WiFi

The friendliest place on the web for anyone who enjoys boating.
If you have answers, please help by responding to the unanswered posts.
See posts with no answers
Stick with AC it's a quality product. Leave the communications over WiFi to the providers. For the record every cellular platforms been hacked as well it's what people don't do with hacked passwords.
Stick to a VPN if your that troubled.
Bill
 
Jbear said:
Just a question, where are you "vpn'ing" to? Doesn't there have to be another end to your VPN? So are you VPN to your ISP? Or to your home network? How do you set that up?
Click to expand...

Another good question. VPN originates from your computer (we'll just take the case of a single user) and ends with a VPN server "somewhere". For a corporate VPN it will end at the corps network, so you have created and encrypted "tunnel" from your laptop through the public internet all the way to you corp network. Security-wise it's like plugging directly into the corp network, which is why corp typically only allow outside access that way.

If you have subscribed to a VPN service, then the encrypted "tunnel" ends at that companies server, and from there gets relayed across the public internet to it's original destination. So only part of the journey is protected, but you are still using the same old internet as the rest of us between the VPN providers server and the web site (or whatever) you are talking to. As a result, VPN services can provide incremental protection in some cases, but also a false sense of security, so use them wisely. The trouble is, the pros and cons are complicated, and it's much easier to just wrap yourself in the warm sense of security and pay for the service. Nice business model :)
 
Billylll said:
Simple I work with Comcast security you don't think we would be asked for MAC and IP's if people using our systems where hacked, really? Not a single LEO request for records, it's Jeff right? I remember your fear mongering on Panbo well...
Bill
Click to expand...

We'll there you go - had to go the personal route. Your "fear mongering" accusation were a few thousand boaters who listened to the concerns and protected themselves. I know because we helped set up nice discounts with a few major VPN players.

So give specifics. You work "with" Comcast security. What exactly does that mean? I work with them too. And give a specific list of marinas where your expertise was used. I'd love to see if I have any real involvement with the facility.

A lot of marina WiFi is installed by a friend or brother-in-law who knows a little about networking. I'm being serious. About half the time, it's a local networking company that has never done outside or difficult installations like marinas. Titusville Municipal is a good example (200 slips). They were having terrible problems. So I called the company who installed the system. They typically do dentist's offices and thought they could use their knowledge to implement marina WiFi. Total failure.

I'm now involved with a few brand new installations. Marina Jack in Sarasota is a great example (300 slips). Instead of them now telling boaters to refrain from streaming video, they now invite them to stream but ask that they limit it to only a few devices. Legacy in Ft Myers is another (200 slips). I don't know where the $300K number came from above. None of these installations were 10% of that.

Marina WiFi is difficult and nothing like hotels or anything else that exists. But I'm done with this conversation if name calling about my attempts to help continues. Knock that the #%^* off.
 
Jeff or others provide a single example where your passwords were compromised and abused while using free provided WiFi.
I'm all ears...
Bill
 
Last edited:
You can't know where the violation occurs. What I do know is that a large number of boaters with AOL accounts end up group emailing their friends because of a hacked account. It mostly happens with my boating contacts. AOL has terrible security and allows easy hacking.

I've venture a guess that everyone on this forum has had a credit card account stolen. Prove to me that it didn't happen while buying something over the Internet from your boat.
 
All this fretting and debate about internet connections and meanwhile we hand our credit cards to hundreds of restaurant workers, cashiers, marina fuel dock kids and dozens of others, and once in a while we still write paper checks that can be easily scanned, "washed" and copied. I only have so much time in life. Have to balance the time I spend against all the risks. We can be hacked and robbed 100 ways every day, how much time are you going to spend becoming a computer networking technician or hassle with all this just to surf the NY Times?
 
When my dinghy is tied up to a public dock, I often lock it with a cable and lock. It's not that the defense will stop anyone who really wants my dinghy - one quick swipe with cable cutters and my dinghy is gone. But what it does do, quite effectively, is give the person interested in stealing a dinghy another choice - one that isn't locked and easier to take.

So while I'll help anyone understand how to give themselves simple types of network protection, I'm sort of happy to see others not willing to take part in it and let whatever happens, happen. The fact is, it makes me safer because it gives the would-be hacker easier choices.
 
twistedtree said:
There are two "level" where the data stream is generally encrypted.

One is the wifi radio connection, and Jeff is correct that only WPA and WPA2 encrypt the whole data stream. WEP just does and access check to let you on or not, but once you are on all data is clear and unencrypted. And of course an open wifi data stream is just that.

But even if someone can listen in on the wifi radio data stream between your computer and the wifi base station, they need to be able to understand that data stream. That brings us to the next level of encryption, which is between your application and the server it is talking to.

