Reply
 
Thread Tools Display Modes
 
Old 05-11-2014, 03:03 PM   #61
Guru
 
Edelweiss's Avatar
 
City: PNW
Country: USA
Vessel Model: 1976 Californian Tricabin LRC
Join Date: May 2011
Posts: 1,834
Probably more noticeable in the marinas during the winter season here. At any given time, when the parking lots are empty, there will be a couple cars in the parking lots with a lone individual madly typing away on a laptop or tablet.

You have to ask yourself why would someone sit in a 30 degree car in January to use their laptop?? Various reason I suppose. One of our security people told me he confronted a woman who was sitting in her car downloading pirated movies. Her explanation, the Ports WiFi was much faster than her home internet. (Probably anonymous access as well!!)

In the summer time you will see non boater locals sitting at the picnic tables around the marina with their tablets and laptops as well.

Quote:
Originally Posted by ActiveCaptain View Post
Today, if I wanted to hack into someone's accounts for the purpose of getting money, I'd definitely use marinas and airports. In both cases, they're filled with above-income people who are traveling away from home without the typical home access to alerts, phone calls, and computer access.
They busted up a home burglary ring here, where people were breaking into cars in the airport long term parking, just to get the vehicle registration with the families home address. Knowing they would be gone more than a few days, they then cased and broke into their homes.
__________________
Advertisement

__________________
Larry B
Careful . . .I Have a Generator and I'm not afraid to use it !
Edelweiss is offline   Reply With Quote
Old 05-11-2014, 04:49 PM   #62
Guru
 
twistedtree's Avatar
 
City: Gloucester, MA
Country: USA
Join Date: Jan 2013
Posts: 3,174
Quote:
Originally Posted by Edelweiss View Post
The card companies will stand behind their product and no matter how safe you think you're being
True, but they do it by law, not because they are good guys. By law, you are not responsible for fraudulent charges - the CC company is. Not true for debit cards, so be more careful with those.
__________________

__________________
www.MVTanglewood.com
twistedtree is offline   Reply With Quote
Old 05-11-2014, 06:05 PM   #63
THD
Guru
 
City: Seattle
Country: US
Join Date: Apr 2012
Posts: 1,142
This has been a very interesting discussion-I too am glad that AC thing is working out for Jeff, otherwise I would be more worried about my CC!

The only time we had a card (AMEX) compromised it turned out that a clerk at the Four Seasons Hotel in Chicago was stealing numbers, selling them to families of federal prisoners in Illinois. We got a call from AMEX one day asking if we had purchased $2,000 worth of stuff from Victoria's Secret and had it delivered in Miami! The FBI guy that interviewed us said they had had more than $500,000 of bad charges out the that prison!
THD is offline   Reply With Quote
Old 05-11-2014, 06:10 PM   #64
TF Site Team
 
FlyWright's Avatar
 
City: California Delta and SF Bay
Country: Sacramento, CA, USA (boat in Vallejo)
Vessel Name: FlyWright
Vessel Model: Marshall Californian 34 LRC
Join Date: Apr 2008
Posts: 10,162
Quote:
Originally Posted by THD View Post
...it turned out that a clerk at the Four Seasons Hotel in Chicago was stealing numbers, selling them to families of federal prisoners in Illinois.
In Illinois, they call those guys former Governors.
__________________
Al

Custom Google Trawler Forum Search
FlyWright is offline   Reply With Quote
Old 05-12-2014, 08:23 AM   #65
Guru
 
City: Tuckerton, NJ
Country: USA
Vessel Name: WIRELESS ONE
Vessel Model: 36 Gulstar MarkII
Join Date: Mar 2011
Posts: 937
Quote:
Originally Posted by timjet View Post
I've had my credit card comprised twice in the last year. I travel a lot and use hotel WiFi all the time but never to conduct banking transactions or make cc purchases. For those transactions I use my cellular MiFi unit.

After reading this thread I'm going to stop using public WiFi and stick to my MiFi unit. I'll have to upgrade the monthly allotment.

Intrestingly, after the most recent compromise, my cc company didn't seem interested in asking for my help in finding out how my cc was compromised. They did however caught it quickly but not until after the perp made 4 charges totalling over $2000 all on the internet in a matter of 15 minutes.

