is it ok to leech wifi from your neighbour?

Defiler Of The Coffin · 02-05-2013 12:06PM

syklops wrote: »

The guy who wrote it is a boardsie. It was a lot more complicated than just converting the SSID to hex. If I remember correctly it actually XOR'ed the SSID with lyrics from a Jimi Hendrix song.

Name and shame

Amalgam · 02-05-2013 12:12PM

Ideally, you need to use a randomly generated password to the maximum of the router and encryption method's abilities.

For example, if you go to Steve Gibson's website (perfectly safe and well known site)

https://www.grc.com/passwords.htm

There you can generate proper, secure and unique passwords for your router/mifi etc..

It should be along the lines of the following:

63 random printable ASCII characters:
i].Uh-imtDkRl}?+\1@Xh;Vz"CMnrNUD?T6/(`lk<Dz5"%05CY;Z1?:A_yL;.~T

..or if your router/mifi etc.. doesn't support the full character set/ASCII, then..

63 random alpha-numeric characters (a-z, A-Z, 0-9):
1xCf5XApkgtwBqHdPSqOxjWFrY9w5cHGPw118UK7JlafTIHQwl74qPCksbcYoI4

There's a brief enough explanation on the page about the science behind the numbers. (entropy etc..)

WPA is secure, but like any encryption method, the weakness is on the human side, so, if your password is, 'password', or, 'catcatcat', then there is a small chance of being vulnerable to a, 'dictionary attack'.

Amalgam · 02-05-2013 12:14PM

There are plenty of other router password generators online. Just Google.

Cuddlesworth · 02-05-2013 12:28PM

Amalgam wrote: »

WPA is secure, but like any encryption method, the weakness is on the human side, so, if your password is, 'password', or, 'catcatcat', then there is a small chance of being vulnerable to a, 'dictionary attack'.

I'll set my home router to a easy to memorize 25 character phrase like "mycatisalittlefluffywuffy" and see how long it takes you to crack it with a rainbow list. I'm going to take a random stab in the dark and guess that it would be somewhere well past a century.

Your missing the point of a wifi password. People are supposed to be able to use it, share it and not spend half their day attempting to type it.

The same could be said for corporate password policy's, but some attitudes are harder to change.

Amalgam · 02-05-2013 12:33PM

Cuddlesworth wrote: »

I'll set my home router to a easy to memorize 25 character phrase like "mycatisalittlefluffywuffy" and see how long it takes you to crack it with a rainbow list. I'm going to take a random stab in the dark and guess that it would be somewhere well past a century.

Your missing the point of a wifi password. People are supposed to be able to use it, share it and not spend half their day attempting to type it.

The same could be said for corporate password policy's, but some attitudes are harder to change.

I'm not looking to pick an argument over this. How often would you need to input a password?

You use a short password, I'll maximise mine. No fuss.

stimpson · 02-05-2013 12:42PM

http://xkcd.com/936/

srsly78 · 02-05-2013 12:42PM

Amalgam wrote: »

I'm not looking to pick an argument over this. How often would you need to input a password?

You use a short password, I'll maximise mine. No fuss.

That's fine, but don't try to make other people adopt your nonsensical habit.

http://xkcd.com/936/ edit: beaten to the obligatory xkcd

Amalgam · 02-05-2013 12:47PM

srsly78 wrote: »

That's fine, but don't try to make other people adopt your nonsensical habit.

http://xkcd.com/936/ edit: beaten to the obligatory xkcd

'nonsensical' ..it is what your router is capable of, not going beyond a standard or deviating in some strange manner, instead, following it to the letter.

..it is just a router key, that, at most, only needs to be entered once, it costs you *nothing* to work with a longer password. Nothing.

Do whatever suits yourself. All the best.

Cuddlesworth · 02-05-2013 12:49PM

Amalgam wrote: »

I'm not looking to pick an argument over this. How often would you need to input a password?

You use a short password, I'll maximize mine. No fuss.

There are ten wireless devices in my house, as well as numerous guests/friends connecting.

From Steves site as well(I'm familar with it), he provides a tool that points out how long it would take to brute force a password.

Using in his terms, a massive cracking array would take the following amount of time.

Yours would be 1.27 hundred thousand trillion trillion trillion trillion trillion trillion trillion trillion centuries.

Mine would be 7.83 hundred billion centuries.

If a friends asks me for my wireless password, I would prefer not to hand them a A4 sheet and spend five minutes reading it out to them. Instead I'll live in fear of my distant ancestors having their bandwidth stolen.

stimpson · 02-05-2013 12:49PM

Amalgam wrote: »

..it is just a router key, that, at most, only needs to be entered once, it costs you *nothing* to work with a longer password. Nothing.

Try entering that password on a mobile device.

laugh · 02-05-2013 01:08PM

I have an unsecured wifi for my neighbours to use, that way I can find out how deranged they are.

upandcumming · 02-05-2013 01:12PM

You can generate a QR code and stick it on your router.
More here!

Amalgam · 02-05-2013 01:19PM

upandcumming wrote: »

You can generate a QR code and stick it on your router.
More here!

Good grief, I completely forgot about that. I even have my own key printed out on a Brother label, in my wallet. :rolleyes:

stimpson · 02-05-2013 01:21PM

upandcumming wrote: »

You can generate a QR code and stick it on your router.
More here!

Sending your wifi password unencrypted over HTTP is *really* secure.

