JetPack SSID and password

Viewing 33 reply threads
  • Author
    Posts
    • #8345
      TomTees
      Participant

      I am thinking of getting a Verizon 4G LTE 5510L JetPack.

      From what I have been reading, the SSID and Password are available via the menus on the front of the device.

      Isn’t that horribly insecure?

      Seems like having your Username and Password taped onto your laptop!!

      Sincerely,

      Tom

    • #52421
      m0wgli
      Participant

      I’ve no experience of these devices, but out of curiosity I had a quick look. The User Guide would suggest that this can be turned off, although the default would seem to be on.

    • #52422
      hayabusa
      Participant

      I’ve not worked with them, either, and having not gone through their manuals or anything, I’d simply have to say that, if they’re anything like any other wireless router vendor, while those may be ‘default’ settings, you’re ALWAYS recommended to change them.

      Its no more secure than some ISP’s wireless routers, whose default wireless keys are the serial numbers taped to the devices.  Obviously NOT something you would want to leave at the default.

    • #52423
      TomTees
      Participant

      @hayabusa wrote:

      I’ve not worked with them, either, and having not gone through their manuals or anything, I’d simply have to say that, if they’re anything like any other wireless router vendor, while those may be ‘default’ settings, you’re ALWAYS recommended to change them.

      Its no more secure than some ISP’s wireless routers, whose default wireless keys are the serial numbers taped to the devices.  Obviously NOT something you would want to leave at the default.

      I’ve never had wireless Internet before, so am kind of clueless on the topic.

      What exactly is an SSID?

      And why would I want to change or hide it?

      Assuming things can be changed from the defaults, what exactly would you recommend as far as changing things?

      Tom

    • #52424
      UNIX
      Participant

      The SSID (Service set identification) is the name of your wireless network, e.g. “TomTees_WLAN”. You can disable the broadcasting of the SSID, so that it’s not that obvious for everyone that there is such a network available, but that’s not a real protection, as it can still be detected.

      I’m sure what hayabusa was referring to was more towards changing the default credentials and such. Also be sure to enable a strong encryption with a long passphrase (e.g. WPA2 Personal (PSK) + AES). I’d also recommend to disable WPS, if supported by the device (I didn’t check its specifications).

    • #52425
      rattis
      Participant

      I’ve used other Verizon jet packs in the past. The screen turns off, and you have to go back through it. No the SSID and the Password for the network being accessible via the screen isn’t really an issue with security. How else are you going to know how to connect to the device?

      The bigger issue is leaving the device laying around where someone else can pick it up and start messing with it.

      and of course Hyabusa’s advice about making it harder to get into is useful.

    • #52426
      TomTees
      Participant

      @UNIX wrote:

      The SSID (Service set identification) is the name of your wireless network, e.g. “TomTees_WLAN”.

      So what is the advantage of creating a customized one (e.g. TomTees_WLAN) versus leaving the default?

      You can disable the broadcasting of the SSID, so that it’s not that obvious for everyone that there is such a network available, but that’s not a real protection, as it can still be detected.

      How would you do that?

      I’m sure what hayabusa was referring to was more towards changing the default credentials and such. Also be sure to enable a strong encryption with a long passphrase (e.g. WPA2 Personal (PSK) + AES).

      Dumb question, but since I have never owned a “Hot Spot” before, and am very clueless about anything mobile, where do you put the SSID and password?

      Do you have to type those into the JetPack itself?  (And if so, how do you do that without a keyboard?!)

      I guess I thought you logged in from your laptop or browser?

      Also, what do you mean by “WPA2 Personal (PSK) + AES”?

      I have heard that WPA2 is the strongest encryption method for mobile devices – and I assume I can select that in setting up the JetPack – but I don’t understand the “PSK” and “AES” part…

      I’d also recommend to disable WPS, if supported by the device (I didn’t check its specifications).

      I Googled that for the Verizon 5510L – which is the latest and greatest that I am thinking of getting – and didn’t find any info on whatever that is.

      Tom

    • #52427
      TomTees
      Participant

      @chrisj wrote:

      I’ve used other Verizon jet packs in the past. The screen turns off, and you have to go back through it. No the SSID and the Password for the network being accessible via the screen isn’t really an issue with security. How else are you going to know how to connect to the device?

      A few things…

      First, I thought maybe you entered the SSID and Password from your laptop and/or browser…

      Secondly, having access to the SSID and password on the device seems like a really poor design.  It would be like having your Username and Password on a file on your desktop!

      If someone got a hold of my SSID and Passcode, then they would have access to my wireless connection, and from my understanding, that would mean they could easily hack my connection and my computer traffic, right?!

