Good Sam Community

SCVJeff wrote:

fj12ryder wrote:
"Some enterprising entrepreneurs have already run all the password combinations and filed those results into a nice easy searchable database."

Seriously? You do realize that a 20 digit password, which is what I use, has trillions of combinations. And they have that in "a nice easy searchable database". Man, that must be some database.

x2-10
The misinformation in this thread is amazing.
If someone is interesting in attempting to get into my home router or myfi, PM me and I'll send you the 1st 10 characters, maybe 20. You will be no further along in two years than starting from scratch.

Ah shucks, maybe its on the "list"...

You are right, there is a lot of misinformation. Hacking passwords is so 10 years ago. So you can go grab a 50GB torrent and run a password hash thru the rainbow tables. It may or may not work depending on the encryption, sometimes in minutes sometimes in years. Hiding in an Onion network is so 5 years ago. Onion networks are only secure on the inside, the entry point and exit point are not, it is also easy to hack the device before the data enters the Onion, put up fake relay servers, apps also leak data while in the Onion all the time. How do you think they got the owner of Silk Road. If I wanted into someone's computer, router, MIFI, phone etc. I would not try to hack the password. Nearly anyone is vulnerable, and don't let them tell you otherwise. It is simple to steal session cookies and Kerberos tokens to impersonate someone else with no password required. It is also really easy to use a known exploit (or even one the hardware manufacturers don't know about yet) to trick the router, computer, server etc. to give you administrative rights, no password required. How do you think Evernote, PlayStation network, Sony Pictures, Home Depot, Target etc. got hacked. They did not get into these networks by hacking someone's password! Strong passwords help, but do not be fooled into thinking you are too secure to be hacked, look at it on a scale, you are more or less secure than the next guy but we are all vulnerable.

fj12ryder wrote:
"Some enterprising entrepreneurs have already run all the password combinations and filed those results into a nice easy searchable database."

Seriously? You do realize that a 20 digit password, which is what I use, has trillions of combinations. And they have that in "a nice easy searchable database". Man, that must be some database.

x2-10
The misinformation in this thread is amazing.
If someone is interesting in attempting to get into my home router or myfi, PM me and I'll send you the 1st 10 characters, maybe 20. You will be no further along in two years than starting from scratch.

Ah shucks, maybe its on the "list"...

I think I Am more worried about my bank, store, or other business being hacked than I am worried about my wifi being hacked. Just checking my usage everyday will let me know if I was hacked and can take steps to resolve the issue. Cant do that with my bank.

"Some enterprising entrepreneurs have already run all the password combinations and filed those results into a nice easy searchable database."

Seriously? You do realize that a 20 digit password, which is what I use, has trillions of combinations. And they have that in "a nice easy searchable database". Man, that must be some database.

"Vitriol"? Just because someone doesn't agree with your opinion doesn't make it "vitriol".

Me, I have two routers in my RV both of which are capable of WiFi though I normally only have one turned on.

Bluetooth is fine for the mouse on DW's laptop but it does eat a lot of batteries.

"Minimum Skills" ... Really?

Wanna try mine?

You want in to your neighbors mifi, and they're running wpa/wpa2? No problem.

Vector number one, brute force it with a dictionary attack... if the mark made the mistake of changing the gibberish password Verizon gave them to something easier to remember, well, should take a few minutes to a few hours for your computer to guess the password.

Vector number two, capture some key exchange stanza with Airsnort or other tool of choice. Now, get out your credit card and rent access to a WPA rainbow table. Some enterprising entrepreneurs have already run all the password combinations and filed those results into a nice easy searchable database. Plug in the hash you get from key exchange and poof, there's the matching password. The rainbow table lookup is nearly instant, but capturing enough key-exchanges to get the right hash could take a while. You can try injecting packets to make the laptop disconnect from the MiFi, to encourage more key-exchanges to take place.

But that's talking about tethering an Ipad, has nothing to do with how fast Bluetooth is compared to Wifi. Talking at cross purposes here.

naturist wrote:

Janss wrote:
Is Bluetooth as fast as Wifi?

I do hope you are aware that on its face, this question is like asking which is faster, a car or a speedboat. Since they do not exactly go the same place, relative speed is kinda useless information.

In that same vein, the headline of this thread makes as much sense as comparing a fish, a bicycle, and a shingle roof.

Interesting and informative Post. Perhaps you should try to convince the writer of this article on your viewpoint. http://www.imore.com/usb-vs-bluetooth-vs-wi-fi-whats-best-way-tether-your-mac-your-iphone-or-ipad

I use Onion level security on my personal wi-fi hot spot (Which is my phone) What, you ask is Onion Level.. Multiple layers.

First you would have to hack the "Key Phrase" (I do not recall what they call it for the level of security I use) then you'd still be denied a connection less you were authorized at the MAC level.. And what is more.. I only activate it when I am using it and monitor the connection visually (You have to hack ME!!).

