Could rogue WiFi points compromise unassuming Apple iPhone users? - SC Magazine UK

Could rogue WiFi points compromise unassuming Apple iPhone users? - SC Magazine UK

"I was recently interested in an opinion by security blogger Brian Krebs, who claimed that connection to a WiFi network could ‘make it easier for snoops to eavesdrop on your iPhone data usage'.

He claimed that Apple iPhone users who connect to open or public wireless networks should tell the device to forget the network's name after you are done using it.

He said: “For example, if you use your iPhone to connect to an open wireless network called ‘linksys', which happens to be the default, out-of-the-box name assigned to all Linksys home WiFi routers, your iPhone will in the future automatically connect to any WiFi network by that same name.

“The potential security and privacy threat here is that an attacker could abuse this behaviour to sniff the network for passwords and other sensitive information transmitted from nearby iPhones even when the owners of those phones have no intention of connecting to a wireless network, simply by giving his rogue access point a common name.”

As an iPhone user, there are times when its 3G connection are good enough to surf, use apps or simply use the basic phone function of making a call. However if you are looking to download files or ensure that an email or SMS is sent, perhaps a WiFi connection is more efficient.

What Krebs said though is to be wary of free WiFi connections that are available from coffee shops, pubs and restaurants, as if an attacker sets up a rogue wireless access point with a familiar name in a crowded place, they would likely be able to force a fair number of iPhones in the vicinity to automatically connect to his access point.

He said: “This attack scenario is more a reminder about basic wireless security safety than anything else. If you must use WiFi to communicate sensitive information make doubly sure that the web address of the site you are sending data to begins with an ‘https', or else any data you share with that site could be intercepted and read by anyone else on that same network.

“Also, if your web browser complains about a certificate or encryption error while you are trying to log on to a site or transmit sensitive data, it's probably safest to cancel that transaction, as it may be a sign that someone on the network is attempting to intercept the transmission.”

A recent pledge by Mayor of London Boris Johnson was to make London the world's biggest internet hotspot by 2012, with him claiming that 'every lamp post, every bus stop', in the capital will offer wireless internet access by the time the Olympic Games opens.

The proposal is expected to work by installing thousands of 'hotspots' into street lights and bus stops, with the boxes using the existing electrical supply and wiring, and would be able to cover a small distance around the area with WiFi.

A similar scheme already exists in the City of London, which offers users internet access anywhere. The plan is expected to allow both commuters and local homes to access the internet, although no details of pricing have been given.

I put this perspective to various people, and there was complete agreement with the perspective. Simon Ford, international sales director of NCP, said: “This is absolutely correct, when you log on to the internet at an airport, hotel or even at McDonalds or Starbucks the WiFi is provided and you have no idea what you are logging on to.

“Someone could log on to the WiFi and with a sniffer collect the data. I would not connect to a WiFi I did not know, I would hope no one goes to an airport and does online banking.”

So while the innovation of accessible WiFi could be the future of accessibility within city centres, should the mayor's plans come to fruition, there does seem to be caution exercised for users. Undoubtedly brilliant, could WiFi be the next vector for attack for unassuming users?"

 

Free WiFi in cafes and pubs - what security issues should I be aware of ? « Singletrack Forum

Free WiFi in cafes and pubs - what security issues should I be aware of ? « Singletrack Forum

"Free WiFi in cafes and pubs - what security issues should I be aware of ?"

Is Wifi encryption safe, can people see what your doing?

Can other people on an encrypted Wi-Fi AP see what you're doing? - Super User

es, with WEP encryption it's super simple. Everything's encrypted with the key you needed to know to get on the network. Everyone on the network can decode everyone else's traffic without even trying.

With WPA-PSK and WPA2-PSK, it's a little trickier, but not too hard. WPA-PSK and WPA2-PSK encrypt everything with per-client, per-session keys, but those keys are derived from the Pre-Shared Key (the PSK; the key you have to know to get on the network) plus some information exchanged in the clear when the client joins or re-joins the network. So if you know the PSK for the network, and your sniffer catches the "4-way handshake" another client does with the AP as it joins, you can decrypt all of that client's traffic. If you didn't happen to capture that client's 4-way handshake, you can send a spoofed de-authenticate packet to the target client (spoofing it to make it look like it came from the AP's MAC address), forcing the client to fall off the network and get back on, so you can capture its 4-way handshake this time, and decrypt all further traffic to/from that client. The user of the machine receiving the spoofed de-auth probably won't even notice that his laptop was off the network for a split second. Note that NO man-in-the-middle hassle is necessary for this attack. The attacker just has to capture a few specific frames at the time the target client (re-)joins the network.

