Recent Topics
White or milky cloud in engine oil when cold
by OilUzer. 01/20/19 02:08 AM
Karma Kruiser!
by ekpolk. 01/20/19 01:36 AM
2018 Mazda 3 SkyActive 2.0
by wolf_06. 01/20/19 12:41 AM
Kendall nitro 70
by Bullwinkle007. 01/19/19 11:11 PM
Dexron HP
by Snagglefoot. 01/19/19 11:11 PM
Ruger American 22 Mag
by TiredTrucker. 01/19/19 11:06 PM
Prestone Dex Cool vs Carquest Dexcool
by A_User55555. 01/19/19 11:05 PM
FRAM end cap differences EG and TG vs XG
by wemay. 01/19/19 09:25 PM
Valvoline modern Engine
by Pinoak. 01/19/19 09:02 PM
30 Vintage Photos
by StevieC. 01/19/19 08:23 PM
Low mileage, when to change oil?
by Metfanant. 01/19/19 08:05 PM
Filter with bypass when OEM has built-in bypass
by rubberchicken. 01/19/19 07:43 PM
Barrett Jackson 2019 Pics
by Nick1994. 01/19/19 05:41 PM
What do y'all do with old car parts?
by qdeezie. 01/19/19 05:11 PM
Diagnosing catalytic converters.
by Tlhfirelion. 01/19/19 04:20 PM
Oil recommendations for GM Vortec 8100
by Dudemanmaximus. 01/19/19 04:14 PM
Leaf Spring Questions- Lots of Questions
by George7941. 01/19/19 04:02 PM
Am I being out of line?
by Chris142. 01/19/19 04:00 PM
Newest Members
dougway, Jetsfan421, Fordman420, 72sbc, ejmiller
66982 Registered Users
Who's Online Now
23 registered members (Char Baby, BretK, ChrisD46, billt460, c502cid, DaleRider, 4 invisible), 801 guests, and 35 spiders.
Key: Admin, Global Mod, Mod
Forum Statistics
Forums67
Topics296,866
Posts4,960,388
Members66,982
Most Online2,688
Jan 19th, 2019
Donate to BITOG
Previous Thread
Next Thread
Print Thread
Hop To
Page 1 of 2 1 2
WPA2 WiFi Hack & VPN Services #4545048
10/16/17 10:21 AM
10/16/17 10:21 AM
Joined: Sep 2010
Posts: 7,597
Planet Earth
2015_PSD Offline OP
2015_PSD  Offline OP
Joined: Sep 2010
Posts: 7,597
Planet Earth
With the announcement of a WPA2 hack I would surmise it will be some time before patches are available (if they ever are) for the massive number of devices affected. Although I do not have any state secrets to protect and realize that it will take some time before the hack is available widespread enough to affect me or others in an individual basis, it does tip the scales a bit towards enlisting a VPN service.

Does anyone here use a VPN service and/or have a recommendation for one? I see some lifetime offerings out there and I typically move about 1TB per month so I would want one to be "unlimited" in both bandwidth and number of devices which can be used simultaneously.

Thanks in advance for sharing.

Re: WPA2 WiFi Hack & VPN Services [Re: 2015_PSD] #4545060
10/16/17 10:29 AM
10/16/17 10:29 AM
Joined: Aug 2008
Posts: 22,078
ON, Canada eh?
StevieC Offline
StevieC  Offline
Joined: Aug 2008
Posts: 22,078
ON, Canada eh?
IPVanish.com Been using them for years. Super fast servers in multiple countries. Easy to use software if you want 0 configuration.

Lifetimes are usually slow and unreliable because the servers are overcrowded. I have been down that road.

Wired is the only 100% security. There will always be a hack for wireless because it's across the air. Change your key frequently and use cyptic hex type passwords to make it harder to sniff out what the key is over the air, don't broadcast your SSID, and turn on MAC Address filtering. Although none of this is foolproof it makes it harder to get into your network. I take it one step further and restrict my LAN from wireless clients. I turn this off to do file transfers and then turn it back on so as to keep anyone that makes it onto my wireless netowkr, out of my other clients on the network.

