Wi Fi security

There is a third party test for Apple Safari users to help determine if you might be vulnerable to this SSL security issue. Click or type this link bit.ly/AppleSSLTest. If you can read the message on the website, than your system or device could be vulnerable. Otherwise, if you get some type of browser secure connection failure or warning, you should be fine.

If you are using an Apple desktop/laptop(OS X) or mobile device(iOS 7) such as an iPhone/iPad, I'd be hesitant to use it on a shared network for any type of SSL site. Whether on an open public or secured "shared" WiFi. Not until you've installed a security patch to fix a serious SSL vulnerability in both iOS(7) and OS X.

SSL is secure, but like any type of security or privacy measure, only as good as its implementation. Apparently, a flaw in Apple's method allows a man-in-the-middle(MIM) to bypass endpoint authentication, and can masquerade as a trusted site to modify or add data to inject malware such as a trojan. You can read a Q&A blog report at Details about Apple SSL vulnerability...

There is also a thread in Technology Corner on this Iphone and Mac security issue.

This is the reason you need to protect against a keylogger. Every keystroke is recorded.


The graphic above illustrates why a keylogger can be so dangerous? Using one of the more popular free keylogging apps available on CNET, I logged in to RV.NET using Chrome browser. Although this particular keylogger didn't record the full user name, but could be deduced by doing a member search, it did record the "actual" password for the forum account(blacked out).

I then switched to Firefox browser which was already logged in to RV.NET. Clearly, the app was able to record that I visited the Class A forum, doing a search using the keyword "wifi" to find this thread. Subsequently, it recorded the contents of my post listed above.

I then activated a free keystroke encryption utility(green), and re-typed the same comment. The keylogger was not able to intercept my message.

I then logged out of RV.NET, and logged back in. Again, the keylogger could not intercept either my forum user name or my password.

Note that my anti-virus suite's real-time scanning did not detect the presence of a keylogger, which can be difficult for many security packages. But, Malwarebytes Free did detect the presence of this keylogger after doing an on-demand scan. The paid version uses real-time scanning, which may have been able to detect this keylogger, though didn't test it.

This is one example of how using a keystroke encryption utility can be effective in rendering "undetected" keyloggers useless. A couple of which are available for free on the net.

Except Citadel keylogger is a known hacking tool and the bain of the banking industry, a variant of the Zeus trojan, and does attract the attention of law enforcement.

It's no surprise that MS Security Essentials(MSE) didn't detect your keylogger as its considered a very basic AV package. Even Microsoft recommends installing third party protection. But not surprising as keyloggers can be notoriously difficult to detect by many AV software once embedded in a system. Especially, in a rootkit. Which is why a keyboard encryption utility is also useful as intercepted key strokes just appear as random data.

Of course, even this may be ineffective against hardware based keyloggers which can be embedded within a normal USB cable. Which is why its wise not to use unfamiliar computer hardware where passwords are concerned.

In fact, the latest trend in exploits appear to be hardware based, as these cannot be detected by traditional AV software. Regardless if you're running Windows, MAC OSX, or Linux.

Keyloggers are openly available and quite legal. You don't need to go onto 'hacker' sites to find them. I own one, just to see what it did and how hard it was to remotely read data and operate in general. I had no problems installing it on 3 laptops at the house all running the MS free security software, but my company PC caught the logger immediately and quarantined the email.

bigdogger wrote:
So I guess I am should only be worried about the middle class identity thief. The good ones defeat Target's POS systems and the bad ones comb through trash dumpsters. Since there has never been a verified incident of any RVer being compromised through a park's wifi ever posted on these forums, I am going to assume the theoretical risk is just that, a risk in theory only.

The Target breach which affected up to 110 million customers doesn't appear to have been that difficult? It's been reported on the net that a Target contractor, a heating, ac, and refrigeration firm had their Target billing credentials stolen, via an emailed keystroke Citadel trojan, which is apparently openly sold on hacker sites. And like most trojans, designed not to be easily detectable while doing its damage.

The firm was apparently not using real-time scanning anti malware protection. Nor any keyboard encryption utility that would most likely have rendered an undetected keystroke capture logger useless. Both of which are readily available for free.

Of course, it also doesn't explain how a contractor's billing credentials could breach Target's own servers to extract customer's credit card data?

Depends of what the password is used for? If the CG is using a WiFi captive portal, a splash page requiring a password, than the connection is likely not secure and just used for WiFi access. If the password is a WiFi encryption key, than the wireless connection is secure up to the CG's router. At that point, it is possible for the CG and their ISP to monitor your web session activities.

Bill paying sites use secure browser SSL(https://) connections which is encrpted up to their web servers. So is secure whether you are using an encrypted CG WiFi, mobile data, or an open public connection.

For an extra measure of security when paying bills online, open a separate browser page, not a tab to log-in. Pay your bill, and log-out. Don't stay logged in while surfing. SSL browser protocols are secure. And the few attempted exploits appear to revolve around session spoofing due to a misconfigured secure server- not setting secure cookies. Do the log-in, pay bill, and log-out and you're fine.

Most all free webmail sites use SSL for both log-in and sessions, so secure when connected to even unencrypted public WiFi. For websites that don't use SSL sessions, you can add an extra layer of protection by using a secure VPN web proxy service, such as the free vpnbook.com or cyberghostvpn.com. This would encrypt your web surfing up to the VPN proxy service. Well past the CG's router and their ISP, so not able to intercept or track your web surfing session activities.

What SCVJeff said X 2.

IMO this whole conversation is silly as it relates to WiFi in a CG. Bad guys go where the marks are. That's why they have gone after PC users over Mac users for years, simply because that's where the population is, and its a whole bunch easier to find an unprotected PC than an unprotected Mac (please lets not start the Mac's can't get virus's because that ain't true) by a margin of probably 1,000,000:1.

So why as a bad guy would I bother to drive out to a CG, set up IF I can even hear the POP, and start monitoring MAYBE 25% of the CG population even during the early evening, trying to wade through emails and pix from the kids of a bunch of 60+ year olds in the hopes I will find even one person doing something I'm interested in?

That as opposed to any of the thousands of Starbucks in any major business or financial area where people by the dozens are looking at the same emails a, Facebook, etc., but also their stocks, 401K, moving funds, checking balances, etc., and that group is likely to rotate several times an hour, not every 7-30 days..

There is so much free Wifi in the city its ridiculous. And people set up their phones and tablets to auto-connect without any regard to what it is as long as the device detects internet, it signs on. As a bad guy its a target rich environment, shooting fish in a barrel, choose your Idiom.. I can go to downtown San Francisco, Dallas, Chicago, etc. set my laptop in the window of the hotel and literally hear hundreds of routers whilst enjoying the view, a cold beverage, and calling room service.

So why would I go to a campground and lessen my odds of a good hit to weeks or months as opposed to minutes or hours? Or maybe I'll buy an RV and camp out, waiting.... and waiting...

Rant Off

bigdogger wrote:
Since there has never been a verified incident of any RVer being compromised through a park's wifi ever posted on these forums, I am going to assume the theoretical risk is just that, a risk in theory only.

If we fretted about what is possible vs what is likely, we'd never leave the house.