The Sad State of Personal Wi-Fi Security

If you have an internet connection at home, there’s a good chance you also have a wireless router set up to give you a wireless internet connection. Many people are happy with the default settings when they turn on their wireless routers for the first time. In some cases, if the router is provided by an ISP that gives a crap, you have a router with good encryption and a decent password. If you’re not that lucky, the default settings mean you’re sharing your internet connection and everything you do while online with anyone with a little knowledge of how Wi-Fi works.

Encryption is the key to safe wireless internet usage and while all wireless routers available today support a range of different encryption standards, many are configured with no encryption or very poor encryption by default. As an example, let’s have a look at the wireless access points that are visible from my apartment.

No less than 16 wireless access points are in range of my computer. I found them by using a tool called inSSIder, which anyone can download and use to scan for available wireless access points. It basically does the same as your operating system when it searches for wireless networks to connect, but the information collected from the networks found is displayed in a very convenient way. The main point of interest here is the Privacy column, which tells us what kind of encryption each network uses. There is one network with no encryption at all, 6 with WEP encryption, 3 with WPA encryption and 6 with WPA2-AES encryption (displayed as “RSNA-CCMP” in the table). As you can see, the WPA encryption comes in two flavors; WPA-AES (WPA-CCMP) and WPA-TKIP.

Initially, the network without encryption seems like an interesting one: It will give you free internet access by simply connecting to it. Personally, I get a little nervous when I see an open wireless network like this. It might be tempting to use it, but in some cases it’s a trap!. Someone might have set up this honeypot to lure you to connect to it just to record everything you do while connected. And by everything I mean everything: usernames, passwords and credit cards numbers – every single piece of data that is transmitted between your computer and the internet. Remember that free wireless internet you use at the coffee shop and the pizza place? It might be that you are connecting to a honeypot, not the free wireless network. And even if you are connecting to the coffee shop’s network, anyone can eavesdrop on the connection as long as the connection is unencrypted. This is the reason why I never connect to an unencrypted network and neither should you.

January One-liners

A new  year is upon us and the one-liners just keep coming.

  • “I don’t need you to remind me of my age. I have a bladder to do that for me.” — Stephen Fry
  • “Design is not just what it looks like and feels like. Design is how it works.” — Steve Jobs
  • “Innovation distinguishes between a leader and a follower.” — Steve Jobs
  • “Everywhere is walking distance if you have the time.” — Steven Wright
  • “All warfare is based on deception.” — Sun Tzu
  • “Opportunities multiply as they are seized.” — Sun Tzu
  • “Knowing what’s right doesn’t mean much unless you do what’s right.” — Theodore Roosevelt
  • “The reason fat men are good natured is they can neither fight nor run.” — Theodore Roosevelt
  • “When you’re at the end of your rope, tie a know and hold on.” — Theodore Roosevelt
  • “Hell, there are no rules here – we’re trying to accomplish something.” — Thomas Alva Edison
  • “I never did a day’s work in my life. It was all fun.” — Thomas Alva Edison

White

Yesterday the first real snowfall finally came to Oslo. It’s been snowing before this winter season, but it’s only been around for a couple of hours or a few days at best before it’s been gone again. But this time it looks like the snow will stay for a while. According to the forecast, the temperature won’t suddenly increase by 10 centigrade, but stay in the blue (or at least not very high in the red) for at least a week. Of course, weather forecasts can’t be trusted anymore than the guys who claim to know anything at all about the stock market, but I decided to give the weather man the benefit of the doubt and hereby officially declare this winter season’s bicycle season for closed.

Yeah, I’m a sissy. I could have bought studded tires for my bike, even more warm clothes and faced Anemoi head on, but instead I opted for a public transportation travel pass valid for a month. It will set me back less than a pair of decent studded tires and it’s always good to spend a month or so each year using public transportation just to remind me how great it is to ride my bike whenever I can. Today wasn’t all that bad, though, it wasn’t too crowded and the number of crazy and/or intoxicated fellow passengers wasn’t higher than expected.

I also took the liberty of taking the featured picture when going home from the gym last night. I tried to get it symmetric, but it turned out quite messy and it wasn’t very easy to hold my Galaxy Tab steady in the freezing cold. But the picture has snow in it!

24/7/365

Another thing I like about the Android platform, in addition to it being incredibly customizable, is that it supports some amazingly powerful applications. Tasker (website) is a very good example of an app so powerful you can do almost everything you can imagine with your phone. Yes, it’s not exactly intuitive and has a learning curve, but if you have a little programming experience or just some patience, you can set up some really useful tasks.

Here are a few of the profiles I’ve created so far:

  • If I’m at work (location based), turn on Wi-Fi, and set the phone to vibrate. When I leave work, the Wi-Fi turns off again.
  • If I’m at home (location based), also turn on Wi-Fi, but turn up the volume on the phone. If I leave the apartment, the Wi-Fi turns off again. Both of these profiles help me save a lot of battery.
  • If I send a text message with a code word, the phone will will get the current coordinates from GPS or the cellular network, depending on what’s currently turned on. It’s not possible to turn on the GPS without human confirmation, which is a bummer, but mobile data is turned on if it’s not already turned on. The coordinates, together with accuracy and information about the latest lock and the current phone time is sent back to the phone number that initially sent the text message with the code word. This profile comes in handy if I misplace my phone.
  • Flight mode is automatically turned on at night and turned off again in the morning. The actually time it’s turn on and off depends on if it’s a weekday or not. Saves a lot of battery.
  • If I plug in my headset, and I’m not at work (my work profile is active), I’m not about to answer an incoming call or I’m not already talking on the phone, Spotify is launched and the media volume is turn half-way up. Very, very convenient.
  • If Spotify is launched manually, the media volume is also turned half-way up. Just because I’m lazy.

Minimalistic Mobile

One of the thing I enjoy the most about the Android platform is how incredibly versatile and customizable it is. With a few clicks and a little imagination you can change the look of your phone from whatever the manufacturer thought was great to something you personally think is even better. Here’s my first serious attempt on doing just that.

To set this up I used a cropped version of this wallpaper and four different Android apps created by some very smart people. More information and plenty more inspiration are available on myColorscreen.