Last edited by StevieC; 10/16/17 10:36 AM.

'18 Dodge Grand Caravan GT - 17k KM - AMSOIL SS 0w30
'06 Hyundai Santa Fe - 535k KM (Dead) - AMSOIL SS 0w30
Re: WPA2 WiFi Hack & VPN Services [Re: 2015_PSD] #4545065
10/16/17 10:34 AM
10/16/17 10:34 AM
Joined: Jan 2010
Posts: 844
NEPA
shrooms Offline
shrooms  Offline
Joined: Jan 2010
Posts: 844
NEPA
Tor?


2002 Mazda MPV. PUP 5W20, Fram XG2, Dex VI
2001 Honda Civic HX. M1 EP 5W20, Fram XG3717
Re: WPA2 WiFi Hack & VPN Services [Re: 2015_PSD] #4545066
10/16/17 10:34 AM
10/16/17 10:34 AM
Joined: Jun 2005
Posts: 11,735
Santa Barbara, CA
bdcardinal Offline
bdcardinal  Offline
Joined: Jun 2005
Posts: 11,735
Santa Barbara, CA
I use Private Internet Access. Last month I did about 1400GB in traffic. Actually to the point I have been put on a data-cap from my ISP.


2014 Ford Mustang GT Track Pack
1995 Ford Mustang GT

Ford/Mazda Parts Counter
NRA Benefactor Member
Opinions expressed are my own.
Re: WPA2 WiFi Hack & VPN Services [Re: StevieC] #4545079
10/16/17 10:42 AM
10/16/17 10:42 AM
Joined: Sep 2010
Posts: 7,597
Planet Earth
2015_PSD Offline OP
2015_PSD  Offline OP
Joined: Sep 2010
Posts: 7,597
Planet Earth
Originally Posted By: StevieC
IPVanish.com Been using them for years. Super fast servers in multiple countries. Easy to use software if you want 0 configuration.

Lifetimes are usually slow and unreliable because the servers are overcrowded. I have been down that road.

Wired is the only 100% security. There will always be a hack for wireless because it's across the air. Change your key frequently and use cyptic hex type passwords to make it harder to sniff out what the key is over the air, don't broadcast your SSID, and turn on MAC Address filtering. Although none of this is foolproof it makes it harder to get into your network. I take it one step further and restrict my LAN from wireless clients. I turn this off to do file transfers and then turn it back on so as to keep anyone that makes it onto my wireless netowkr, out of my other clients on the network.
Yep, all of that is already enabled (or disabled) on my network. Thanks for the information on the VPN. I will check them out.

Re: WPA2 WiFi Hack & VPN Services [Re: 2015_PSD] #4545080
10/16/17 10:43 AM
10/16/17 10:43 AM
Joined: Aug 2008
Posts: 22,078
ON, Canada eh?
StevieC Offline
StevieC  Offline
Joined: Aug 2008
Posts: 22,078
ON, Canada eh?
thumbsup


'18 Dodge Grand Caravan GT - 17k KM - AMSOIL SS 0w30
'06 Hyundai Santa Fe - 535k KM (Dead) - AMSOIL SS 0w30
Re: WPA2 WiFi Hack & VPN Services [Re: 2015_PSD] #4545084
10/16/17 10:47 AM
10/16/17 10:47 AM
Joined: Apr 2008
Posts: 38,263
Ontario, Canada
OVERKILL Offline
OVERKILL  Offline
Joined: Apr 2008
Posts: 38,263
Ontario, Canada
From the actual disclosure:

Quote:
As a proof-of-concept we executed a key reinstallation attack against an Android smartphone. In this demonstration, the attacker is able to decrypt all data that the victim transmits. For an attacker this is easy to accomplish, because our key reinstallation attack is exceptionally devastating against Linux and Android 6.0 or higher. This is because Android and Linux can be tricked into (re)installing an all-zero encryption key (see below for more info). When attacking other devices, it is harder to decrypt all packets, although a large number of packets can nevertheless be decrypted.