Amalgam · 02-05-2013 01:34PM

I generated mine on an Android phone, there's plenty of QR Code creators over on the Google Play Store.

enda1 · 02-05-2013 01:36PM

Amalgam wrote: »

I generated mine on an Android phone, there's plenty of QR Code creators over on the Google Play Store.

Was wondering about them. Do they do it locally on-board the phone, or is it done server side? Wasn't clear from a quick perusal.

TheUsual · 02-05-2013 01:36PM

If you choose a really tricky password as above just make sure laptops, tablets and different phones can handle long or complex passwords.

Use shorter passwords but ones with upper and lower case letters and numbers as well.

If you are a real "hacker" then just leave the WiFi open and put the mother of all viruses on your router.
Neighbours will not be so quick to nick your data next time.

Amalgam · 02-05-2013 01:38PM

TheUsual wrote: »

If you choose a really tricky password as above just make sure laptops, tablets and different phones can handle long or complex passwords.

Indeed, not all can, a lot of Huawei phones and Mifi units, which I use, refuse to work with extended character\ASCII.

Ruu · 02-05-2013 01:41PM

I did once to activate my Nexus but use my own now, besides there is a connection named FBI Surveillance Van somewhere near my house (really). >_>

TheUsual · 02-05-2013 01:54PM

Ruubot2 wrote: »

I did once to activate my Nexus but use my own now, besides there is a connection named FBI Surveillance Van somewhere near my house (really). >_>

"The other day upon the stairs,
I saw a man who wasn't there.
He wasn't there again today,
I think he's from the C.I.A."

BizzyC · 02-05-2013 02:10PM

sugarman wrote: »

Anyone that uses week WEP or WPA with stock UPC/Eircom etc passwords and a broadcasts their SSID is leaving it open for everyone. So why not.

Because not everyone is technically capable of changing the password, and by stealing their wifi you're probably increasing their bills.

The attitude of "the password is easy to break so it's fair game" is complete crap.

If someones front door had a crap lock would you break in and steal their cash?

SouthTippBass · 02-05-2013 02:25PM

Thanks a lot boards.ie, now I'm paranoid someones syphoning my broadband. How do I check how many devices are connected?

Amalgam · 02-05-2013 02:28PM

Amalgam wrote: »

I generated mine on an Android phone, there's plenty of QR Code creators over on the Google Play Store.

enda1 wrote: »

Was wondering about them. Do they do it locally on-board the phone, or is it done server side? Wasn't clear from a quick perusal.

This particular app, which I've used for a while now, on the phone.

Barcode Generator / Reader - Sugree Phatanapherom

https://play.google.com/store/apps/details?id=com.sugree.barcodegen

---

Barcode Generator / Reader is a derivative app on top of ZXing's work @ http://code.google.com/p/zxing/

enda1 · 02-05-2013 02:35PM

Amalgam wrote: »

This particular app, which I've used for a while now, on the phone.

Barcode Generator / Reader - Sugree Phatanapherom

https://play.google.com/store/apps/details?id=com.sugree.barcodegen

---

Barcode Generator / Reader is a derivative app on top of ZXing's work @ http://code.google.com/p/zxing/

Again that's unclear. Do you know if the app does the generation onboard the phone or if the app sends the data to its servers where teh generation is done and a QR code sent back?

Also does the app store this data/the server store this data. Does the app use geolocation for example?

Amalgam · 02-05-2013 02:40PM

Offline, as in, no wifi or 3G. Phone 'dead' to the internet.. I wouldn't be into generating QR codes on a server. I wouldn't do it.

qwertypop · 02-05-2013 02:45PM

Most regular joes wouldn't know how to access info on your computer or see what your doing. I'm pretty good at computers and I wouldn't know how to

Defiler Of The Coffin · 02-05-2013 07:17PM

srsly78 wrote: »

That's fine, but don't try to make other people adopt your nonsensical habit.

http://xkcd.com/936/ edit: beaten to the obligatory xkcd

Using a good strong password is nonsensical?! How often do you really need to input a password? Why not just enable WPS temporarily if you want to grant someone access to your network.

No way would I ever use anything less than a strong maximum length password. Let's see the script kiddies get around THAT

srsly78 · 02-05-2013 07:18PM

Defiler Of The Coffin wrote: »

Using a good strong password is nonsensical?! How often do you really need to input a password? Why not just enable WPS temporarily if you want to grant someone access to your network.

No way would I ever use anything less than a strong maximum length password. Let's see the script kiddies get around THAT

Strong enough is strong enough. If it is gonna take a billion years to crack then adding a few zeroes on won't matter.

The biggest problem with these crazy long passwords - you have to write it down/save it.

You tinfoil guys sure love your strong passwords tho... Not gonna stop the five dollar wrench attack either way.

Defiler Of The Coffin · 02-05-2013 07:21PM

srsly78 wrote: »

Strong enough is strong enough. If it is gonna take a billion years to crack then adding a few zeroes on won't matter.

You tinfoil guys sure love your strong passwords. Not gonna stop the five dollar wrench attack either way.

What might take a billion years today might only take a few minutes next year. My point is that entering passwords can be easily automated if you know how to do it. So if you don't have to enter it manually then why not use full strength?

Plus if I really was wearing the tin foil hat I'd be using this OS

http://tinfoilhat.shmoo.com/

srsly78 · 02-05-2013 07:23PM

How do you know a workplace has a strong password policy? Because of all the sticky notes on the monitors.

The entire way people have been trained to think about passwords is wrong.

is it ok to leech wifi from your neighbour?

Comments