With WPA-Enterprise and WPA2-Enterprise (that is, with 802.1X authentication instead of using a Pre-Shared Key), all the per-client per-session keys are derived completely independently, so there's no possibility of decoding each others' traffic. An attacker would either have to sniff your traffic on the wired side of the AP, or possibly set up a rogue AP in the hope that you'll ignore the bogus server-side certificate the rogue AP would send, and join the rogue AP anyway.

 

beevpn.com

 

 

 

 

BeeVPN - Home

"Safe on the Net? All over the world, broadband providers are increasingly forced to monitor and log what their customers are doing while on the net. The implication is that if you don't act somebody might very well be eavesdropping everything you do on the net. That means following what websites you visit, what files you download, with whom and about what you chat on instant messaging, and to whom and about what you send emails. Some ISP's, employers and schools even block or filter websites, or limit your acces to certain applications and programs (i.e. Skype, Facebook, Youtube and more). With BeeVPN installed on your computer, you are free to go everywhere on the net and free to use all your favourite applications! By buying a BeeVPN subscription you can continue surfing the net, know knowing that nobody will be able to log, monitor or meddle with your activity on the net. How does it work? When you have signed up and paid for your subscription you download a small program from our website. It only takes a moment. Whenever you have the program active all traffic from your computer will be encrypted, safe and anonymous. Surf the net without worries for only GBP 6 per month. Get BeeVPN here "



12vpn.com

 

12VPN.com

"Every day, thousands of expats, travelers and mobile users world-wide enjoy a safe and unrestricted Internet. With 12vpn™ they are able to secure their Internet connection and break free of artificial restrictions. Supporting the broadest range of platforms and VPN protocols, 12vpn™ has quickly become the worlds most popular VPN service among expats, travelers and mobile users. With 12vpn™ you'll be able check your e-mail and use the Internet at that nice coffee shop, without worrying about safety. You'll be able to keep in touch with your friends on Facebook, Twitter, etc. without running into blocked websites. Enjoy the Internet like you do at home - worry-free and without restrictions!"

 

Our offer

• No frills, fast and reliable VPN servers.
• Unblock websites, bypass filters and firewalls.
• Improve online your security, privacy and safety.
• First class support.
  

   

 

Enjoy a free Internet now!Sign up for 12vpn™ today and get a 7-day money back guarantee.For our Personal plan, we have a semi-anually payment option available. Compare features on our features page. 

 

Don’t Need No Google! Well in case you do - Get a VPN

[Poster] We Don’t Need No Google!

I'm sure there are lots of people out there that either want their google back or they want to surf the web without being told or restricted to not being able to.

USE a VPN (Virtual Private Network) to get past your internet blocks.

Turkish Bloggers mock the ban on Google!

YouTube has been blocked in Turkey for long and now, according to some newsreports, the government has also blocked Google Docs, Google Books, Google Analytics, Google Translate and most other Google services in the country.

Unhappy at the ban, a group of Turkish bloggers has created an interesting poster mocking the censors!

 

FBI investigating iPad e-mail leaks

Another reason to use a VPN on your ipad

FBI investigating iPad e-mail leaks

" * Social Web * Email * Close

Digg Slashdot Fark Stumble Reddit MIXX del.icio.us Newsvine Technorati Facebook Buzz up! Twitter Your Name: Your Email Address: Recipient(s) Email Address: (Comma separation for multiple addresses) Your Message: Type the two words:Type what you hear:Incorrect. Try again. Get a new challenge Get an audio challengeGet a visual challenge Help FBI investigating iPad e-mail leaks The investigation was opened Thursday after 114,000 e-mail addresses were obtained By Robert McMillan, IDG News Service June 10, 2010 07:12 PM ET Newsletter Signup

* Share/Email * Tweet This * Comment * Print

The U.S. Federal Bureau of Investigation has opened an investigation into the leak of an estimated 114,000 Apple iPad user e-mail addresses.

