Unprotected Wireless Network

Do you think if I connect to an unprotected wifi network (public) they can have the passwords of encrypted sites? For example hotmail and paypal. If so, can you make your system and browsing secure?

 

I wouldn't pass sensitive information across a public network that can be connected to by anyone. If your data is encrypted, the network itself won't unencrypt them; however, anyone else can grab the packets as your system broadcasts them to the network, and can then unencrypt them at their leisure if they have software capable of cracking encrypted packets. I would not do it; you're just asking for trouble.

 

When you are getting ready to cross a 800 feet tall bridge (down you have nothing just a low level river), and a warning sign says, "UNSECURED CROSSING", what do you do?

 

Secure It. There is no reason not to. Your computer will save it so you dont have to type it in every time, so therefor its not a hassle or trouble. I belive it is possible for people to get your passwords and be able to see where youve went, etc. as far as i know. Therefor i would definetly secure it.

 

Question for all you Oh god someone's gona crack your packets...


First of all, to do that, you need to know some programing.
Second of all, in that short period of time, i doubt anyone would want to bust a nut to get some lame encrypted info.
Third, asking for touble? What are you talking about, im sure he is refering to school networks, which 90% of have are public.

Now that being said, of course you can catch, decrypt packets, and tempt to repuzzle the numbers. But that's a big boy's game, it's not as easy as you have software that does it for you or a few clicks here and there and you have his ssn or his ccn.
Most people think that hacking can be done in ten seconds with a Very Friendly GUI that tells you how to do so. No hacking is searching for areas that have flaws and backdoors (when coders get lazy and miss something) that can be exploited.

This would be a backdoor or a flaw

010101010101 0001010101010
0101010101010101010101010
0101010101010101010101010
0101010101010101010101010

Most compilers now catch the error and wont let you compile unless you correct the mistake.

Most website that have passwords and sensitive info have secured connection meaning that when you enter your information you can be a 100% sure that your info will be protected.

 

Still securing is reccormended, even if it never does happen, they can steal your speed. (that is if it is your network/router)

 

If you are in a public area and an unsecured network is available, just set your network to "public", this way even though your connecting to a public AP, your laptop will increase security preventing other sniff into your data, in other words, I'm in a public environment, don't trust anyone.

All this is for Vista, I don't know if you can do this with XP.

 

No option in XP as far as i know. One of the advancements in Vista.

 

Exactly.

ahl395, I think you misunderstood sergi's question.

 

Oh, i am? I feel insulted... -jk

Yeah, i guess im a little repetative also. lol


And since when to i usse the word "therefor" so often. lol, i guess i dont read my own posts.....

 

lol I didn't mean it that way, anyway I misread questions myself too sometimes.

By the way, nice avy.

 

Unsecured networks are no secure so it's all at our own risk. But, at the end of the day we all connect to an unsecured network if we really need to, do we not?

 

I certainly wasn't implying that breaking encrypted packets was for script kiddies; it most definitely takes a lot of time - years - and work, and a near-obsessive desire to understand the inner workings of computers and networks. Nonetheless, such people do exist, and what better place than to maximize the return on your investment, as it were, than to set up shop at an unsecured, public hotspot once you've patiently developed your own code-breaking utilities? Where else are you most likely to get a lot of targets, some of which will be softer than others, and most of whom, if you do break their encryption and steal from them, will be utterly incapable of figuring out where, or how, their encryption was broken? To someone who's invested the sort of time and energy needed to develop good code-breaking utilities, an unsecured wireless hotspot is almost the digital equivalent of a barrel full of fish - and that person's just finished building their own shotgun (think, like shooting fish in a barrel ).

Not, in my opinion, the best place to be double-checking your stock portfolio through your broker's online account.

 

I think some people here watched way too many movies and don't understand how encryption and SSL work, and mostly don't understand the OP's question. :twitcy:

 

I think the OP is worry that his online banking could be compromised while it's done at a hotspot, do I understand the OP question?

 

No. If the site uses SSL/TLS (the padlock at the bottom of your browser and urls that start with https), all of the traffic is encrypted and cannot be intercepted and cracked. Feel free to google for SSL or TLS and read all about it.

When using a public hotspot, stick to websites that use SSL/TLS. With some open source software, unencrypted traffic can be captured and examined.

The easiest way to steal information is to merely look over someone's shoulder.

 

Or looking at his trash basket

 

Here is someone understands a little more about secure websites.

sergi, when you use Hotmail for example, just make sure you click on "Use enhanced security" under the sign in button before signing in. You will see that it will become https instead of http. PayPal by default is already https.

To people still don't understand, you know your home LAN wired network is as open as an "unsecured" wifi network, there is no difference really, anyone can still capture your packets if they really wanted to. But that's not how secure tunnel and website work. Even if you're using a public opened wifi network, it doesn't mean your traffic is necessarily unsecured.

 

Is that really true? I am guessing that it is fairly difficult to accomplish if it is?

 

Think like pop3 email transmitting you password in clear text site based on ssl you pretty save be cause you machine to encrypt

unless that is you got ssl based email with cert

if you want know download copy ethreal or wireshark you can see what trasnmitted

if you laptop get comprised keylog then yes anything cound any login info cound be stole but ssl site pretty safe even on public wireless or unsure network

 

If you have the right devices, it's really not that hard to tap into the physical wire of a LAN. But the main point of my statement was, your normal traffic (unsecured websites) in your wired network is no difference than the traffic through an unsecured wifi network, both are unsecured from one physical port to another.

 

For them to hack your wired network, they gotta have physical access to your network, which means if you see some monkey splicing into your ethernet cable, you should THEN start worrying.

You should be fine with secure sites. While HTTPS/SSL isn't bulletproof, you should be ok at a trusted public wifi source.

 

:laugh: That, or else you know its time to get control of your exotic pet habit!

That's fair enough, still, the hard part can be making sure the wifi source is really to be trusted.