Anytime your browser is connected to https://something or other, the entire data stream between your browser and the web server it is talking to is encrypted. Listen all you want, it will just be jibberish. Every bank and ecommerce site uses https at least for checkout, if not for the whole session. So I think that makes those browser sessions secure no mater who is listening in. No WPA wifi required. No VPN required. If you do use a WPA wifi or VPN, you are double encrypting the data stream, once by the browser, and once again to talk over the wifi or VPN channel. By once is enough.

Other applications can do the same. When you set up your email you typically connect to a POP or IMAP server. You can check a box to say you want that communications to be via SSL (Secure Socket Layer) which is the same encryption mechanism used my HPPTS. Buy the way, the "S" in HTTPS stands for HTTP over SSL. Once you have done that, all your email traffic is encrypted end to end over the internet.
Click to expand...

OK, finally a response that is technically correct! Great post!

And folks I am a Cisco certified network engineer

That said I find zero reason to utilize free marina wifi. I have a great cellular data plan, and last week on my boat I measured around 12mbps download speeds from AT&T's LTE system.
 
Last edited:
ksanders said:
OK, finally a response that is technically correct! Great post!
Click to expand...

I kinda agree with it. There is one major exception. Web developers use much more advanced techniques to comminicate between a web page and a server today. JavaScript, jquery, and other Ajax techniques are common in almost all complex websites nowadays. eBoatCards is entirely jquery/Ajax based and uses them all. What that means is that other software is communicating with servers, sending and receiving network traffic, without your knowledge of the mechanisms of encryption visible on the browser URL at the top. It's why a VPN is really the only solution for local protection.
 
ksanders said:
OThat said I find zero reason to utilize free marina wifi. I have a great cellular data plan, and last week on my boat I measured around 12mbps download speeds from AT&T's LTE system.
Click to expand...


I'm increasing leaning that way too. Nearly all marina wifi services are barely useable, if useable at all. From Jeff's comments it sounds like it's poor network implementation as much as it's actual data congestion. 3g/4g is looking better and better all the time.

So, Marina owners and operators, please take note! Some of us don't rate you based on your bathrooms and laundry facilities. With the exception of ducking from bad weather, the main reason for us to go to a marina is wifi, but more often than not, it doesn't work in any acceptable way, so marinas are looking less and less appealing all the time.
 
ActiveCaptain said:
I kinda agree with it. There is one major exception. Web developers use much more advanced techniques to comminicate between a web page and a server today. JavaScript, jquery, and other Ajax techniques are common in almost all complex websites nowadays. eBoatCards is entirely jquery/Ajax based and uses them all. What that means is that other software is communicating with servers, sending and receiving network traffic, without your knowledge of the mechanisms of encryption visible on the browser URL at the top. It's why a VPN is really the only solution for local protection.
Click to expand...


You're more current than I am on some of these technologies. I've been out of the game for going on 7 years now.

But wouldn't you agree that a well implemented web site would ensure that your login and password and other vital data passes through an SSL protected channel? Of course that doesn't mean everybody does, which I guess is your point.
 
Definitely - a well developed site will protect sensitive info. But so few managers understand the difference between a simple change in API parameter and its affect on security. The problem today is that if you're experienced enough to develop the stuff, you won't be in the management side because you're too valuable where you are.
 
Great information here guys. Let's keep it going without the barbs and jabs. We can disagree without being disagreeable.

Thanks for all contributing to this area that many of us 'underlings' don't understand. I'm trying to take this all in, but for the uninitiated, it's a lot like drinking from a fire hose. Twistedtree's explanation really helped me understand my own boat's vulnerabilities which I often wondered about.

What about cellular data used onboard via a cellphone or tablet hotspot. I have AT&T cellular data and can provide a hotspot from my Android Note 8. I frequently use it onboard when no other wifi is available. Is that secure?
 
FlyWright said:
What about cellular data used onboard via a cellphone or tablet hotspot. I have AT&T cellular data and can provide a hotspot from my Android Note 8. I frequently use it onboard when no other wifi is available. Is that secure?
Click to expand...

Yes, provided the mechanism for connecting to cellular is secure - putting a WPA password on it to connect your devices if you're using it as a local hotspot. There are ways around that too but that's in the 99/1 area where it's not worthwhile protecting against it.
 
Jeff AC is a fantastic service and product. I in no way want to defame anyone for their opinion on using open WiFi. I can crack a WEP or WPA site in as little as 2 to 5 minutes. It's not if protections can be hacked it's how or if the data is ever used for nefarious reasons.
Best,
Bill
 
Just wanted to say two things:

1) Active Captain is putting out some good information. I'm not sure how much good it does with an audience that for the most part doesn't even seem to know the difference between authentication and encryption, but that's how it usually is whenever anyone is speaking on any highly technical subject. None of that should be taken as an attempt to denigrate anyone here. Were he to be discussing the finer points of brain surgery most of us would be just as lost. People tend to know things that are relevant to their lives and not too much about things that aren't.

