Announcement

Collapse
No announcement yet.

Stupid tenants.

Collapse
This topic is closed.
X
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #16
    You give exactly one good reason to use WEP, and that's if you have equipment that doesn't support anything better than WEP. ONE.

    The rest? You're suggesting that somebody rely on security through obscurity in an era where people are known to drive around looking for unprotected and/or weak encryption so they can get in? Seriously?

    Your telco has shown greater awareness of the utility (and dangers) of WEP in that one statement than you have acknowledged. WEP is the wireless equivalent of hanging up a sign saying "I'm clueless, please come in and destroy my systems so as to teach me a lesson."

    I mean, it's called "accidental connection prevention" for a reason: It would take someone at least two attempts to get onto your network, instead of the one that would be required of a wide open network.

    Add in what anybody can do once they're on your network, and the advice you've given is, at best, laughable. At worst, it might be legally actionable as malfeasance or negligence. A random attacker could get onto the network, wipe out anything (once they're inside the firewall, chances are good that the rest of the security is toast), throw in some new viruses for the hosts to deal with, download enough copyrighted material to get you involved in an MPAA/RIAA lawsuit, and then go after some child porn to get the government interested in you.

    You've just told people that "Hey, you don't need a lock. No one's going to do anything to you." That's the same sort of attitude that made IE6 the cesspit of malware that it became. My best advice to you is to never admit to having made such statements to any potential employer, or else be prepared to work in IT departments where the best days are "Well, we only broke 5 out of 8 servers. We're improving!"

    Yes, I'm a little frustrated. People like you are the reason people like me get called on all too often to clean up somebody else's computer.
    Last edited by Pedersen; 09-10-2012, 01:44 AM. Reason: Jeez... so frustrated by having to write this that I can't even spell for shit. Sorry all.

    Comment


    • #17
      My take is exactly what someone else upthread said. Her sense of entitlement is astounding. She expects my father to be at her beck and call every day, every weekend, etc. But ask for our internet is a no. As I said to my parents, once someone goes in and gets our password, we are toast. Child porn? It's our fault.

      My passkey is set to something in French for many of my thingsand not many people here know French. Now were I to travel elsewhere...
      Success is not final, failure is not fatal: It is the courage to continue that counts.-Winston Churchill

      Comment


      • #18
        There are three common types of password attack: a 'dictionary' attack, a 'brute force' attack, and a 'social engineering' attack.

        The dictionary attack goes through trying both correctly spelled and misspelled dictionary words and common phrases; including L337 'mispellings'.

        The brute force attack is to try 'AAAAAA' 'AAAAAAB' 'AAAAAAC' and so on. (Often in a more sophisticated fashion, but you get the idea.)

        The social engineering attack is to learn something about your target, and try using that. Name, date of birth, street address, names of pets, etc.

        Early dictionary attacks didn't use phrases, and didn't use the 'replace i with 1' sort of misspelling. Now: expect them to.


        So the modern advice with passwords:
        * don't use something which can be socially engineered,
        * don't use something from the dictionary - however misspelled - and don't use a common phrase.
        * And make it long: length makes a brute force attack harder.


        However: nyekultoorneypurpleunderwasserboot is likely to foil a dictionary attack. It covers three different languages, and is definitely not a phrase anyone would expect. And unless uncultured purple submarines are somehow a part of your regular life, it foils a social engineering attack.
        It will eventually be found by a brute force attack - but being as long as it is, 'eventually' is a long, long time.

        Or you can do what I do: have a password safe. (I use KeePass). I have one password - which my husband and my best friend both also have - which locks the KeePass safe. And I let KeePass autogenerate all my other passwords for me.
        An example is "VJ12Ksa8sWhObMBDClKj" (Which I just autogenerated then cancelled - it's not in use).

        A backup of my KeePass safe is on a USB stick in my handbag. And we're toying with keeping the master passwords in an envelope with our wills - we do have intellectual property locked behind those passwords which my niece and nephew (or my best friend's nieces, in her case) should inherit.
        Seshat's self-help guide:
        1. Would you rather be right, or get the result you want?
        2. If you're consistently getting results you don't want, change what you do.
        3. Deal with the situation you have now, however it occurred.
        4. Accept the consequences of your decisions.

        "All I want is a pretty girl, a decent meal, and the right to shoot lightning at fools." - Anders, Dragon Age.

        Comment


        • #19
          Quoth EvilEmpryss View Post

          Oh, and remember the rules of password safety: upper case, lower case, number, special character, and don't use your name or phone number.
          Let's not forget the idiots who make 0000 or 1234 as their PIN, or worse write the frickin' thing on the back of the card!! :P Folks, it's a two key system; having both keys at the same place at the same time defeats the whole purpose.

          Let's just say the two keyholes in missile silos are kept far apart for a reason

          Comment


          • #20
            Quoth ralerin View Post
            My passkey is set to something in French for many of my thingsand not many people here know French.
            You could still be vulnerable to a dictionary attack. Hackers use dictionaries in other languages. I heard they sometimes even use klingon dictionaries.
            Sometimes life is altered.
            Break from the ropes your hands are tied.
            Uneasy with confrontation.
            Won't turn out right. Can't turn out right

            Comment


            • #21
              I use a WEP encryption since my DS and I believe my Wii also only use WEP. But even if you get through that, my router is set up to reject your MAC address unless I authorize it.
              To right the countless wrongs of our days... We shine this light of true redemption, that this place may become as paradise...Oh, what a wonderful world such would be...

              Comment


              • #22
                Quoth Mr Hero View Post
                I use a WEP encryption since my DS and I believe my Wii also only use WEP. But even if you get through that, my router is set up to reject your MAC address unless I authorize it.
                Ah. Another minor inconvenience for people in the know. Here, a way to handle MAC Address Spoofing. And that's the hard way. Breaking past that barrier will not take much time at all.