      The bigger issue is leaving the device laying around where someone else can pick it up and start messing with it.

      True, but let’s be realistic…  I would buy one a JetPack because I am not in the security of my home.  (I doubt people pay the PREMIUM that Verizon charges for data usage to use a JetPack at home.)

      My goal is to replace the need to drive around and find a restaurant with free wi-fi and to also avoid having to find motels with free wi-fi.

      So the reality is that if I buy one of these, I will likely be using it at somewhere like Perkins or McDonalds or Joe’s Diner.

      And while I always use a cable on my laptop, I can’t guarantee that I am always right by the side of my latop – or in this case JetPack.

      What if that Bacon, Jalapeno, Onion, Tabasco, Double Cheeseburger with Chili Fries doesn’t agree with me AGAIN – I gotta take my wife’s advice and start cutting back!! – and I need to go take a quick c*** ?

      Or, let’s say I just go up to pay my bill, or get another Pepsi?

      In such cases, it is conceivable that someone could quickly go onto my JetPack and find my SSID and Passcode, right?

      If that is all you need to do, I think that is a stupid design!

      But then again, maybe I’m not sure how the SSID and Passcode work?

      The kids at Verizon that I spoke to on the phone made it sound like you type in the passcode either once and are done with things, or that you can type it in each time – I assumed into my browser – but that it wasn’t sitting out in the open the device itself.  (How do other companies like AT&T or Sprint do this?)

      Anyway, my main point is that while I would be careful with a JetPack, I can’t guarantee I would have it in my hand 100% of the time…

      and of course Hyabusa’s advice about making it harder to get into is useful.

      Oops, I’m sorry, which advice was that?

      Tom

    • #52428
      hayabusa
      Participant

      – Leaving the default SSID will often help someone to look up the default passwords, for given devices, thus, it’s always better to change it.  (Not that there aren’t other ways to find the device type and look for passwords, but why leave it easy for someone to find.)

      – On a JetPack, I have no idea how to disable it, but most all vendors have a setting you can choose to enable / disable broadcasting the SSID.

      – “Putting them in” – the ssid and password – are on the client side, so that a client knows how to connect to the device.

      – as far as the varying encryption types, there are plenty of threads here on EH, as well as in a generic Google search, that I’ll leave researching each, to you.  Suffice to say, if some device defaults to WEP, you’re gonna want to change it…  😉

    • #52429
      m0wgli
      Participant

      @TomTees wrote:

      In such cases, it is conceivable that someone could quickly go onto my JetPack and find my SSID and Passcode, right?

      It would seem so if the device wasn’t configured to not display the Wi-Fi name (SSID) and password on the display (refer to page 19 of the user guide I posted earlier).

    • #52430
      TomTees
      Participant

      @hayabusa wrote:

      – Leaving the default SSID will often help someone to look up the default passwords, for given devices, thus, it’s always better to change it.  (Not that there aren’t other ways to find the device type and look for passwords, but why leave it easy for someone to find.)

      Okay.

      – On a JetPack, I have no idea how to disable it, but most all vendors have a setting you can choose to enable / disable broadcasting the SSID.

      Okay.

      – “Putting them in” – the ssid and password – are on the client side, so that a client knows how to connect to the device.

      – as far as the varying encryption types, there are plenty of threads here on EH, as well as in a generic Google search, that I’ll leave researching each, to you.  Suffice to say, if some device defaults to WEP, you’re gonna want to change it…  😉

      I have heard that “WPA2” is the best…

      BTW, what do you recommend as far as choosing a Admin Password and Passcode?

      Tom

    • #52431
      TomTees
      Participant

      @m0wgli wrote:

      @TomTees wrote:

      In such cases, it is conceivable that someone could quickly go onto my JetPack and find my SSID and Passcode, right?

      It would seem so if the device wasn’t configured to not display the Wi-Fi name (SSID) and password on the display (refer to page 19 of the user guide I posted earlier).

      Okay, thanks for the reminder about the PDF link.

      Tom

    • #52432
      rattis
      Participant

      First, I thought maybe you entered the SSID and Password from your laptop and/or browser…

      Secondly, having access to the SSID and password on the device seems like a really poor design

      first: you do have to put it on your laptop when you connect. Your laptop’s wifi client will just list everything it sees, and leaves it up to you to pick which one to use. The SSID of your Jetpack is how you know which one to use. Otherwise you might click a funky looking one, and get your soul uploaded to the data cloud.

      second: where else would you put the information so it is semi-readily available? One picks up the device, turns it on, and scrolls through menues to get to the options to display what you need. It’s better than putting the information on the bottom of the device with a sticker.

