Wi-fi theft arrest

[stevew]

Wed Jul 6, 8:15 PM ET

Quote:

ST. PETERSBURG, Fla. - Police have arrested a man for using someone else's wireless Internet network in one of the first criminal cases involving this fairly common practice.

ADVERTISEMENT

Benjamin Smith III, 41, faces a pretrial hearing this month following his April arrest on charges of unauthorized access to a computer network, a third-degree felony.

Police say Smith admitted using the Wi-Fi signal from the home of Richard Dinon, who had noticed Smith sitting in an SUV outside Dinon's house using a laptop computer.

The practice is so new that the Florida Department of Law Enforcement doesn't even keep statistics, according to the St. Petersburg Times, which reported Smith's arrest this week.

Innocuous use of other people's unsecured Wi-Fi networks is common, though experts say that plenty of illegal use also goes undetected: such as people sneaking on others' networks to traffic in child pornography, steal credit card information and send death threats.

Security experts say people can prevent such access by turning on encryption or requiring passwords, but few bother or are unsure how to do so.

Wi-Fi, short for Wireless Fidelity, has enjoyed prolific growth since 2000. Millions of households have set up wireless home networks that give people like Dinon the ability to use the Web from their backyards but also reach the house next door or down the street.

It's not clear why Smith was using Dinon's network. Prosecutors declined to comment, and a working phone number could not be located for Smith.

Wow, didnt realize this was that serious of a crime. Probably involves the guy doing more than just surfing the web tho from his car, but its hard to say.

[Ksyrup]

This is one of the main reasons I've resisted going wireless, despite the obvious benefits. When I go on the road and log on to my computer in the hotel, I get at least a half-dozen or more possible connections. Even at work every morning, I'm offered the option of connecting to the tenants on either side of us. I'm sure there are ways to prevent it from happening - which is great for a business - but for home use, that's just too complicated and unnecessary for me. I don't have to surf the net while in the bathroom or actually sitting in bed.

[Senator]

encrypt. it takes 2 seconds.

and I want the guy next door arrested for shining his headlights in my living room at 2AM if this guy is getting arrested for locking onto a radio signal.

[Flasch186]

perhaps someone could post how to do it on here....for everyone who comes here for their knowledge.

[Ksyrup]

I don't trust the security stuff yet. I'm out there already as it is, seeing as though I do most of my banking and shopping online; I don't feel the need to make it any easier for the bad guys.

[Senator]

I understand that. Just so you know, I have to deal with some pretty sensitive info, and I feel comfortable using after about 5 years of it. So far, no problems knock on wood.

[kcchief19]

Quote:

Originally Posted by Ksyrup

I don't trust the security stuff yet. I'm out there already as it is, seeing as though I do most of my banking and shopping online; I don't feel the need to make it any easier for the bad guys.

Actually, with an encrypted wireless connection, you're at less risk of exposing data than you are shopping and banking online. It's much easier for the bad guys to get steal your identity online than it is to crack a wireless encryption. I do understand that.

[DanGarion]

Quote:

Originally Posted by kcchief19

Actually, with an encrypted wireless connection, you're at less risk of exposing data than you are shopping and banking online. It's much easier for the bad guys to get steal your identity online than it is to crack a wireless encryption. I do understand that.

Nope, takes less then an hour to crack if you are using WEP (the normal encryption). If you are using WPA it is much more difficult.

[Samdari]

Quote:

Originally Posted by dangarion

Nope, takes less then an hour to crack if you are using WEP (the normal encryption). If you are using WPA it is much more difficult.

Actually, I would say WPA is "normal" now - you almost cannot buy hardware not supporting it anymore.

Sniffing the packets that includes credit card numbers and bank account numbers takes more than an hour? I don't understand how you refute the claim that shopping/banking online is somehow more secure than something that takes an hour to crack.

And that hour would prevent most attempts anyway, unless someone has a reason to target a certain person specifically. Most are simply interested in finding a point for access, so when they find encryption, they assume they will find easier access elsewhere in less than an hour and move on.

[MacroGuru]

I just lock my network down to MAC address, I have my brothers, our laptops, and a few of our friends from school locked into it...other than that...you aren't getting on....oh, and I turned off display of my SSID.

[DanGarion]

Quote:

Originally Posted by Samdari

Actually, I would say WPA is "normal" now - you almost cannot buy hardware not supporting it anymore.

Sniffing the packets that includes credit card numbers and bank account numbers takes more than an hour? I don't understand how you refute the claim that shopping/banking online is somehow more secure than something that takes an hour to crack.

And that hour would prevent most attempts anyway, unless someone has a reason to target a certain person specifically. Most are simply interested in finding a point for access, so when they find encryption, they assume they will find easier access elsewhere in less than an hour and move on.