2) This discussion amounts to over-thinking and over-worrying. For the most part. If you're doing anything that involves important data, such as online banking; do yourself a favor and do it via a secure internet connection via a cellular network, NOT over Wi-Fi. It's less critical in your home but the environment around a marina is more "hostile" in criminal terms. That fact that you own a "yacht" makes you a more attractive target. For everyday internet use, just make sure you are connecting to an access point that supports WPA or WPA2. There is no meaningful difference between the two. WPA was just what is sometimes called a "draft" version and WPA2 is "post-standards". And if you're setting up your own WAP, don't bother hiding your SSID. It's not really hidden and you only draw attention to yourself by doing so. Just use a good password.
 
The above post sums up my feelings.
As I mention and will yell it from the top of my vocal range AC is a fantastic product & service to the marine industry. Jeff and I don't agree on much WiFi wise though.
Comcast Xfinity have hundreds of thousands of so called open access points they use a special 1X authentication service. Anyone can even try it for free for up to 3 periods. In the Northeast many boaters enjoy the somewhat free service provided by Cable Vision, Cox Communications and Comcast Xfinity. If you want a secure end to end link use a VPN client from your device to your company VPN. A WiFi air link is not the only place the Internet can be hacked from. Most of the serious hacks don't originate from an open WiFi access point.
I still have an open challenge or question will one boater tell me their passwords were hacked via open WiFi and then were the passwords used nefariously?
I'm still waiting and the silence is killing me......
Bill
 
Billylll said:
I still have an open challenge or question will one boater tell me their passwords were hacked via open WiFi and then were the passwords used nefariously?
I'm still waiting and the silence is killing me......
Bill
Click to expand...

My challenge exists too. I'm sure everyone reading this has had a credit card compromised and replaced in the last few years. Can you prove that the stealing didn't happen over open WiFi?

The reality is that you can't know where data capture happens. All you can do is protect yourself just like you lock your boat when you leave it. Are there people who have never locked their boat and never had a single thing taken? Sure. Does that make it a good defense? Of course not.

Open WiFi also allows almost anyone with very little hacking skills and free software to view each of the websites you're visiting. There is also free software that allows someone else to take over your identity on different social media sites. This whole topic started back with something called Firesheep:
http://en.wikipedia.org/wiki/Firesheep

Take 90 seconds and read that page. Those identical techniques have been extended to many other websites making it trivial to grab cookies, session variables, and other items that you have no idea are being captured for your identity. I just looked - trawlerforum itself keeps 14 cookies about my identity. All websites do that kind of thing today. Some of the information sitting there and open would shock you.
 
ActiveCaptain said:
My challenge exists too. I'm sure everyone reading this has had a credit card compromised and replaced in the last few years.
Click to expand...

A quick office survey (yes, I know, it is early Sunday morning, but I am indeed at work) indicated that only one person out of twelve asked has had a credit card compromised in the last two years.

Pretty good sample too, as we live and travel frequently all over the world.

I'm not discounting the need for both awareness and security. I just don't believe the fraudulent usage is as widespread as it was a few years ago. Mainly due to better awareness and security.
 
Last edited:
ActiveCaptain said:
My challenge exists too. I'm sure everyone reading this has had a credit card compromised and replaced in the last few years. Can you prove that the stealing didn't happen over open WiFi?

The reality is that you can't know where data capture happens. All you can do is protect yourself just like you lock your boat when you leave it. Are there people who have never locked their boat and never had a single thing taken? Sure. Does that make it a good defense? Of course not.

Open WiFi also allows almost anyone with very little hacking skills and free software to view each of the websites you're visiting. There is also free software that allows someone else to take over your identity on different social media sites. This whole topic started back with something called Firesheep:
Firesheep - Wikipedia, the free encyclopedia

Take 90 seconds and read that page. Those identical techniques have been extended to many other websites making it trivial to grab cookies, session variables, and other items that you have no idea are being captured for your identity. I just looked - trawlerforum itself keeps 14 cookies about my identity. All websites do that kind of thing today. Some of the information sitting there and open would shock you.
Click to expand...

I agree with you concerning the risks of open networks.

I use a VPN connection when in the rare case I have to use open wifi, which is almost never. I use Cellular for several reasons. One being its less hassle.

As far as the information available about us online, it is as you indicated truly shocking. In just a few moments I can generally find out more about people than they realize. Your only privacy is in the fact that with so much information available, you are lost in the masses. There is no privacy anymore from someone that really wants to research you. You can slow people down a little, but a determined, savy person can dig up many details about a person.