      True, but let’s be realistic…  I would buy one a JetPack because I am not in the security of my home.  (I doubt people pay the PREMIUM that Verizon charges for data usage to use a JetPack at home.)

      Wireless in the home isn’t safe. Look in to Hacking Wireless Exposed, or Wifu. There are people out there that lack ethics and do things because they can. That includes things like using neighbor’s wifi if they can get on it.

      And while I always use a cable on my laptop, I can’t guarantee that I am always right by the side of my latop – or in this case JetPack.

      O_o
      I carry all of my tech in a backpack, or messenger bag. I never, NEVER, leave it un-attended. I only take out what I need. Usually the laptop. The jetpack, take it out start it up, confirm the laptop connects, and then put it back in the bag. If I need to move, for whatever reason, the laptop goes back in the bag and the bag goes with me. Even just to wee.

      Operational Security: I expect a Bob (an attacker) to be where ever I am. I expect a Bob to have basic skills. Cable locks can be easily picked or bypassed, without destroying the cable, and done in such a way that most people wouldn’t even realize a crime is going on. A box can quickly be rebooted, popped, and restarted after, in the time you’re at the alter praying to Ralph. In some cases all that is needed is a micro USB nub. There have been flaws out there that allow bypass of lock screens.

      Yeah, your stuff might still be there when you get back, but how do you know it hasn’t been messed with.

      HD Moore’s China Laptop Adventure.

    • #52433
      dynamik
      Participant

      @chrisj wrote:

      O_o
      I carry all of my tech in a backpack, or messenger bag. I never, NEVER, leave it un-attended. I only take out what I need. Usually the laptop. The jetpack, take it out start it up, confirm the laptop connects, and then put it back in the bag. If I need to move, for whatever reason, the laptop goes back in the bag and the bag goes with me. Even just to wee.

      Yep. If I’m at a coffee shop and need to hit the restroom, I pack everything up and bring my bag with me. Everyone else probably thinks I need a porn break, but that’s better than leaving my system unattended, even for a few minutes.

    • #52434
      TomTees
      Participant

      @chrisj wrote:

      First, I thought maybe you entered the SSID and Password from your laptop and/or browser…

      Secondly, having access to the SSID and password on the device seems like a really poor design

      first: you do have to put it on your laptop when you connect. Your laptop’s wifi client will just list everything it sees, and leaves it up to you to pick which one to use. The SSID of your Jetpack is how you know which one to use. Otherwise you might click a funky looking one, and get your soul uploaded to the data cloud.

      second: where else would you put the information so it is semi-readily available? One picks up the device, turns it on, and scrolls through menues to get to the options to display what you need. It’s better than putting the information on the bottom of the device with a sticker.

      I think there is still a disconnect here…

      A couple people have said that your SSID and Password are displayed – in plain site – on your JetPack.  That would be like if your did Ctrl+Alt=Delete on a PC and it showed your Username and Password in broad daylight.  That would be insanely dumb.

      From the link provided above, it seems like the Verizon Manual is saying what I just said is true, but that you can “hide” the SSID and Password so they are not shown in plain site on your JetPack.

      Am I understanding that right?

      Also, I am a bit confused about the SSID and Passcode’s location…

      I was under the impression that the JetPack just had an On-Off Button and some Buttons to show basic usage.

      But if you wanted to Log-In and/or change any settings (e.g. # of Allowable Devices, Encryption Type, etc) that you had to go to your Computer/Laptop, access 192.168.1.1 on your browser, enter your SSID and Password, be authenticated, and THEN you could change settings?

      Also, I thought you had to access your browser at 192.168.1.1 and log in from there every time you want to connect to the Internet via your JetPack?

      (Sorry if all of this sounds dumb, but I’ve never owned such a device, and so it is hard to conceptualize how it works.)

      However, I do not believe you ever log in from the JetPack itself, because there is no keypad to do that, right?

      True, but let’s be realistic…  I would buy one a JetPack because I am not in the security of my home.  (I doubt people pay the PREMIUM that Verizon charges for data usage to use a JetPack at home.)

      Wireless in the home isn’t safe. Look in to Hacking Wireless Exposed, or Wifu. There are people out there that lack ethics and do things because they can. That includes things like using neighbor’s wifi if they can get on it.

      I use wired DSL at home.

      And while I always use a cable on my laptop, I can’t guarantee that I am always right by the side of my latop – or in this case JetPack.

