YOUR WI-FI IS FUCKED

[Ryan]

There is probably little I can do with what I actually have. They'll have to update the modem themselves as I'm stuck with the rest of this for the moment.

[J.T.]

9 minutes ago, Ryan said:

Yeah, that sounds about right. Luckily, there is literally no important data stored on this computer or in the cloud of any website about me personally.

Remember that you don't need to have valuable data on your machine to make yourself interesting to potential hackers.

If you have a machine that is ripe with vulnerabilities, your machine could become a candidate for a botnet.

Discovery is almost dirt simple.

Someone wandering around your neighborhood with a smart phone paying attention to their Wireless Networks Available settings will notice that you only have PSK2 enabled because your router will cheerfully broadcast that information.

[Ryan]

Stop walking around my neighborhood and using me as part of your insidious DVDVR Botnet.

[Ryan]

Besides upgrading my router and/or switching OS, is there much of anything I can do besides monitoring what tries to connect to me along with the standard anti-...every kind of thing security.

[J.T.]

12 minutes ago, Ryan said:

Besides upgrading my router and/or switching OS, is there much of anything I can do besides monitoring what tries to connect to me along with the standard anti-...every kind of thing security.

A simple firewall will make all the difference in the world.

Windows Firewall is pretty reliable and there are always products like ZoneAlert that can help you.

Also create a strong WiFi password.  Shit protocol attacks can be thwarted by a practically unguessable password.

13 minutes ago, Ryan said:

Stop walking around my neighborhood and using me as part of your insidious DVDVR Botnet.

What was the password to your e-mail again?

[Ryan]

FunkyButtLoving69420KornBizkitPackers4Ever. I'll just enable Windows Firewall as well then and post my SSN # on a big sign outside.

[J.T.]

1 minute ago, Ryan said:

FunkyButtLoving69420KornBizkitPackers4Ever. I'll just enable Windows Firewall as well then and post my SSN # on a big sign outside.

Don't forget to include the first four letters of your surname on the sign.

[Ryan]

I give out printed copies of all my important documents to anyone who asks. There, it's weak ass, but I upgraded the passwords to get into the router and turned on the WiFi one at least to complicated unusual things, so they won't be brute forced instantly. Also, my router's so ass, you wouldn't even pick it up walking by. It's range is shot.

[J.T.]

2 minutes ago, Ryan said:

Also, my router's so ass, you wouldn't even pick it up walking by. It's range is shot.

This will be the only time where having retro-tech will be a good thing.

[Ryan]

I win! I win!

[Technico Support]

2 hours ago, BL88 said:

Some good samaritan is keeping an updated list of major software companies that have issued patches for the WPA2 leaks that they are updating as they learn about new patches. You can find that here. The article also suggests that the bigger issue is fixing individual devices over patching routers, but I am someone who has been called "god-tier paranoid" by full-blown conspiracy theorists, so there's that.

From one god level paranoid to another....I don't even use wifi at home.  Why extend your network literally into the air in and outside your home?  Why not just put an ethernet jack on your outside wall with a neon sign pointing to it?

[J.T.]

1 hour ago, Technico Support said:

Why extend your network literally into the air in and outside your home?  Why not just put an ethernet jack on your outside wall with a neon sign pointing to it?

Having decent WiFi security in addition to other protocols like a firewall or strong passwords or AV are usually reasonable enough precautions to ward off intrusion attempts.

Just because someone can see your router broadcast does not mean that they automatically have access to your home network.  And as I mentioned before, access on its own is nothing without an end machine to compromise or exploit.

Speaking of which, that was fast:

Quote

Microsoft says it has already fixed the problem for customers running supported versions of Windows. “We have released a security update to address this issue,” says a Microsoft spokesperson in a statement to The Verge. “Customers who apply the update, or have automatic updates enabled, will be protected. We continue to encourage customers to turn on automatic updates to help ensure they are protected.” Microsoft is planning to publish details of the update later today.

It seems as though devices running Android and some flavors of LINUX are more susceptible to the WiFi exploit than Windows devices.  This revelation tells me that the exploit would've been used primarily to break into smart phones rather than tablets, computers, or IoT devices.

Google should be frightened and flattered that whomever developed the exploit apparently targeted their software did not really give a shit about devices running on any flavor of Windows.  The notion that Windows is also affected seems to be a bonus.

[Ryan]

They REALLY wanted to hack more celebrity photos.

[Raziel]

12 minutes ago, Ryan said:

They REALLY wanted to hack more celebrity photos.

That's probably the answer.

[Death From Above]

I still don't own a smartphone, eat shit technology.