                The Wii supports WPA2. The DS does not. Just be aware of the risk.

                Comment


                • #23
                  Quoth Seshat View Post
                  \
                  Or you can do what I do: have a password safe. (I use KeePass). I have one password - which my husband and my best friend both also have - which locks the KeePass safe. And I let KeePass autogenerate all my other passwords for me.
                  An example is "VJ12Ksa8sWhObMBDClKj" (Which I just autogenerated then cancelled - it's not in use).

                  A backup of my KeePass safe is on a USB stick in my handbag. And we're toying with keeping the master passwords in an envelope with our wills - we do have intellectual property locked behind those passwords which my niece and nephew (or my best friend's nieces, in her case) should inherit.
                  My boyfriend uses keepass, but I haven't set myself up with it at this point. I do plan to though, in the future, especially because I'm going to be likely to have confidential stuff stored on my computer. (Student records and the like)

                  ETA: Yes we do have WPA-2 encryption. Althoug it's annoying because I can't use my DS to access online stuff like Pokemon Black and White Dream World! -grumble grumble-
                  Last edited by fireheart; 09-10-2012, 12:35 PM.
                  The best professors are mad scientists! -Zoom

                  Now queen of USSR-Land...

                  Comment


                  • #24
                    Yes, I'm annoyed that I can never do anything nice with my DS. Which tells me we do not have WEP.

                    I remember several years ago when I still lived at my parents', my dad was getting high-speed internet instead (for years we'd had dial-up and I couldn't take it anymore...and when I took him to a coffee shop with high-speed, neither could I), and just for fun, when he saw the wireless networks around us (that really had no signal at all), he typed in a random word. A woman's name, I think. ...It worked. So he'd just magically guessed this woman's password, it was quite odd. He never used it because our own got hooked up, and the signal was basically zero anyway, but that was so very strange...
                    "And so all the night-tide, I lie down by the side of my darling, my darling, my life and my bride!"
                    "Hallo elskan min/Trui ekki hvad timinn lidur"
                    Amayis is my wifey

                    Comment


                    • #25
                      "So you want to steal our internet that we pay for each month."
                      Well technically it wouldn't be stealing... not if you gave it to them.

                      but yeah maybe they need to call their ISP first to find out why it's not working. If they have one... it may explain why theirs wasn't working, if they were tapping off of someone else's to begin with.

                      Comment


                      • #26
                        On my router, I have a guest account that is locked, but the family on either side of us gets the password to it. This is because our butt-crack of the woods tends to have issues crop up with the internet and we wind up temporarily hooking in to diagnose issues like, "Hey the wired part of the network card just fried!" or "Oh, shit... modem's dead."

                        If it's gonna take longer to fix, we just let them stay connected while we get the issues resolved.
                        If I make no sense, I apologize. I'm constantly interrupted by an actual toddler.

                        Comment


                        • #27
                          This topic title almost made me rage. Then I saw it said "Stupid Tenants" and not "Stupid Tennants" I'd have had to bust some skulls if I saw anyone bad-mouthing Tennant.
                          To right the countless wrongs of our days... We shine this light of true redemption, that this place may become as paradise...Oh, what a wonderful world such would be...

                          Comment


                          • #28
                            Locked, encrypted and monitored, in my case. My old neighbors (the dickheads) never locked their wireless, so I'd occasionally change the router name on them to something like "Configure Me, Stupid." They're long gone, and the current neighbors are a bit more tech savvy.
                            "If your day is filled with firefighting, you need to start taking the matches away from the toddlers…” - HM

                            Comment


                            • #29
                              My neighbor wasn't so entitled ralerin, but still got a big fat "No." She offered to pay a percentage, and was probably only going to be on a couple times a week, but it just opens such a huge can of worms I'd rather not deal with it.

                              Quoth EvilEmpryss View Post
                              who pays for internet and then just says "Huh, it's not working. Oh well, I 'll use someone else's while I pay my monthly bill."?
                              Quoth Shalom View Post
                              first thought was "Sure her internet isn't working. Why? Because their next-door neighbor on the other side just locked theirs."

                              Bet one of you have pegged it.

                              Quoth DGoddessChardonnay View Post
                              rule with the ISP's when picking out names to use online that one can't use a name that may be considered obscene?
                              Some yes, some no, but you can name YOUR router whatever you want.
                              Some fun ones: http://forums.macrumors.com/showthread.php?t=973068

                              Quoth Estil View Post
                              Let's not forget the idiots who make 0000 or 1234 as their PIN,
                              Sadly, all too true: http://www.tomshardware.com/news/imp...ords,9486.html

                              Quoth Eisa View Post
                              he typed in a random word. A woman's name, I think. ...It worked.
                              lol! Was it "maggie?" http://www.troyhunt.com/2011/07/scie...selection.html

                              Comment


                              • #30
                                Quoth Mr Hero View Post
                                This topic title almost made me rage. Then I saw it said "Stupid Tenants" and not "Stupid Tennants" I'd have had to bust some skulls if I saw anyone bad-mouthing Tennant.
                                Does this mean I get a if I say I like Matt Smith's Doctor better?

                                just kidding. kinda. I really do like 11 a tad more, but I like them both (tho i do still see 10 in my doctor dreams).

                                Some yes, some no, but you can name YOUR router whatever you want.
                                Some fun ones: http://forums.macrumors.com/showthread.php?t=973068
                                That's a lot better than some I've seen. Back in one of my military schools some of the students were making up offensive names for their networks. (think anti-semetic) Didn't know who it was tho but yeah that was stupid.
                                Last edited by PepperElf; 09-10-2012, 06:11 PM.

                                Comment

                                Working...