      O_o
      I carry all of my tech in a backpack, or messenger bag. I never, NEVER, leave it un-attended. I only take out what I need. Usually the laptop. The jetpack, take it out start it up, confirm the laptop connects, and then put it back in the bag. If I need to move, for whatever reason, the laptop goes back in the bag and the bag goes with me. Even just to wee.

      Operational Security: I expect a Bob (an attacker) to be where ever I am. I expect a Bob to have basic skills. Cable locks can be easily picked or bypassed, without destroying the cable, and done in such a way that most people wouldn’t even realize a crime is going on. A box can quickly be rebooted, popped, and restarted after, in the time you’re at the alter praying to Ralph. In some cases all that is needed is a micro USB nub. There have been flaws out there that allow bypass of lock screens.

      In the end you are correct, but o I have to live like I’m on a business trip in China everywhere I go?

      If I am recording a radio show or a sporting event (e.g. College Basketball) and have to pee, does that mean I have to take 10 minutes shutting down, pack up like it’s time to go home, go pee in McDonalds’ bathroom, then return, take 15 minutes setting up, get back online, and now I’ve missed a quarter of the BB game????

      Yeah, your stuff might still be there when you get back, but how do you know it hasn’t been messed with.

      HD Moore’s China Laptop Adventure.

      Scary article….

      Tom

    • #52435
      TomTees
      Participant

      @ajohnson wrote:

      Yep. If I’m at a coffee shop and need to hit the restroom, I pack everything up and bring my bag with me. Everyone else probably thinks I need a porn break, but that’s better than leaving my system unattended, even for a few minutes.

      Well, since I am not in China or a Hacker Convention, isn’t that a bit “overkill”?

      Also, in my case, don’t you think OS-X Screen-Saver Lock is sufficient?  (I have that set to go off like after a minute or so, and I always do Ctrl+Shift+Eject before leaving my laptop.)

      Tom

    • #52436
      rattis
      Participant

      Tom I think you’re mis-understanding the point of the SSID and Password on the Jetpack.

      A computer uses a user name and password to protect your data. Putting those in tells the COMPUTER that YOU as the user is authorized to use the computer (the user name) and the password authenticates that it really is you.

      On a Jetpack: The SSID is the name of the network that you tell your computer to connect to for internet access. The Password on that, tells the network that you are authorized and to authenticate you. You need the device to display the password or else you can not tell it you are Authorized by presenting the authentication key.

      The Jetpack is roughly the size of a really thick wallet. So not anyone should be able to walk up to it, and see the screen.

      The way wifi works, it sends out a beacon like a light house. This tells everyone in the area that  Hey I’m here connect to me, and if you can authenticate you must be authorized. You can HIDE that Beacon. So instead of it being a light house, it’s like a hidden door that you have to have the key for. If you look at your computer’s wifi client, it’ll present a list of access points. Those are other people’s access points being light houses.

      Does that make more sense?

      —-

      The physical security side. Having done remotes at events, with computers, mixing boards, and all the other fancy stuff for OVER THE AIR FM RADIO Broadcasts. If you’re going out as a one man operation, you’re doing it wrong. In those cases your partner in the broadcast should be “trusted” enough to maintain the system so you don’t have to pack up.

      If you’re broadcasting solo, get a partner.

      And you don’t have to be in China or at a hacker con to worry about someone jacking your stuff. Plenty of hits on google for it. But if you’ve got money to burn…
      https://encrypted.google.com/search?&q=laptop%20stolen%20from%20coffee%20shop

      I also really like this story about iPhone Theft from NYC. http://www.today.com/tech/double-trouble-iphone-thief-busted-when-his-stolen-iphone-stolen-1C8146675

      Work on shrinking your rig. You shouldn’t have to set up more than a laptop and a headset. Everything else once on, unless using a mixer, should go back in to the bag, next to your feet, or better yet between your feet.

    • #52437
      rattis
      Participant

      H1t M0k3y was looking for help with iphones recently because a lady got her computer stolen out of her office, and locked up her phone.

      As for broadcasting rigs, look in to the stuff the guys that did the Occupy Ustream channels did. Most had multiple batteries, video cameras, laptops, cellphones, mifi points etc, all set up to be worn in a backpack. they only had to expose what they needed, when they needed.

    • #52438
      TomTees
      Participant

      On a side note, I am loving this “Hacker Talk” because it’s all so new to me.  (Haven’t gotten a damn thing done during the last two days, but am enjoying these conversations!!)

      @chrisj wrote:

      Tom I think you’re mis-understanding the point of the SSID and Password on the Jetpack.

      A computer uses a user name and password to protect your data. Putting those in tells the COMPUTER that YOU as the user is authorized to use the computer (the user name) and the password authenticates that it really is you.