That is sure to burn some bonnets.


2018 RAM 1500 Big Horn EcoDiesel
2016 Grand Cherokee SRT
Re: WPA2 WiFi Hack & VPN Services [Re: 2015_PSD] #4545096
10/16/17 10:59 AM
10/16/17 10:59 AM
Joined: Apr 2008
Posts: 38,263
Ontario, Canada
OVERKILL Offline
OVERKILL  Offline
Joined: Apr 2008
Posts: 38,263
Ontario, Canada
Also particularly relevant here:

Quote:
Our main attack is against the 4-way handshake, and does not exploit access points, but instead targets clients. So it might be that your router does not require security updates. We strongly advise you to contact your vendor for more details. In general though, you can try to mitigate attacks against routers and access points by disabling client functionality (which is for example used in repeater modes) and disabling 802.11r (fast roaming). For ordinary home users, your priority should be updating clients such as laptops and smartphones.


2018 RAM 1500 Big Horn EcoDiesel
2016 Grand Cherokee SRT
Re: WPA2 WiFi Hack & VPN Services [Re: StevieC] #4545109
10/16/17 11:17 AM
10/16/17 11:17 AM
Joined: Apr 2008
Posts: 38,263
Ontario, Canada
OVERKILL Offline
OVERKILL  Offline
Joined: Apr 2008
Posts: 38,263
Ontario, Canada
Originally Posted By: StevieC
IPVanish.com Been using them for years. Super fast servers in multiple countries. Easy to use software if you want 0 configuration.

Lifetimes are usually slow and unreliable because the servers are overcrowded. I have been down that road.

Wired is the only 100% security. There will always be a hack for wireless because it's across the air. Change your key frequently and use cyptic hex type passwords to make it harder to sniff out what the key is over the air, don't broadcast your SSID, and turn on MAC Address filtering. Although none of this is foolproof it makes it harder to get into your network. I take it one step further and restrict my LAN from wireless clients. I turn this off to do file transfers and then turn it back on so as to keep anyone that makes it onto my wireless netowkr, out of my other clients on the network.


Sniffing an SSID and spoofing a MAC are both extremely easy and provide a false sense of security. In fact hiding an SSID makes one more likely to be targeted because it screams "Important data here".

The best protection if one is forced to use WiFi is WPA2-AES with a complex key. Other measures such as using a security appliance to sniff/filter all traffic passing through a network aren't really viable in most consumer scenarios.


2018 RAM 1500 Big Horn EcoDiesel
2016 Grand Cherokee SRT
Re: WPA2 WiFi Hack & VPN Services [Re: shrooms] #4545110
10/16/17 11:18 AM
10/16/17 11:18 AM
Joined: Sep 2015
Posts: 997
PENNSYLVANIA
JeepWJ19 Offline
JeepWJ19  Offline
Joined: Sep 2015
Posts: 997
PENNSYLVANIA
Originally Posted By: shrooms
Tor?


Does not help wifi security issues, and is not as safe as what people make it out to be.


2002 Jeep WJ 4.0 | Mobil 1 HM 5w30 |
TG8A | 2.5" lift | 148k miles

Software Engineer :]
Re: WPA2 WiFi Hack & VPN Services [Re: 2015_PSD] #4545237
10/16/17 02:23 PM
10/16/17 02:23 PM
Joined: Jan 2008
Posts: 1,023
TX
robertcope Offline
robertcope  Offline
Joined: Jan 2008
Posts: 1,023
TX
Using a VPN service seems like a bit of an overkill. Almost any site that you access via the web that matters, for example, is going to be accessed over https (even BITOG) which adds another layer of security. I'm not saying this exploit does not matter, but I don't think it is anything to panic about, either. Of course, I've been wrong before...

