Categories
Attacks Tech

The Basics of Wireless Security

Wireless connectivity is probably best described to give convenience to its users. Having a wireless access point on your home gives you the comfort to position yourself almost anywhere provided your devices are within the range of each other—on your living room, on your bedroom, and even on the kitchen. There are still many concerns about having this type of connection, however, and most of them is about security.

Since laptops, smartphones and PDAs, provide for the needs of busy mobile consumers,[1] and most of them gadgets are now being equipped with Wi-Fi, it has no doubt become the next big target of crackers—much like what happened to Microsoft Windows being targeted on exploits and vulnerabilities, and to bluetooth-enabled mobile phones being targeted with worms and malware when they became popular.

Common things done by crackers to wireless-enabled devices and networks include piggybacking, wardriving, man-in-the-middle attacks, and spying, among others. Explanations are as follows:

  • Piggybacking refers to the act of obtaining access to resources on a wireless device, which include Internet access. Open networks on public places and services, such as hotels and cafés, usually permit this,[2] but some networks even on the said places[3] as well as on homes generally do not.
  • Wardriving is the act of looking for wireless networks usually with the aid of a vehicle,[4] and a powerful antenna on a wireless-capable device, much like what people with radio scanners do to receive police and military transmissions. After connection with the device has been established, the wardriver could possibly do anything to the network or its users. Some has been ethical, however, and act as a tiger team telling the administrator or owner that the network could easily be breached.
  • Man-in-the-middle attacks are somehow sophisticated that includes a cracker acting as the network access point the victims are trying to connect to. He then connects to the real AP himself transmitting and receiving data both ways to seem invisible. But, in fact, he now controls and sees every bit of information the victims are sending and receiving that seem to them to be secure.
  • Spying has been the most critical and publicized problem existing today—even surpassing the popularity of virus and worm attacks today, IMO. Anti-spyware tools just popped up one after the other from nowhere, haven’t they? And we thought it would have ended with just Web browsing with credit card information, but it obviously haven’t.

Wired LANs probably seem more secure since the only ones receiving data are the ones connected by wire—of which the owners control—while WLANs have access points and terminals that emit signals that could be received by anyone near the devices. However, this concept is somehow wrong. Wired networks with terminals having an active insecure Wi-Fi device could be entered by these crackers to gain access onto the network as well—much like providing the cracker a jack to plug into.

Having set up a wireless network at home myself, and after trying to configure each and every option presented to me by my router’s Web interface, I’ve searched through forums, blogs and info sites to find ways of maintaining my network security. Here are some basic instructions:

  • Wi-Fi Protected Access (WPA or WPA2) is the secure authentication and encryption method for wireless networks and should always be enabled. Most consumer wireless devices are capable of using at least WPA and WEP (an earlier security method that has known limitations). But, try to utilize WPA2 first, if it is available. It is an implementation of the IEEE 802.11i standard, and WPA is just its subset.
  • MAC address filtering is a feature from routers and access points that permits or blocks certain devices based on the hardware-embedded MAC addresses on their network adapters. Some NICs allow changing the MAC address to match an accepted one, also known as spoofing, so this should not be the only security measure utilized.
  • Change the router’s default settings such as Web interface password, SSID, and IP address. These settings are known by crackers and would immediately tell them if the user has an insecure network. These changes would at least make it harder for the cracker to find the network configuration and administration interface.
  • Most routers come with a hardware firewall that blocks potentially malicious and corrupted signals. This should never be turned off.
  • DMZ forwards all ports to a terminal so that all connections may pass. This is usually used for applications where the user does not know which ports are being used. The Port Forwarding feature, which is as common as DMZ, is more secure since it only forwards the applications’ required ports. Ask support from the application developers to know which ports should be forwarded, and avoid using DMZ.

There are many more types of security concerns and prevention, but these are the most common ones. Please note that until Windows Vista, Microsoft OSs have not supported an implementation of WPA2. But, a WPA2 update for genuine users of Windows XP SP2 is available for free download. After installing the update, an option to turn off broadcasting of the preferred wireless network list will be available and this would add to security.

I wasn’t able to test Linux wireless security as I have Ubuntu only on my desktop, which is on a wired connection. You may (and please) reply if you have information about wireless security in these and other operating systems. Thank you.

One very important rule to security in any digital environment is strong passwords. Choose them wisely; they should not be any dictionary word or phrase, at least one character must not be a lowercase letter, and you should not use one password on every digital account you use.