      On a Jetpack: The SSID is the name of the network that you tell your computer to connect to for internet access. The Password on that, tells the network that you are authorized and to authenticate you. You need the device to display the password or else you can not tell it you are Authorized by presenting the authentication key.

      Hang on a second…

      I understand that the SSID uniquely identifies my soon to be JetPack.  And that since the JetPack would be a “secure” hotspot, that it doesn’t really matter if someone knows it exists.  (As opposed to a SSID for an unprotected wireless hotspot, say at home.)

      However, if I may be so bold, I don’t follow your comment on the Passcode…  :-

      My understanding – never having used any of this stuff before – but based on other conversations, and reading the Verizon manual from above – is that your Passcode is the “keys to the kingdom”!!

      If you get my Passcode, then you have a way to access my JetPack.

      I know from the Manual that there is a way to hide the SSID and Passcode on the JetPack itself, so if someone walked by and started playing with it, they couldn’t change my settings or use the Passcode to log into my JetPack.

      You said, “You need the device to display the password or else you can not tell it you are Authorized by presenting the authentication key.”

      But I’m not following that.  My understanding is that the way you log in to the Jet Pack is to open your browser, go to 192.168.1.1, select your SSID, and then type in your Passcode into the web form on the web page that came up when you accessed 192.168.1.1 from your browser.  (At no time are you needing to see the SSID or Passcode on the physical JetPack itself.  And at no time are you doing anything on the JetPack itself.  Everything is happening in your browser on your computer.  That is how I understand how things work.)

      Also, from what others have said, IF someone did get your Passcode and jump onto your JetPack, they would be able to Side-Jack you?! (This should be easy to verify on a “hacking” website…)

      And if they “Side-Jacked” you, then all kinds of bad things could happen!  (Things that I am trying to avoid by getting a secured connection to the Internet via my own JetPack.  Right?

      The Jetpack is roughly the size of a really thick wallet. So not anyone should be able to walk up to it, and see the screen.

      But that would be my fear – if I don’t take your advice – and go to the bathroom.

      Hacker Harry sees me leave my table at McDonalds, taps the JetPack, memorizes the SSID and Passcode, goes back to his table and laptop, types those in, and BINGO, he is now on my JetPack waiting for me to return so he can “Side-Jack” me?!

      The physical security side. Having done remotes at events, with computers, mixing boards, and all the other fancy stuff for OVER THE AIR FM RADIO Broadcasts. If you’re going out as a one man operation, you’re doing it wrong. In those cases your partner in the broadcast should be “trusted” enough to maintain the system so you don’t have to pack up.

      If you’re broadcasting solo, get a partner.

      You misunderstand what I’m doing.

      When I am working away from home, which as an IT Contractor is almost always, I often find a McDonalds (or whatever), spend $1 on coffee, and then camp out for the day doing work and what-not.  (I often camp out for 6, 8, 12 hours so I’m gonna have to pee!!!)

      On weekends, I often listen to radio shows (e.g. “House of Hair with Dee Snyder”) and I record them and later edit them and save them as MP3s so I have a permanent copy.

      It may sound funny, but this is one of my “religions”, and there is no way I am shutting down my laptop and missing part of the show to pee!!  (Even worse, so I’m listening to Casey Kasem’s AT40 countdown.  I’m not skipping #9 through #6 so I can pee or get more coffee.)

      It’s a silly thing to most, but I am a bigtime audiophile, and my music recording is important to me.

      And you don’t have to be in China or at a hacker con to worry about someone jacking your stuff. Plenty of hits on google for it. But if you’ve got money to burn…
      https://encrypted.google.com/search?&q=laptop%20stolen%20from%20coffee%20shop

      Point made.

      (BTW, what is “ENCRYPTED.google.com” ?)

      Work on shrinking your rig. You shouldn’t have to set up more than a laptop and a headset. Everything else once on, unless using a mixer, should go back in to the bag, next to your feet, or better yet between your feet.

      I know your are ultimately right on this, but sometimes life is a compromise…  (I guess you just found one of my “weaknesses”…)

      Silly question, but is there some way to make it so when I close the lid on my MacBook it doesn’t go to sleep and kill my app recording my radio show?

      Is there also a way to not lose my Internet connection?

      If I could close my laptop and not have it disrupt my recording app or Internet connection, THEN I wouldn’t mind taking it for a walk to the bathroom, if you follow me?!

