><li>Do not e-mail messages of a sensitive or serious nature.</li><li>When your computer begins seeking out a network to connect to…do not let it just drift to the first one it wants; see if you can choose one.</li><li>Don’t leave on your file sharing.</li><li>If you’re not using your wireless card, then do not leave it on.</li><li>Don’t do banking or any other sensitive activities.</li><li>Don’t position your device so that someone nearby can see the screen.</li></ul><p><strong>Yes, Do These when at a Public Wi-Fi Spot</strong></p><ul><li>Look around before you settle into a nice spot.</li><li>Sit somewhere so that your back is facing a wall.</li><li>Assume all Wi-Fi links are suspicious—kind of like assuming all drivers are drunk whenever you go out driving. A wireless link may have been set up by a hacker.</li><li>See if you can confirm that a given Wi-Fi link is legitimate.</li><li>Assume that if the connection name is similar to the Wi-Fi spot, that this could mean that the hacker was clever. Inquire of the manager of the coffee shop, hotel, etc., for information about their Wi-Fi access point.</li><li>You should consider using your cell phone for sensitive activities such as online shopping.</li><li>But cell phone or not, see if you could avoid visiting sites that can make it easier for hackers to nab your data—sites such as banking, social media and any site where your credit card information is stored.</li></ul><p>Use a VPN. This stands for virtual private network. What a VPN does is create an impervious tunnel through which your data travels. Hackers cannot penetrate this tunnel, nor can they “see” through it. Your data is safe. The tunnel encrypts all of your banking and other sensitive transactions, as well as sensitive e-mail communications, plus downloads, you name it. With a virtual private network, you will not have to worry about a thief or snoop intercepting your transmissions.</p><p>Robert Siciliano is an Identity Theft Expert to <a href="http://hotspotshield.com">Hotspot Shield</a>. He is the author of <a href="http://robertsiciliano.com/identity-theft-book/"><em>99 Things You Wish You Knew Before Your Identity Was Stolen</em></a> See him discussing internet and wireless security on <a href="http://www.youtube.com/watch?v=Ynj5SgZEIyY&feature=share&list=UUxPUhCstuAW8GJR826pamYA">Good Morning America</a>. <a href="http://ow.ly/1bdMH">Disclosures</a>.</p></div>