Learning to be an evil hacker...

I run a completely open Wifi network. The only "security" measure I take is a non-visible SSID. Have at, wardrivers! Because Wifi networks are so easily cracked, I would rather it look like my network is wide open and someone is porning it up than have it look like it's locked down and someone is porning it up.

www.eff.org/deeplinks/2011/04/open-wireless-movement

The beauty of an open network or a crackable one is that if you get a C&D for something you can claim you were compromised.

My cable WiFi box came with one seriously ugly default WPA2 password on it and I was instructed it was not changeable by the installer. It was on a sticker on the unit so I'm presuming it was unique to my box or at a minimum random.

I run a 26 character password on a WEP network but with my router in the basement I likely have more security than most WPA2 networks -- my signal doesn't reach the street.

S.

jeb wrote: I run a completely open Wifi network. The only "security" measure I take is a non-visible SSID. Have at, wardrivers! Because Wifi networks are so easily cracked, I would rather it look like my network is wide open and someone is porning it up than have it look like it's locked down and someone is porning it up.

www.eff.org/deeplinks/2011/04/open-wireless-movement

That is an excellent article, Jeb. Thanks for that.

Wouldn't really work here where everyone is apparently born selfish and appears to be unable to appreciate that other people actually live around them. The concept of doing something decent without any net gain to yourself is totally alien in a culture rooted in mercantile trading (where everyone is trying to shaft everyone else).

Folk here park while totally ignoring their immediate surroundings. So what if I block you in...I need the space. If you go to a supermarket and the car park is small, well, just don't park there because you'll never get out.

The tradegy of the commons is that if I pay for an internet connection my neighbour has no incentive to keep one, instead choosing to leech. This is not sustainable. Asking for people to keep their networks open is like asking everyone not to rob and steal, nice but pointless.

The idea that you are doing a great good by letting a random stranger with no phone connection get on the internet because he's lost or in an absolute emergency is also very silly and exagerated, it's not like you die if you don't have an internet connection.

Of course, if you really think it's so important the best measure is to campaign for more public networks in parks, public buildings and buses, not to open private ones.

Erik Twice wrote: The tradegy of the commons is that if I pay for an internet connection my neighbour has no incentive to keep one, instead choosing to leech.

The tragedy of the commons in this scenario is that there is a limited amount of EM spectrum and all are using it to their own personal profit (read this from the provider's perspective more than the subscribers) at the expense of others. The use of radio spectrum for Internet connectivity may be the single most wasteful use of a common resource as I have seen in my lifetime. People streaming the same album over and over instead of retaining a local copy, and the wireless companies indicate they need more spectrum.

In the more specific case you raise, you can open your network to your neighbor for the cost of a case of beer each month by giving him your access code. You share and both prosper. He doesn't have incentive to buy a network connection, but he does have an incentive to buy you beer. That seems like a pretty solid set of common goals if you ask me.

S.

For a home network only allow specific MAC addresses to enter.

Schweig! wrote: For a home network only allow specific MAC addresses to enter.

WINNER!

I have an unbreakable password as well as MAC-only addressing, so I think I'm pretty much good to go. I had two neighbors continually leeching off of my 20 meg service so I locked that shit down. Don't need the feds coming to my door claiming I'm downloading illegal movies.

I have a ridiculously long password for my wireless router, an alphanumeric/symbol thing that is about 2 dozen characters long. It's total overkill right now, because with the steel siding on my house, that wireless signal doesn't seem to go outside my yard. Prior to buying this house, I lived in an apartment that was immediately above two small businesses and close to a university campus, so I got sick of people getting slowing down my connection.

As for the idea of hacking neighbors and informing them of their vulnerability, I don't recommend that. One summer when I was young and working for my dad's construction company, I figured out a way to get past any lockbar on the site. The lockbar is way to lock a door that doesn't have a lock or even doorknob yet, by sliding the lockbar under the base of the door in the frame and then securing it in place with a padlock. I just grabbed the lockbar and manipulated it a certain way and then pulled it free from the closed door, without damaging the lockbar or the door. Took me maybe 30 seconds. So I showed that trick to the foreman of our crew, and suggested that I go around and warn the other crews that their locked up tools might not be safe overnight. He told me to shut the hell up about it, because the next time any tools got stolen at the site, I would be blamed. He said that some guys might even "steal" their own tools and then accuse me, just to get the insurance money.

Schweig! wrote: For a home network only allow specific MAC addresses to enter.

This is not a protection and pretty easy to find the list of allowed MAC addresses by passive monitoring. One of the networks here had tried that and it was broken a lot easier than his password was.

Completely agree a truly random (special chars, numbers, caps and lower case) password of more than 8 chars will be pretty hard to crack unless I spend money and outsource the job.

ThirstyMan wrote: Completely agree a truly random (special chars, numbers, caps and lower case) password of more than 8 chars will be pretty hard to crack unless I spend money and outsource the job.

Or build a few junk PCs with higher-end NVIDIA GPUs and push the dictionary attack off to a farm. Can still take an age but I've been both fascinated and horrified at how rapidly my friggin' video card takes care of finding passwords so I can strip protection off password-protected documents when we need to be able to cut-n-paste sections or transfer content.