      Tom

    • #52439
      hayabusa
      Participant

      I don’t have a Macbook, but I’d assume that, just like a windows laptop, there should be a setting to tell it to do nothing when you shut the lid…  I can’t believe they wouldn’t have one…

      If that, in and of itself, is enough to answer all your questions (besides changing the passwords – and the SSID if possible – to something other than the default, which I’d still strongly recommend), then by all means, find out how to do it, so you can take it with you, and that solves your issues.

      As far as sidejacking, etc, that’s a whole other discussion.  Apologies, that I don’t have time to jump in on that one, this morning, but I’m sure others here might respond to it.

      Good luck in your learning.  🙂

    • #52440
      hayabusa
      Participant

      Oh, and one more note…

      If you’re at McDonalds or wherever, that they HAVE wireless, you really have no need to leave your JetPack on, anyway.  You won’t be using your data /Verizon’s services, while you’re on restaurant wireless, so turn it off, while there, and that part ALSO becomes a moot point.

      The only reason to have it on, there, is if you’re trying to get others to connect through YOUR connection, which isn’t really ethical.

    • #52441
      rattis
      Participant

      The only reason to have it on, there, is if you’re trying to get others to connect through YOUR connection, which isn’t really ethical.

      I think it was Verizon that had the commercial, but could be wrong. There was a commercial not to long ago, that said you can’t trust coffee house / restaurant / etc free wifi because anyone can connect to it and steal your data. You need a mifi device to add an extra level of security to what you do in public.

      It was a pure FUD commercial, but gave another reason to use their paid service over the free service besides being unethical.

    • #52442
      dynamik
      Participant

      If you just want to encrypt web traffic on public networks, and this ties into your other thread about VPNS, look at setting up an SSH SOCKS proxy. You can even configure your browser to send DNS requests through the proxy (at least with Firefox), so anyone sniffing traffic won’t even see what websites you’re requesting. I hit my VPS, but you could just as easily set it up at home. With keys-based authentication, it’s easy and secure.

    • #52443
      TomTees
      Participant

      @hayabusa wrote:

      Oh, and one more note…

      If you’re at McDonalds or wherever, that they HAVE wireless, you really have no need to leave your JetPack on, anyway.  You won’t be using your data /Verizon’s services, while you’re on restaurant wireless, so turn it off, while there, and that part ALSO becomes a moot point.

      The only reason to have it on, there, is if you’re trying to get others to connect through YOUR connection, which isn’t really ethical.

      Well, I guess I was thinking of this whole thing as “all or none”.  That is, while I have heard a few people say, “If you have a Personal VPN, you can safely surf the Internet,” I’m a little leery of that.

      Rewind…

      Over the last month, my plan was to break down and buy a JetPack from Verizon for “Security” and “Privacy”.  But it turns out that while a JetPack would keep my communications “secure” and “private” from my MacBook to Verizon, it would not keep things “private” in a larger sense, because Verizon could be logging everything I do.

      So I will be getting a JetPack maybe next week to address that issue.

      In the mean time, in reading and talking with people, I learned that for “privacy” I should get a Personal VPN.  So I learned about that too, and I’m all for that as well.

      Now back to your point…

      Probably talking out of my rear, but while “in theory” a VPN would provide both “security” and “privacy” at McDonalds, I’m not so sure I trust that.

      In my newbie mind, it seems like it would be MUCH safer to try and connect from my MacBook to my JetPack and then Verizon, AND THEN after I have a “secure” connection, THEN I could take advantage of something like WiTopia for “privacy”.

      I guess my worry of using just WiTopia at McDonalds, is that someone could sniff my connection and hand-shake, and hijack things before I had a safe tunnel into my WiTopia account?!

      The point being that I was planning both my JetPack and WiTopia 100% of the time unless I am at home using my wired DSL line.

      Follow me?

      Tom

    • #52444
      m0wgli
      Participant

      @hayabusa wrote:

      I don’t have a Macbook, but I’d assume that, just like a windows laptop, there should be a setting to tell it to do nothing when you shut the lid…  I can’t believe they wouldn’t have one…

      I thought exactly the same, but apparently you can’t without installing a third party app such as NoSleep for example. To run with the lid closed in what Apple refer to as Clamshell, you need a keyboard, mouse, or trackpad and an external display plugged in.

      @TomTees wrote:

      I guess my worry of using just WiTopia at McDonalds, is that someone could sniff my connection and hand-shake, and hijack things before I had a safe tunnel into my WiTopia account?!

      The point being that I was planning both my JetPack and WiTopia 100% of the time unless I am at home using my wired DSL line.

      Follow me?

      Tom

      I don’t know WiTopia, but I’d be alarmed if the initial logon wasn’t initiated over https.