[tbarrie]

2 hours ago, J.T. said:

Google should be frightened and flattered that whomever developed the exploit apparently targeted their software did not really give a shit about devices running on any flavor of Windows.  The notion that Windows is also affected seems to be a bonus.

If I'm reading things correctly, nobody developed the exploit per se. A researcher discovered that the attack was theoretically possible, told vendors about it in late August, and released it to the world this morning. So Linux and Android being more vulnerable is a result of the way they implemented WPA2, not somebody specifically attacking them.

[Michael Sweetser]

If anyone's looking for good consumer (and even enterprise) network gear at a decent price, check out Ubiquiti's line.  I have an EdgeRouter X and two of the Unifi APs, and they've become pretty fantastic with the latest updates.  Easy to manage and very advanced if you want to get deep into stuff.

[RIPPA]

Ooooh.... I was gonna ask for recommendations since I was planning on replacing my old ass router sooner rather than later 

It would be nice if my signal reached all three rooms of my apartment 

[Ryan]

Mine reaches full strength to roughly my door of my room. It's amazing.

[J.T.]

18 hours ago, tbarrie said:

If I'm reading things correctly, nobody developed the exploit per se. A researcher discovered that the attack was theoretically possible, told vendors about it in late August, and released it to the world this morning. So Linux and Android being more vulnerable is a result of the way they implemented WPA2, not somebody specifically attacking them.

I don't think I completed that thought fully.  I didn't mean to imply that it was a developed exploit by dark siders.  I suppose I was trying to say that dark siders tend to focus their efforts on exploiting the bugs found in popular operating systems because the machines that contain the data they wish to obtain typically run those OS's.. 

It's only logical.

Should there be any techniques or software developed that use this exploit, Android devices would be uniquely vulnerable and most likely these exploits would be used to target devices that use the Android OS even though the exploit should work just as well on Windows systems that don't have the recent security update .  It would be a source of pride and pain for Google and LINUX.

Yay! My Windows Phone is relatively safe!  Yes, because Windows phones encompass a small market percentage that no one gives a shit about.

Back in the day, I used to know an annoying Mac nerd that used to thump his chest over the fact that there were precious few viruses out there that were able to infect Apple computers.  My snarky reply was, "No one bothers to hack Mac because no one significant keeps any important data on a Mac." 

My insult was not 100% true, but percentage wise it was fairly on the mark when I made the statement in the late 90's.

Safe A has a million dollars inside of it and Safe B has twenty.  Which one of these security devices is more secure?  Safe B is because its contents are not worth the effort of trying to crack it.  Even if Safe A had better locks than Safe B, it would still be a more inviting target

[NikoBaltimore]

Considering millions pay from their phones either through websites or banking apps it's not surprising at all to see that Android is the prime target (though with it being done on Iphones you'd think they'd have some interest in that also)  It's great Windows has their updates rolling out but it doesn't matter much in this case.

As it is I got ethernet cords yesterday and hooked up what I can so it's not using wifi.  It's a start, though when contacting Xfinity they were completely clueless on the situation.  I'll have to try again and see if I can get somebody that does have a clue.

[Shadow]

On 10/16/2017 at 10:50 AM, J.T. said:

Kapersky Labs is actually one of the better AV companies out there.  They are very proactive when it comes to computer forensics. 

Remember these are the guys that de-compiled and found out exactly what STUXNET's capabilities were.

Most AV companies are fairly reputable, but you don't have to pay an arm and a leg for good protection.  There are lots of free AV programs out there like Panda that will adequately protect your machine and are updated regularly. 

What you need to remember is that AV isn't the only layer of security you will need for your computer. 

You will also need good malware protection (for example, some with advertisers work deals with AV companies to make sure that their advert-ware does not register as malicious code to a Host Based SS or Anomaly Based SS) as well as some sort of masking software that allows you to surf somewhat anonymously or at least helps you leave a very small digital footprint.

Of course, most browsers are engineered to work against you since sites are actively tagging your metadata so they can steal your soul,,, er.. better tailor internet content to your personal preferences.

Are the paid versions of Kaspersky and Malwarebytes enough of a defense or is there anything else that I should do?

[J.T.]

15 hours ago, Shadow said:

Are the paid versions of Kaspersky and Malwarebytes enough of a defense or is there anything else that I should do?

Kapersky should have the virus side cover and Malwayrebytes should protect you from adware and other malicious code.

That and some common sense while surfing should be ample protection.

[Matt D]

Kaspersky you say? 

[/spoiler[

 

[Bustronaut]

As Matt intimated, Kaspersky may have been in on the whole Russian collusion thing with the election.  I don't know the details, but I'm surprised InfoSec people on the board would recommend it.  Y'all generally a bunch of paranoid weirdos about the most common stuff.