Re: WPA2 WiFi Hack & VPN Services [Re: 2015_PSD] #4545284
10/16/17 03:24 PM
10/16/17 03:24 PM
Joined: Mar 2010
Posts: 1,364
Michigan
BobsArmory Offline
BobsArmory  Offline
Joined: Mar 2010
Posts: 1,364
Michigan
I have used Nord VPN for a while now on my computers and cell phones with great success. My company requires that I use a VPN if I access their portal or work email using my electronics from their list of approved VPNs and Nord is one of them.


Keeping the forces of evil at bay
2016 Chevy Malibu LT 1.5 Liter Turbo
2017 Chevy Equinox LT 2.4 Liter
Re: WPA2 WiFi Hack & VPN Services [Re: robertcope] #4545296
10/16/17 03:32 PM
10/16/17 03:32 PM
Joined: Sep 2010
Posts: 7,597
Planet Earth
2015_PSD Offline OP
2015_PSD  Offline OP
Joined: Sep 2010
Posts: 7,597
Planet Earth
Originally Posted By: robertcope
Using a VPN service seems like a bit of an overkill. Almost any site that you access via the web that matters, for example, is going to be accessed over https (even BITOG) which adds another layer of security. I'm not saying this exploit does not matter, but I don't think it is anything to panic about, either. Of course, I've been wrong before...
I used to think that but I do not anymore. With laws being passed that allow ISPs to sell information regarding your usage and other things a VPN is starting to make more and more sense.

Re: WPA2 WiFi Hack & VPN Services [Re: BobsArmory] #4545298
10/16/17 03:33 PM
10/16/17 03:33 PM
Joined: Sep 2010
Posts: 7,597
Planet Earth
2015_PSD Offline OP
2015_PSD  Offline OP
Joined: Sep 2010
Posts: 7,597
Planet Earth
Originally Posted By: BobsArmory
I have used Nord VPN for a while now on my computers and cell phones with great success. My company requires that I use a VPN if I access their portal or work email using my electronics from their list of approved VPNs and Nord is one of them.
Any limits?

Re: WPA2 WiFi Hack & VPN Services [Re: OVERKILL] #4545315
10/16/17 03:44 PM
10/16/17 03:44 PM
Joined: Aug 2008
Posts: 22,078
ON, Canada eh?
StevieC Offline
StevieC  Offline
Joined: Aug 2008
Posts: 22,078
ON, Canada eh?
Originally Posted By: OVERKILL
Originally Posted By: StevieC
IPVanish.com Been using them for years. Super fast servers in multiple countries. Easy to use software if you want 0 configuration.

Lifetimes are usually slow and unreliable because the servers are overcrowded. I have been down that road.

Wired is the only 100% security. There will always be a hack for wireless because it's across the air. Change your key frequently and use cyptic hex type passwords to make it harder to sniff out what the key is over the air, don't broadcast your SSID, and turn on MAC Address filtering. Although none of this is foolproof it makes it harder to get into your network. I take it one step further and restrict my LAN from wireless clients. I turn this off to do file transfers and then turn it back on so as to keep anyone that makes it onto my wireless netowkr, out of my other clients on the network.


Sniffing an SSID and spoofing a MAC are both extremely easy and provide a false sense of security. In fact hiding an SSID makes one more likely to be targeted because it screams "Important data here".

The best protection if one is forced to use WiFi is WPA2-AES with a complex key. Other measures such as using a security appliance to sniff/filter all traffic passing through a network aren't really viable in most consumer scenarios.



thumbsup Thanks! smile


'18 Dodge Grand Caravan GT - 17k KM - AMSOIL SS 0w30
'06 Hyundai Santa Fe - 535k KM (Dead) - AMSOIL SS 0w30
Page 1 of 2 1 2

BOB IS THE OIL GUY® Powered by UBB.threads™