    • #52445
      TomTees
      Participant

      @m0wgli wrote:

      @hayabusa wrote:

      I don’t have a Macbook, but I’d assume that, just like a windows laptop, there should be a setting to tell it to do nothing when you shut the lid…  I can’t believe they wouldn’t have one…

      I thought exactly the same, but apparently you can’t without installing a third party app such as NoSleep for example. To run with the lid closed in what Apple refer to as Clamshell, you need a keyboard, mouse, or trackpad and an external display plugged in.

      I’ll have to check all of that out.  Thanks for the leads!

      @m0wgli wrote:

      @TomTees wrote:

      I guess my worry of using just WiTopia at McDonalds, is that someone could sniff my connection and hand-shake, and hijack things before I had a safe tunnel into my WiTopia account?!

      The point being that I was planning both my JetPack and WiTopia 100% of the time unless I am at home using my wired DSL line.

      Follow me?

      Tom

      I don’t know WiTopia, but I’d be alarmed if the initial logon wasn’t initiated over https.

      Again, a layperson here…

      Would the connection and encryption and keys be more secure connection from my MacBook to my JetPack to Verizon, than from my MacBook using WiTopia to McDonalds horribly insecure Free Wifi?

      (Is there even a way to “quantify” that analogy?!)   ???

      See, this is why I get so paranoid about all of this…  It is stuff I can’t see or probably understand other than a high-level explanation.  (Talk about “blind faith”!!!!)

      BTW, I had always planned to use my JetPack anytime I was away from home, so to me that is no big deal.  And it sounds like what spawned that point was the “Closing your laptop, leaving it running and connected, and for God’s sake, take it with you to pee!!” concern.  So I don’t see always using my JetPack as a deal breaker.

      But since it came up, I would be interested if any experts out there could break down the distinction between…

      MacBook—>JetPack—>Verizon Network—>Internet

      versus

      MacBook/WiTopia—>McDonald’s Free WiFi—>Internet

      Tom

    • #52446
      dynamik
      Participant

      Secure tunneling protocols are designed so an attacker can observe the handshake but not use that information to decrypt the encrypted data in transit.

      It’s possible to man-in-the-middle these connections, but the success depends on the user ignoring warnings and proceeding without caution. These attacks work when an attacker can intercept communications, not just observe them.

      In such cases, there are actually two connections, one between you and the attacker, and one between the attacker and the intended destination. Both of these connections and valid and secure; it’s just that the attacker controls these channels, so the data can be decrypted and collected, and then reencrypted and retransmitted to the intended recipient. There are tools that make this process fairly transparent and effortless.

      However, most applications will warn you that something odd is going on. SSL/TLS will warn you that the certificate isn’t valid (which is why it’s important to use a valid certificate; otherwise you will become accustomed to ignoring this warning), SSH will tell you that the server’s fingerprint has changed, and so on.

    • #52447
      TomTees
      Participant

      @ajohnson wrote:

      Secure tunneling protocols are designed so an attacker can observe the handshake but not use that information to decrypt the encrypted data in transit.

      It’s possible to man-in-the-middle these connections, but the success depends on the user ignoring warnings and proceeding without caution. These attacks work when an attacker can intercept communications, not just observe them.

      In such cases, there are actually two connections, one between you and the attacker, and one between the attacker and the intended destination. Both of these connections and valid and secure; it’s just that the attacker controls these channels, so the data can be decrypted and collected, and then reencrypted and retransmitted to the intended recipient. There are tools that make this process fairly transparent and effortless.

      However, most applications will warn you that something odd is going on. SSL/TLS will warn you that the certificate isn’t valid (which is why it’s important to use a valid certificate; otherwise you will become accustomed to ignoring this warning), SSH will tell you that the server’s fingerprint has changed, and so on.

      Okay, but back to my question above, which of these would be easier to “hack”…

      MacBook—>JetPack—>Verizon Network—>Internet

      versus

      MacBook/WiTopia—>McDonald’s Free WiFi—>Internet

      And would one be more susceptible than the other to a certain type of attack (e.g. Man-In-The-Middle) that might compromise the security and privacy of the connection?

      Tom

    • #52448
      hayabusa
      Participant

      The two are essentially the same, with a key distinction:

      Both are wireless, but at least, if you change the defaults on your Jetpack, there’s less chance of someone getting your actual key.  And because it’s your Jetpack, you have more control over encryption type being used, etc.

      But at the end of the day, if you use a good VPN / secure tunnel, for any data you need secured, you’ll save money by using McD’s bandwidth (no cellular data), unless Verizon has suddenly come back with unlimited data plans.  I know they dropped them, here.  It sounds like you’d be using it a lot, so your data plan would be costly, if you use the Jetpack.  When I used a mobile hotspot solution, it was for ‘random’ occasions, not everyday, consistent usage.