Honesty it's posts like this that trouble me. Tim your MiFi isn't any more secure than WiFi. Why because it connects to your devices how? Via it's own WiFi (mini AP). There are far too many methods of stealing a persons identity or credit information than just WiFi. Look at the big hack that happened with Target, this wasn't attributed to WiFi.
I really dislike fear mongering and as others have stated the CC companies and your bank have intense security procedures and policies limiting your liability.
Bill
Billylll is offline   Reply With Quote
Old 05-12-2014, 08:45 AM   #66
Guru


 
City: Full-time onboard
Country: USA
Vessel Model: Trawler
Join Date: Oct 2007
Posts: 937
Quote:
Originally Posted by Billylll View Post
Tim your MiFi isn't any more secure than WiFi. Why because it connects to your devices how? Via it's own WiFi (mini AP).
I don't agree. We're not creating an impenetrable defense by NSA or someone who's incredibly knowledgeable. This is pure 98/2 - make it very difficult for 98% of the would-be bad-doers. You can't defend the 2% if you're willing to take part in the world.

The cellular part of MiFi is obviously pretty secure. No normal person has the equipment necessary to hack that.

The WiFi part of MiFi comes by default with WPA encryption. I have never seen a MiFi in any marina or anchorage that was open. Since the typical boater pays for bandwidth on their MiFi (and overcharges), they protect it so no one can steal their cellular plan gigabytes.

For cruising in your boat, there are 3 rules: 1. MiFi/cellular with WPA protection on the MiFi/cellular is all you need; 2. For WiFi, WPA protection is good enough; 3. For open WiFi, a VPN is a requirement. That's all there is.

There's one confusing point to this. Today, many boats have their own WiFi router onboard to create their own local area network. I've been writing a lot about that in our newsletters. It's often the case that you connect a long-range WiFi radio to the LAN router to distribute an internet connection among all WiFi devices onboard. Most people who have that configuration put a WPA password on their boat's router. But if they connect that outside, high-gain WiFi radio to an open WiFi internet connection (a marina, etc), then their traffic is completely in the open - you are not protected by your own boat's router even though it has WPA. You need to use a VPN any time there is open WiFi in the mix. This is a very confusing topic and really needs a picture to show why it's needed.
Jeffrey S is offline   Reply With Quote
Old 05-12-2014, 09:06 AM   #67
Senior Member
 
Jbear's Avatar
 
City: Anacortes
Country: US
Vessel Name: Adelante
Vessel Model: Shin Shing, Eagle 35'
Join Date: Oct 2013
Posts: 127
AC, so if you implement layer 2 isolation on the wireless are you saying you can still see someone else's traffic? I thought that was the whole point of properly setting up the WiFi LAN. I have been told by various manufacturers that if you have isolation on that the two devices can't see each other.

Jeff
Jbear is offline   Reply With Quote
Old 05-12-2014, 09:23 AM   #68
TF Site Team
 
ksanders's Avatar
 
City: SEWARD ALASKA
Country: USA
Vessel Name: LISAS WAY
Vessel Model: BAYLINER 4788
Join Date: Feb 2011
Posts: 3,952
What ActiveCaptain is saying is absolutely correct.

If you use a marinas wifi as the WAN side of your boats router, then you face the same risks as if you connected your laptop directly to the marinas wifi.

As far as whether public WIFI is dangerous to use, well yes it can be. There are techniques that you can use on a layer 2 network to view other peoples data.

I dont care if the wifi is encrypted. You dont have to break the encryption.

Look up...

Mac address flooding
Arp spoofing
DHCP spoofing

These things are not hard to do and almost no layer 2 networks use the tools available to prevent them.

I can sit on my boat and have all of your traffic flow through my laptop. Capture every frame.
__________________
Kevin Sanders
Bayliner 4788
Seward, Alaska
www.mvlisasway.com
ksanders is offline   Reply With Quote
Old 05-12-2014, 10:22 AM   #69
Guru


