[Vision2020] New (and Old) Threats to On-Line Computers

[Art Deco]

Paul,

The problem is not someone using someone else's wireless router to access the internet.  Using the router to get to the wireless send/receive box and antenna does not imperil the owner's computer's security, although the trail it leaves at the owner's ISP may be deceptive or incriminating, if the intruder is clever enough.  It is when a hacker tries to go from the wireless router into owner's/user's computer that the problems begin.  I have not completely described the device I mentioned before but it can obviously be set to as to allow access to certified users but not others.

Recently Idaho passed a law allowing the use of force, even deadly force, against intruders into your home.  While a poison bill from an online protection device is not deadly force, it is a force that be could used to protect yourself and your family, if you can afford it.  I might point out that there is software available for PCs that will do something similar to what the device will do, only not nearly as effectively.

The chances of someone being caught and convicted of illegal electronic snooping in Latah County are nil at the present time.  The is so much going on and no real detection and enforcement capabilities at hand, although it is possible that certain out-of-county agencies are now investigating several individuals.  For example, just think of the online security problems of the UI in the last 18 months.  In one UI case given national news coverage, there was even national assistance to local law enforcement, but with no tangible result.

There may be some question of the legality of the device I speak of for home, business, and some other users.  If you are good at inferences, you can figure out where some of these devices are being legally used.  Notice also that I did not claim that the device was of American manufacture.

Here's another tip for those on a wireless connection:  Do not leave your browser (especially if it is IE) or email program open when you are not actively using it.


W.


----- Original Message ----- 
From: Paul Rumelhart 
To: Vision 2020 
Sent: Thursday, February 08, 2007 8:37 AM
Subject: Re: [Vision2020] New (and Old) Threats to On-Line Computers


That's a frightening device.  I can't believe a company actually produces it and sells it, even if they do claim to be a "penetration testing firm".

I'd also like to add that one important security procedure involves setting a password on your personal wireless network at home, if you have one.  The fact that the default is to leave it wide open is downright criminal.  Yes, you have to type in a password to connect to your own network - but so does the guy who just pulled up in front of your house that wants to use your network to surf for child porn.

If you don't secure your own network, then you may not have the legal right to file charges if some stranger connects to it.  The issue seems to be a gray area in the law right now.  Worse yet, if somebody connects to your system and does something illegal and it is traced back to your access point, you may be the one going to trial.   Basically, if your network is unsecured, it is broadcasting a signal which translates to "Come connect to me!  My address is..."  The person in the area, maybe even a neighbor, might connect to your access point accidentally because many systems are configured to connect to the strongest signal they see automatically.  So I definitely *don't* recommend delivering a payload to them to disable their system if all you see is a connection that has been made.  I still don't condone electronic vigilantiism even if they do something malicious, that's what the police and the courts are for.  

Definitely be careful at public hotspots, as well.

Paul

Art Deco wrote: 
  New (and Old) Threats to On-Line Computers

  Below the line are links to descriptions of a new device implementing an old method of attack on computers connected by a wireless method of one type.

  The cautious will read this material carefully.  Although the device described is relatively new, the method used itself is not new and the method can be extended beyond simple Wi-Fi connections.

  There are several individuals in this area using laptops and special software to attempt to snoop and/or to implant snooping/remote broadcasting of the material on your personal computer and the real-time data streams occurring while you are connected to email and the web.  Hardly a week goes by when my computer is not subjected to an attempt of this kind.

  A prior V 2020 discussion suggested some ways to help fend off these kinds of attacks:

  Anti-Virus software
  Spyware Detection and Removal software
  First class professional grade firewall software
  An intervening router with firewall capability

  It is important to check your firewall logs daily to see if attacks have been detected.  If your firewall can be set to immediately notify you of an attempted attack:

  1.    Disconnect entirely from any connection you are using the moment the notification occurs.
  2.    Look for unfamiliar vehicles in your area, take license numbers.  If a license number occurs more than once after an attempted attack or there is a speedy decampment, notify law enforcement.

  This should be a no-brainer:  Do not tell anyone which anti-virus, spyware detection, or firewall software or hardware you are using.

  There is another remedy which is drastic, very effective, very expensive, and whose legality may be suspect: a device which uploads a poison pill to the attacker's computer.  This pill works in the target computer's background.  First it erases the boot-strap tracks, then erases the various parts of the directories on all disc drives, then all the data on all the disc drives surfaces.  The latter takes a lot of time so that the attacker may be able to stop that part before it is complete.  For some computers, the software can also cause some permanent hardware damage, mainly to the disc drives.  At any rate the attacker will need to spend a great deal of time making their computer functional again.  In addition, this device and associated software records a number of identifying characteristics of the attacker's computer so that information may to used to arrest and to convict the attacker may be gathered.


  Since the legality of this device may be suspect, please do not ask me for details.  There are various search engines which can be of assistance should you be interested.

  Art Deco (Wayne A. Fox)
  deco at moscow.com



  ______________________________________________________
  Silica--a wireless hacking tool 

  Photos: The scariest item at RSA 2007 is Silica, a portable hacking
  device 
  that can search for and join Wi-Fi access points, scan for open ports,
  and 
  launch code execution exploits. 
  http://ct.zdnet.com/clicks?t=29190355-a10e1a02c3a4463047d2ade5662a85e8-bf&s=5&fs=0

  WiFi hacking with a handheld
  http://ct.zdnet.com/clicks?t=29190356-a10e1a02c3a4463047d2ade5662a85e8-bf&s=5&fs=0

  Focus: RSA 2007 security
  http://ct.zdnet.com/clicks?t=29190357-a10e1a02c3a4463047d2ade5662a85e8-bf&s=5&fs=0


------------------------------------------------------------------------------
=======================================================
 List services made available by First Step Internet, 
 serving the communities of the Palouse since 1994.   
               http://www.fsr.net                       
          mailto:Vision2020 at moscow.com
=======================================================



--------------------------------------------------------------------------------


=======================================================
 List services made available by First Step Internet, 
 serving the communities of the Palouse since 1994.   
               http://www.fsr.net                       
          mailto:Vision2020 at moscow.com
=======================================================
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.fsr.com/pipermail/vision2020/attachments/20070208/c9a13064/attachment.html