That makes it a ton of fun to hack in

On the other hand the hosue wi-fi system is not nearly as well protected.. But then it is simply the park Wi-Fi repeated so you only get access to a file server with nothing on it save for around a thousand hours of recorded television I have yet to get around to watching.. and the program guide.

Ourhomeonwheels wrote:
Wow somebody hand me a fire extinguisher!!! I did not realize trying to offer some useful info would cause so much vitriol aimed at my post.

I am glad you are happy paying Verizon an extra $20 a month for your Jetpack. My post was meant for those who primarily wish not to pay that extra fee by utilizing technology available on their PCs and cell phones.

As for your WAP2 security it is only as good as your password. If your password looks something like this 12@H00kM3UpNOW34$ then maybe you can rest easy, but if it is something like the commonly found MYWiFi or Sally'sWeb, I have an ex old friend who would love to know where you park.

I am well aware that most of our internet security is dependent on where we go, what we share, what we download, the quality of our AVP, firewall etc. and the value of all of that goes right out the window if you use public WiFi. I just don't believe in taking chances when it is not necessary. Bandwidth is costly and I don't wish to share.

I just read the whole thread and noticed a total lack of vitriol.

You're going to pay for your internet access one way or another. You can pay using your phone, or you can pay using a hotspot. I use a hotspot because I don't own a smartphone. I don't understand you referring to saving money by using your PC. The technology available on your PC will not connect you if you don't have access to some type of data service, be it smart phone, local free wifi, or a hotspot.

Okay, I understand apples to oranges, naturist. I guess I was just wanting to know if bluetooth can *in general* attain speeds as fast as good wifi (say 12Mbps plus). Is there a good probability? Just as wifi can vary greatly, I understand so can bluetooth. But is there a chance that both can be equally fast? Or is good bluetooth pretty much always going to be slower than good wifi?

Wow somebody hand me a fire extinguisher!!! I did not realize trying to offer some useful info would cause so much vitriol aimed at my post.

I am glad you are happy paying Verizon an extra $20 a month for your Jetpack. My post was meant for those who primarily wish not to pay that extra fee by utilizing technology available on their PCs and cell phones.

As for your WAP2 security it is only as good as your password. If your password looks something like this 12@H00kM3UpNOW34$ then maybe you can rest easy, but if it is something like the commonly found MYWiFi or Sally'sWeb, I have an ex old friend who would love to know where you park.

I am well aware that most of our internet security is dependent on where we go, what we share, what we download, the quality of our AVP, firewall etc. and the value of all of that goes right out the window if you use public WiFi. I just don't believe in taking chances when it is not necessary. Bandwidth is costly and I don't wish to share.

There are a couple things that concern me about some of the comments above
1) the assumption that WPA2 is secure. It is not completely secure it can be hacked, and could become more hackable tomorrow. More importantly, as previously mentioned Darren Kitchen has shown that you can build a tool that a 12 year old can easily operate which can spoof a legit WiFi network without you knowing, at which point security is irrelevant. You would be surprised, when I fire up my WIFI Pineapple at work and add the SSID "Starbucks" or "McDonalds" how many people accidentally connect to it. And that is not because people go "hey look free Starbucks WiFi in the middle nowhere" but because your device has already connected to Starbucks free WIFI in the past and it says (without you knowing) "hey look free Starbucks WiFi in the middle of nowhere lets connect to it".
2) the assumption that there are no hackers in the campgrounds: This is most definitely false. Every campground I am in you can guarantee there is always one. The good news is I am trained as a Network Security specialist and do my hacking only where I am legally authorized (my house or work) and in the context of my job to ensure my networks are secure.
3) the assumption that one protocol is more secure than another. WIFI is hackable, Bluetooth is hackable, and Cellular is now emerging to be the next attack front for hackers, it will be soon enough.
4) long range antennas make it much easier, with a 25dbi Yagi antenna I can see WIFI devices from up to 5 miles away, so far away they can require a rifle scope to point to the right one. Directional antennas are available and can be made for WIFI, Bluetooth and Cellular for nothing: Google "Pringles can antenna"
5) the certainty of some of the comments

With that said, most forms of communication are hackable. Some are much easier thanks to tools like the WIFI Pineapple by Darren Kitchen. Are you at risk? Absolutely! But should you worry, maybe a little, but not enough to require Prozac. Use encryption and strong passwords always, always and always! Never connect to unsecured WIFI unless you know what it is and are sure it should be where it is ie, you would be suspicious if you see a Starbucks WIFI in the middle of the Pacific Crest Trail. Always delete the free WIFI network when done with it ie Starbucks etc. Assume that bored teenager who would rather be at home playing Call of Duty could be in your campground with his laptop and is bored.
Just like the joke "you are safe from a Bear attack as long as you bring someone slower than you", try to never be the "slower" guy in the campground just in case, let that bored teenager attack some lower hanging fruit instead of you.