      That said, the VPN solution is one you’ll want to look closely at, as well.  I’ve found quite a few holes in the web-based / ssl vpn solutions.

    • #52449
      TomTees
      Participant

      @hayabusa wrote:

      The two are essentially the same, with a key distinction:

      Both are wireless, but at least, if you change the defaults on your Jetpack, there’s less chance of someone getting your actual key.  And because it’s your Jetpack, you have more control over encryption type being used, etc.

      But at the end of the day, if you use a good VPN / secure tunnel, for any data you need secured, you’ll save money by using McD’s bandwidth (no cellular data), unless Verizon has suddenly come back with unlimited data plans.  I know they dropped them, here.  It sounds like you’d be using it a lot, so your data plan would be costly, if you use the Jetpack.  When I used a mobile hotspot solution, it was for ‘random’ occasions, not everyday, consistent usage.

      Actually, if you subtract when I listen to streaming audio (e.g. Radio, Sports, etc.) my Internet usage is minimal.  (Just e-mail and things like this forum.)

      That said, the VPN solution is one you’ll want to look closely at, as well.  I’ve found quite a few holes in the web-based / ssl vpn solutions.

      Was with you until the last sentence…

      I thought you were saying that communication over a VPN and Free Wifi was comparable to using the JetPack.  But in your last sentence you mention “quite a few holes in the web-based / ssl vpn solutions.”  ???

      For a VPN, I was going to buy WiTopia’s service, since they seem pretty down-to-earth, and I just liked their website and what they had to say.  (Although for anyone doing illegal activities out there, I wouldn’t trust them as far as log files and the authorities go…)  😉

      Tom

    • #52450
      hayabusa
      Participant

      My statement was more or less to say that not ALL VPN’s are equal.  Don’t just assume that ANY VPN is of equal value.

      Assuming the VPN solution is solid, the end result is an encrypted session, anyway, so unless someone compromises your actual host (your laptop), your data should be encrypted, via VPN, as it crosses the wireless.

      Just that I’ve seen a few VPN solutions that I HAVE foind holes in, where I was able to pull off some wizardry, and hack / gather the end-users’ data, unencrypted.  So the point of the last sentence was to make sure your VPN solution is solid, too.  Not ALL have holes.  But I prefer a VPN solution that uses a ‘full client’, when possible, versus one that is established solely across a browser session, when it’s initiated.  When I said ‘web-based’, I was referring to the latter (the browser- based / initiated ones)

      Edit: and the VPN situation would apply, regardless of Jetpack or McD’s wireless, so don’t base the original decision, solely on VPN.

    • #52451
      TomTees
      Participant

      @hayabusa wrote:

      My statement was more or less to say that not ALL VPN’s are equal.  Don’t just assume that ANY VPN is of equal value.

      Not ALL have holes.  But I prefer a VPN solution that uses a ‘full client’, when possible, versus one that is established solely across a browser session, when it’s initiated.  When I said ‘web-based’, I was referring to the latter (the browser- based / initiated ones)

      Not sure I know what you mean by “Full Client”.

      Does that mean I would have an application on my laptop to connect to the VPN?

      Which vendors offer this?

      And does that make a “browser-based VPN” unreliable??

      What are your thoughts on WiTopia? 

      They seem like the most approachable for someone like me…

      (BTW, I just want privacy from bad guys.  I’m not downloading, or doing any hacking where I would need *extra* protection.)

      Tom

    • #52452
      Jamie.R
      Participant

      I think hayabusa mean full client as in software you install so you would have an application on your laptop/desktop that you need to launch to set the VPN up.

      A few vendors offer this but again its swing and roundabouts I used a VPN not so long ago and found out they were storing my password in plain text. So where I thought I was getting my data encrypted they went really securing me in all ways.

      I have not used WiTopia so cant really give any advice on it.

      There was an article not so long ago on Torrent Freak about VPN it might be worth reading it tents to cover downloading anonymous but still might give you better idea of different services.

      http://torrentfreak.com/vpn-services-that-take-your-anonymity-seriously-2013-edition-130302/

      I hope this help

    • #52453
      carllyfermo
      Participant

      Human hair wigs now are helpful to more and more people now, and do you know why? Just here you will know how helpful the human hair wigs are to people now. In different conditions such as the party, in the office different hair style are suitable for different situation and even meet with people’s suit and so on. But if need to have the hair cut just to suit one case this is really a big trouble. If so then the discount wigs will give a hand to people.

Viewing 33 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2020 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?