 
City: Full-time onboard
Country: USA
Vessel Model: Trawler
Join Date: Oct 2007
Posts: 937
Quote:
Originally Posted by Jbear View Post
AC, so if you implement layer 2 isolation on the wireless are you saying you can still see someone else's traffic?
Give a specific example of devices and encryption setup. This stuff is too hard to give many generalizations because it's too easy to have one extra device in the mix ruining an otherwise secure network for you.
Jeffrey S is offline   Reply With Quote
Old 05-12-2014, 01:52 PM   #70
Guru
 
kthoennes's Avatar
 
City: Sioux Falls, South Dakota
Country: USA
Vessel Name: Xanadu
Vessel Model: Mainship 37 Motor Yacht
Join Date: Oct 2013
Posts: 857
Coincidentally I got a call from the fraud department for one of my cards just a few minutes ago. Somebody's been using it in Bangladesh lately and they wanted to confirm I was traveling. Uh no, not in Bangladesh, and that's about #9,469 on my bucket list of places to visit in the world. I never use that card, it's strictly a back-up/emergency kind of thing. No recent use anywhere, in person or over the 'net -- so it just goes to show, hackers in Bangladesh (or wherever) can still steal my card info even if I never use that card in person or online, regardless of how much I fret about connection security.
kthoennes is offline   Reply With Quote
Old 05-12-2014, 02:02 PM   #71
Guru


 
City: Full-time onboard
Country: USA
Vessel Model: Trawler
Join Date: Oct 2007
Posts: 937
Quote:
Originally Posted by kthoennes View Post
so it just goes to show, hackers in Bangladesh (or wherever) can still steal my card info even if I never use that card in person or online, regardless of how much I fret about connection security.
It would be fascinating to know if the bank that issued that card ever provides account statements over email to you. Today I wouldn't expect to see the actual statement in an email but most banks send an email letting you know your statement is available with a link to it. Clicking on that link gets to your account login which could be very easy to penetrate given hacking/sniffing of network transactions over WiFi even if you almost never log in to check it.
Jeffrey S is offline   Reply With Quote
Old 05-12-2014, 02:08 PM   #72
Moderator Emeritus
 
jwnall's Avatar
 
City: St. Marks, Florida
Country: US
Vessel Name: Morgan
Vessel Model: Gulfstar 36
Join Date: Sep 2012
Posts: 3,621
Quote:
Originally Posted by kthoennes View Post
I never use that card, it's strictly a back-up/emergency kind of thing. No recent use anywhere, in person or over the 'net -- so it just goes to show, hackers in Bangladesh (or wherever) can still steal my card info even if I never use that card in person or online, regardless of how much I fret about connection security.
That is kind of scary! And guess that it could be an argument for not having a card if it is not used (although I feel sure one could argue both sides very easily).
__________________
John
jwnall is offline   Reply With Quote
Old 05-12-2014, 04:27 PM   #73
Guru
 
timjet's Avatar
 
Join Date: Apr 2009
Posts: 1,905
Quote:
Originally Posted by Billylll View Post
Tim your MiFi isn't any more secure than WiFi. Why because it connects to your devices how? Via it's own WiFi (mini AP).
Bill
ActiveCaptain, Ksanders and others have indicated that MiFi is secure or at least as AC said 98/2.
My MiFi unit is password protected. So presumably the connection from my MiFi unit to the internet is secure. However and I think this question has been asked before and I haven't seen the answer; is the connection between my computer and my MiFi unit secure also?
__________________
Tim
Tampa Bay
Carver 355 ACMY Twin Cummins Diesels Sold
timjet is offline   Reply With Quote
Old 05-12-2014, 04:43 PM   #74
Guru


 
City: Full-time onboard
Country: USA
Vessel Model: Trawler
Join Date: Oct 2007
Posts: 937
Quote:
Originally Posted by timjet View Post
My MiFi unit is password protected. ... is the connection between my computer and my MiFi unit secure also?
If you have a WPA password on your MiFi for connecting your computer, iPad, TV, etc., then you have what I call state-of-the-practical protection. It's about the best you can do in a reasonable way. It's all I do myself with my own MiFi.
Jeffrey S is offline   Reply With Quote
Old 05-12-2014, 05:33 PM   #75
Guru
 
River Cruiser's Avatar
 
City: UMR MM283
Country: US
Vessel Name: Northern Lights II
Vessel Model: Bayliner 3870
Join Date: Jan 2013
Posts: 1,226
The wifi at my marina is so slow all I use on my iPad is the AT&T 4G.
__________________
Ron on Northern Lights II
I don't like making plans for the day because the word "premeditated" gets thrown around in the courtroom.
River Cruiser is offline   Reply With Quote
Old 05-12-2014, 05:34 PM   #76
TF Site Team
 
ksanders's Avatar
 
City: SEWARD ALASKA
Country: USA
Vessel Name: LISAS WAY
Vessel Model: BAYLINER 4788
Join Date: Feb 2011
Posts: 3,952
Quote:
Originally Posted by ActiveCaptain View Post
If you have a WPA password on your MiFi for connecting your computer, iPad, TV, etc., then you have what I call state-of-the-practical protection. It's about the best you can do in a reasonable way. It's all I do myself with my own MiFi.

