WiFi Madness

10:23.59 - Monday 7th July 2003   (Link to This Entry)

I was reading something on The Register about (lack of) WiFi Encryption on WLANs the other day. Amazingly, it seems people still haven't got the hand of this wireless security malarky and are still just plugging things in and running their hardware with the default settings.

Personally I think people are just not paranoid enough. With Windows XP making things easy and everyone and his dog having a computer these days, it's everyday Joe's who don't think about these things that are running the risk of getting hammered hard.

A friend and I were discussing this on Saturday while we idly scanned for open Windows fileshares over the Internet. The rise of broadband is another factor that sees security ignorant people plugged into the web, and one comment was that the rise in Identity Theft was probably directly linked to the number of inexperienced people using the Internet - it certainly makes you think.

Here, the network is all connected to the Internet through a D-Link DI-614+ broadband router, which includes a firewall to block access to all ports bar IDENT (Which I pointed off to 192.168.99.99 anyway). Not only that, but I use 256-bit WEP and change the key every now and again for something totally random (using WKG, btw) and I have a permitted list of MAC filters - so if your network card isn't on the list, you can't get on the network. Very simple, but also very effective.

Steve Gibson wrote an interesting news post on his server at news.grc.com/grc.news about a guy called to sort out a WLAN only to find that the customer was actually connected via his neighbours setup. That connection was removed but the machines automatically connected to another neighbours setup with the default SSID - both completely without encryption or authentificaton of any kind.

It's that kind of thing that makes me want to walk around the streets of Grimsby with a WiFi PocketPC to see what networks I can find, but people are so backwards here that I doubt I'd find a single one. I could try my laptop I guess, but it's a tad heavy and - unless I want it to be stolen - I'd have to scan from the car, clicking the 'Refresh' button on the D-Link app every few seconds.

I think all new computers should come with a booklet explaining basic security these days. Perhaps there could also be nightschool classes to teach the same things, without the need to put everyone through a full networking security course. Simply topics like 'Firewalls', 'Virus Scanners' and 'WiFi Security' would cut down the problem no end.

Bah, I need coffee. Too much thinking for a Monday morning, is that.

Lame-o-shop

10:50.46 - Monday 7th July 2003   (Link to This Entry)

Pretty poor quality choppingness, but I'm low on caffeine, so...



Seemed a lot funnier in my head. Perhaps you just had to be there.

Domain Transfer. Ugh.

11:29.57 - Monday 7th July 2003   (Link to This Entry)

This morning I'm transferring a domain away from Yell.com, and I hate doing that. Past experience has told me that nobody likes to lose a domain, and Yell used to make it Really F*cking Hard™ to move away from them. I think they've relented on being so obsessively evil these days, but I still don't like dealing with them. My collegue literally groaned when he heard the domain was will Yell, so it's not just me.

Over the weekend I transferred one away from Demon Internet. They are a pleasure to work with and don't obstruct you in the slightest. If only all hosting companies were like that.