Out of the box WEP is used much more then WPA, from my own experiences.

My hour to crack was actually being pretty conservative, I've heard it can take as little as 5 minutes. And doesn't sniffing packets on a network require you to have actual access to the network? Plus then you need some software that sniffs packets, and hopefully they aren't visiting encrypted sites because then the information is sent encrypted (right?).

[DanGarion]

Quote:

Originally Posted by indoorsoccersim

I just lock my network down to MAC address, I have my brothers, our laptops, and a few of our friends from school locked into it...other than that...you aren't getting on....oh, and I turned off display of my SSID.

Someone cracking WEP can easily spoof a MAC address as well. . And disabling SSID broadcast is nil if there is traffic in the air it can be sniffed.

[MacroGuru]

Quote:

Originally Posted by dangarion

Someone cracking WEP can easily spoof a MAC address as well. . And disabling SSID broadcast is nil if there is traffic in the air it can be sniffed.

LOL! (got me there, I am just learning more on the WiFi stuff when I can, this spooks me a bit)

Oh, and I do have the firewall helping out as well, but I know those aren't the end all either (Not Windows Firewall, but a full blown Firewall on a Linux server)

[DanGarion]

Quote:

Originally Posted by indoorsoccersim

LOL! (got me there, I am just learning more on the WiFi stuff when I can, this spooks me a bit)

Oh, and I do have the firewall helping out as well, but I know those aren't the end all either (Not Windows Firewall, but a full blown Firewall on a Linux server)

It's really moreso "would" someone really want to do that. I'm not trying to spook you or anything, just letting you know .

[Desnudo]

Quote:

Originally Posted by Ksyrup

I don't trust the security stuff yet. I'm out there already as it is, seeing as though I do most of my banking and shopping online; I don't feel the need to make it any easier for the bad guys.

The biggest safety net you have is anonymity. Meaning the odds of someone abusing your household wireless network, out of all household networks, are pretty low. Unless you invite viruses onto your computer by surfing porn sites and downloading warez.

[Samdari]

Quote:

Originally Posted by dangarion

Out of the box WEP is used much more then WPA, from my own experiences.

When is the last time you purchased equipment. I did it the first time six months ago, and literally every router, PCI network card and PCMCIA network card supported both.

[DanGarion]

Quote:

Originally Posted by Samdari

When is the last time you purchased equipment. I did it the first time six months ago, and literally every router, PCI network card and PCMCIA network card supported both.

Supporting them and what is actually installed are two different things.
I have a Linksys WRT54G it supports WEP and WPA. But I work for a company that does all wireless installs with WEP, because it's still considered standard practice. Most wireless networks you will encounter are still WEP.

[Samdari]

Quote:

Originally Posted by dangarion

Supporting them and what is actually installed are two different things.
I have a Linksys WRT54G it supports WEP and WPA. But I work for a company that does all wireless installs with WEP, because it's still considered standard practice. Most wireless networks you will encounter are still WEP.

Seriously? That's insane.

But anyway, this proves that using simple security measures can indeed protect you - hackers don't have to look very far to find an unprotected moron.

[DanGarion]

Quote:

Originally Posted by Samdari

Seriously? That's insane.

But anyway, this proves that using simple security measures can indeed protect you - hackers don't have to look very far to find an unprotected moron.

Heck there are still lots of wireless routers with no encryption. But that's also because people choose to do that and like providing hotspots.

[Critch]

My best security is that 6 of my neighbors don't bother using any at all.

[JeeberD]

This thread made me get off my lazy ass and encrypt the wireless router I've been using for the past six months... :o

[RendeR]

Not using any encryption is sheer stupidity, the directions for engaging WEP are simple and straight forward, even for my ass-backwards relatives (who believe me are truly a bunch of ignoramouses) at least by using WEP you're eliminating yourself from IMO 99.999% of hacking attempts, as someone said before, why bother with your encrypted network when there are half a dozen other morons nearby without anything?

[Daimyo]

Even if you use only 128bit WEP its going to take probably a month (of normal, single user use) to get enough packets to break the encryption. That's probably good enough for a home setup. Just make sure you have other layers in place such as a host based firewall on each client (yes, you need this even if you have a router/firewall) and use SSL/VPN for secure external connections.

[Daimyo]

DOLA, and while MAC filtering and disabling SSID broadcast are both highly reccomended (although some NICs require SSID broadcast to work) they are not nearly enough by themselves. When it comes to computer security you really need to think in layers... no one thing makes you safe (you'll never be 100% safe against a determined, targetted attack unless you unplug), but each layer gets you that much closer.