Hackers belonging to a group called Goatse obtained the e-mail addresses after uncovering a Web application on AT&T's Web site that returned an iPad user's e-mail address when it was sent specially written queries. After writing an automated script to repeatedly query the site, they downloaded the addresses, and then handed them over to Gawker.com. "

 

vpnuk.net

VPN IP Tunneling - VPN UK, USA, Spain, Canada, Germany, France, Netherlands, Switzerland VPN services.

"VPNUK - The Virtual Private Network Specialists

Welcome to VPNUK, VPNUK offer secure VPN services from any worldwide location to servers in the UK, USA, Switzerland, Spain, France, Germany, Canada and the Netherlands to home users and businesses the world over. Our VPN Tunneling services are Fast, Secure and Unmetered.

So what is a VPN? VPN is an acronym for Virtual Private Network. A VPN provides an encrypted and secure connection 'tunnel' from a user's computer to its destination over the Internet.

A VPN is a virtual private network or tunnel over the internet that controls all incoming and outgoing TCP internet connections. Each VPN tunnel is totally anonymous on the internet and it helps to keep your activities anonymous and safe. A VPN connection is an attractive option for people concerned about their security and privacy. It is not a web proxy, it is much more advanced than that. VPNUK offers the following amazing features with all of our VPN IP's;

LOW Cost, from as little as £4.25 per server, per month. 128bit encryption on all outgoing connections. Security for hotspot wireless access users. LIVE and On Demand television and films. FREE 24 hour evaluation period on all accounts. Anonymous internet browsing. Extra software is not required. Full anonymity by hiding your real IP address. Anonymity when ordering products whilst abroad or traveling. UK, US, Canadian, Spanish, German, French, Dutch and Swiss based servers. Protection against your ISP and overly strict fair use policies. Bypass geographical blocks from certain websites. Bypass ISP blocking for VOIP applications. Bypassing geographical blocks on TV and Radio software like Zattoo. Unlike a proxy, you get secured connection for all programs you are using. Quality network infrastructure ensures a fast vpn tunneling service. Assign your computer a new TCP IP address. Provide an unparalleled layer of security and anonymity. Protect your Wireless connection from unauthorised use. Prevents harassment caused by people tracking you by your IP address. Get a safe/encrypted connection between your computer and the internet. Surpass skype and other voip blocked in your area. Bypass all blocked websites, software and programs. High speed game VPN tunnel."

 

Surf Anonymously with GoTrusted

Someone May Be Snooping On You Right Now!

Secure All Your Applications with One Click.

Surf Anonymously with GoTrusted

" For single users concerned about privacy

• Secure tunnel access for individual users • Anonymous Surfing • High Speed, Unlimited Use • Low $5.99/month rate • Sign-up in seconds Surf Anonymously TRY IT FREE!"

Surf Anonymously with GoTrusted

GoTrusted is the fast, easy way to secure your PC's Internet data and protect your privacy. Try It Free.

Makes all of your web surfing anonymous

Secures Web, email, video, IM, P2P... all automatically

Simple, one-click operation!

Uses industrial strength encryption & hides your IP

 

 

VPN Privacy Service

VPN Privacy Service

"A virtual private network (VPN) is a private network inside a public network (such as the Internet), which is secure and private because of encryption and security procedures. A VPN connection provides your computer with 'virtual' connection to the our Canadian or USA VPN server - it then behaves exactly as it would if you were actually in Canada or USA. You may use our VPN service for safe, anonymous surfing, anonymous mp3 and movie download, safe access to adult sites, unblock VoIP (Skype), bypass any restrictions to view any site. Our VPN Service does not need install any special software! Our technical support will help you set the connection if you have any questions."

 

VPN Master - VPN Provider - Buy VPN Accounts - Cheap VPN Access

VPN Master - VPN Provider - Buy VPN Accounts - Cheap VPN Access:

" We are committed for quality. Top class services, top class support!. We are experts in VPN technologies and we value our customers' privacy. Customer satisfaction is our main goal. We help our customers to bypass censorship and we value freedom of expression. read more... We offer the fastest VPN service available. Only 30 clients per server. You will get full broadband speed with us!We have IPs available from USA, UK and Netherlands "