Footnotes:

  1. ^ Who are now practically everywhere—students, business people, posers, and everyone else who just have the money.
  2. ^ And are probably not considered as such act.
  3. ^ Where access is restricted to clients and customers only.
  4. ^ The term is usually used on the act using motor vehicles, while warbiking and warwalking are used to refer to wardriving on motorcycles or bicycles, and wardriving on foot, respectively.
Categories
Rants Tech

Apparently, The Philippines Does Not Exist

As reported on the so-called—or better yet, the self-proclaimedbest daily newspaper on the world wide web, Kenya have set a world first with mobile money transfers. As far as I know, mobile remittance and money transfers are old technology here in the Philippines[1] even if I still haven’t been able to use the system.

As ignorant as they may be, Guardian Unlimited’s Xan Rice and Safaricom CEO Michael Joseph expressed with enthusiasm their belief that the mobile money transfer concept is the next big thing in mobile telephony.[2] They haven’t acknowledged the fact that this concept was originally from the Philippines with millions of workers abroad using the services of local Philippine mobile providers. I could safely say that this kind of service is an old big thing for Filipinos. I guess they think they would attract more people into believing in their services as a breakthrough this way—making its worldwide market adoption much quicker—than telling the concept came from a poor and less known country.

The report said that this new technology is being piloted by Vodaphone with the implementation on its partially owned corporation in Kenya—claiming to be the first country in the world to use this service. As the story shows, this M-PESA service from Safaricom is still being developed by Vodaphone, but it happens to be that Globe G-Cash™ and Smart Padala was already out of beta testing several years ago.[1]

I guess no one could deny the fact that Filipinos are not technologically lagging. We are leading with highest numbers on SMS usage, and I believe we are leading with the most services using it. So I guess we deserve some credit[3] as well, for this is so evident it would not pass even a little bit as an Agapito Flores claim to technological advances.

I guess I only have one explanation left that many other Filipinos would hately agree with: The Philippines does not exist.

Footnotes:

Categories
Rants Thoughts

An Appeal to Globe Subscribers

Globe Telecom has raised the UNLIMITXT service charges they require of their subscribers since today. From PHP 10[1] to PHP 20 per day, the rebranded service UNLITXT with the doubled rates frustrated a lot of subscribers given the fact that they weren’t warned even a couple of days before the implementation of such scheme.

I was one of those frustrated, surprised customers.

My girlfriend and I have always been registering for the service at almost the same time. Yesterday was the end of our five-day registration last time. Since it was almost midnight, we put off registering for another five days to today. But when we did register during noontime earlier, we were surprised to have received a different response from the service. It wasn’t the type that postpones the registration for later because of server overload. The message so long it could not be contained in a single message looked like the spam they always send us. But, I read it anyway….

They’ve changed a lot about their service—from UNLIMITXT to just UNLITXT; from 50 Pesos for five days to 80 for just four. And, they added time-based unlimited texting packages such as UNLITXTD or UNLITXTN corresponding to day and night, respectively.

Now, who the hell is so trustworthy enough that just pops out without warning and tells you to pay more than what you used to? No one. Even Globe shouldn’t be an exception.

People thought they received just rumors about Globe’s increased rates. But, they weren’t rumors as I told my friends. Please take note that many people changed their numbers to Globe since they put their UNLIMITXT promo to a regular service—count me and my girlfriend in. But we’re dusting our old Sun SIM cards for tomorrow since Globe’s shitful of services are robbing us off of our money.

I ask of you to do the same. Not only for two to three weeks just like what’s spreading through SMS—they would just wait that off until people start registering again. We should hold them back until they lower their prices again.

Globe has better signal, thus, better service than Sun. That doesn’t mean they should increase their pricing so surprisingly exorbitant—their prices weren’t even at par with Sun in the first place. Why can’t they keep their prices where they were? I know they know its easier to get a lot more customers with better pricing. But, now that they did with the former prices of their service, they shouldn’t think we’d stay with them now that they increased them so suddenly.

Now, if you feel the same way, please let people know by posting similar entries to your blogs and commenting on each other’s posts. Petitions could go a long way as long as there are lots of support and publicity.

Update: I have finally found a petition site for the rollback of Globe’s UNLIMITXT rates. Sign the petition to roll back Globe UNLIMITXT pricing!

Footnotes:

  1. ^ with the five-day plan worth PHP 50