That's what we do as well.

One thing that makes maripna wifi more at risk to attack is the relatively broad geographical area it reaches to, ie the whole marina, parking lots, etc...

The wifi on my boat reaches out about a hundred feet. So we are only
Vulnerable within that 100 foot radius.
__________________
Kevin Sanders
Bayliner 4788
Seward, Alaska
www.mvlisasway.com
ksanders is offline   Reply With Quote
Old 05-12-2014, 05:36 PM   #77
Guru
 
City: Tuckerton, NJ
Country: USA
Vessel Name: WIRELESS ONE
Vessel Model: 36 Gulstar MarkII
Join Date: Mar 2011
Posts: 937
Quote:
Originally Posted by River Cruiser View Post
The wifi at my marina is so slow all I use on my iPad is the AT&T 4G.
Let me guess the router and access point are in the main office on a shelf, not a directional panel with an outdoor commercial AP? Then again some people think DSL is enough speed for a commercial WiFi backhaul.
Bill
Billylll is offline   Reply With Quote
Old 05-12-2014, 05:47 PM   #78
Guru
 
City: Tuckerton, NJ
Country: USA
Vessel Name: WIRELESS ONE
Vessel Model: 36 Gulstar MarkII
Join Date: Mar 2011
Posts: 937
Guys I hate to tell you this but unless you set your MiFi to the lowest output power setting I can see them up to a 1/2 to 3/4 of a mile away with enough signal to interogate them.
Bill
Billylll is offline   Reply With Quote
Old 05-12-2014, 05:48 PM   #79
Guru
 
City: Tuckerton, NJ
Country: USA
Vessel Name: WIRELESS ONE
Vessel Model: 36 Gulstar MarkII
Join Date: Mar 2011
Posts: 937
Quote:
Originally Posted by ksanders View Post
What ActiveCaptain is saying is absolutely correct.

If you use a marinas wifi as the WAN side of your boats router, then you face the same risks as if you connected your laptop directly to the marinas wifi.

As far as whether public WIFI is dangerous to use, well yes it can be. There are techniques that you can use on a layer 2 network to view other peoples data.

I dont care if the wifi is encrypted. You dont have to break the encryption.

Look up...

Mac address flooding
Arp spoofing
DHCP spoofing

These things are not hard to do and almost no layer 2 networks use the tools available to prevent them.

I can sit on my boat and have all of your traffic flow through my laptop. Capture every frame.
All of the above can be done to a MiFi as well.
Bill
Billylll is offline   Reply With Quote
Old 05-12-2014, 05:59 PM   #80
Guru


 
City: Full-time onboard
Country: USA
Vessel Model: Trawler
Join Date: Oct 2007
Posts: 937
Quote:
Originally Posted by River Cruiser View Post
The wifi at my marina is so slow all I use on my iPad is the AT&T 4G.
Especially if you're on the east coast, have your marina contact us. We've been working with a company that has a great model and fantastic expertise in designing and installing marina WiFi systems - it's all they do. We believe that instead of a marina asking you to not stream video, they should invite you to use NetFlix, YouTube, Skype, and all of the streaming you'd like. We've been involved with a half-dozen marinas using these new capabilities and the results have been outstanding. And since we're pretty close to marina management and their business practices, we're also able to help them see how to fund it and actually save money by installing the right stuff.

There are some marinas that won't be able to support this newer level of WiFi experience because the backend internet access just isn't there - although that's becoming rare too. But the time is about to end on accepting 500 kbps connectivity that comes and goes when you're at a marina. You'll see...
__________________

Jeffrey S is offline   Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off





All times are GMT -5. The time now is 06:38 AM.


Powered by vBulletin® Version 3.8.8 Beta 4
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
Search Engine Optimization by vBSEO 3.6.0
Copyright 2006 - 2012