As far as credit card fraud, In my opinion you are more likely to have your credit card stolen by the minimum wage waitress at the cafe you visited than online. I've had my CC information compromised twice. Once by a worker at a car rental place, and once by an employee at a Kona coffee company I did business with.

That said, for online purchases I try to use merchants that do not require me to type in my lifes history just to make a purchase. I search out merchants that use Paypal because I know that the merchant never sees my credit card data.

As I've indicated earlier I believe that public Wifi is or will soon be a dead product offering. With fast cellular data speeds and the buildout of the cellular networks it is something we will not need for long.
 
ActiveCaptain said:
My challenge exists too. I'm sure everyone reading this has had a credit card compromised and replaced in the last few years. Can you prove that the stealing didn't happen over open WiFi?

.
Click to expand...


Of course that can't be proven unless you can otherwise identify how the infiltration occurred. But by the same logic, i can't prove my wallet wasn't pick pocketed, the card removed and copied, returned to my wallet, and the wallet replaced in my pocket. By that logic, I should always chain my wallet to my belt.

Anyway, I get you point about not knowing where an infiltration occurred, but only some sort of probability/fear assessment will determine which of the zillion possible theft points you are going to protect against and to what degree.
 
When on the boat, I use an AT&T mifi card to access the internet. From reading this thread, I assume the mifi to Internet is pretty secure, but the connection between my wireless computer, or wireless router, is not nearly as secure?
 
ksanders said:
OK, finally a response that is technically correct!
Click to expand...

Well, this part is not technically correct:

twistedtree said:
One is the wifi radio connection, and Jeff is correct that only WPA and WPA2 encrypt the whole data stream. WEP just does and access check to let you on or not, but once you are on all data is clear and unencrypted.
Click to expand...

WEP, like WPA/WPA2, does encrypt each data frame.

The problem is that WEP keys are short and relatively easy to crack, and so you're probably better off treating it as unencrypted for things you really care about.
 
jstauffer said:
I assume the mifi to Internet is pretty secure, but the connection between my wireless computer, or wireless router, is not nearly as secure?
Click to expand...

Cellular is quite secure. As long as your MiFi has a WPA password associated to gain access, you're doing about as much as you need to do. We don't use a VPN over our MiFi.
 
I've had my credit card comprised twice in the last year. I travel a lot and use hotel WiFi all the time but never to conduct banking transactions or make cc purchases. For those transactions I use my cellular MiFi unit.

After reading this thread I'm going to stop using public WiFi and stick to my MiFi unit. I'll have to upgrade the monthly allotment.

Intrestingly, after the most recent compromise, my cc company didn't seem interested in asking for my help in finding out how my cc was compromised. They did however caught it quickly but not until after the perp made 4 charges totalling over $2000 all on the internet in a matter of 15 minutes.
 
Keep in mind that there are lots of ways for people to get your credit card info other than snooping a wifi connection. Most criminals a dopes, and I expect use much more dope-like means. Like wait staff in restaurants, gas station attendants, or anyone else to whom you give your card for processing a charge. The last time one of my cards was compromised, I'm pretty sure it was buying gas because that was the only place I used that particular card in quite a while.

Anyway, I think there is lots more low-tech crime to worry about than high tech crime.
 
twistedtree said:
Keep in mind that there are lots of ways for people to get your credit card info other than snooping a wifi connection.
Click to expand...

Very true!!
Last year my son opened an investment account with a top rated investment firm and along with the account they also issued him a credit card, which he placed in his office desk at home and never used.

About a month ago the security department for the card issuer called him and notified him they suspected the card had been fraudulently used to purchase over $600 dollars in Starbucks gift cards. The credit card is still in his desk with the label on it, never used??

I guess the point is, be reasonably responsible for your personal financial security, but don't overly worry about it. The card companies will stand behind their product and no matter how safe you think you're being. . . . . If there is a will . . . . there is always a way. :blush:
 
Last edited:
I've had my credit cards compromised several times in the past 10 years. One was theft, one was a suspected in-person purchase and another was unknown source.

My daughter was conducting banking when in college on the school's free wifi at the student union. Her login data was stolen, the thief made a transfer of $3000 to Paypal and almost got away with it. Quick action on her part stopped the transaction before it cleared. She got all her money back.
 
That's a very good point. I'd be far more worried and cautious about 'net security on a college campus than a marina. A marina isn't usually packed with computer majors and whizzes who are living on college budgets and have hours and hours of free time on their hands.
 
kthoennes said:
A marina isn't usually packed with computer majors and whizzes who are living on college budgets and have hours and hours of free time on their hands.
Click to expand...

I guess it depends on the college. I did all of my hacking when I was a teenager. By the time I got into college, I was way too busy to mess around with anything like that.

Today, if I wanted to hack into someone's accounts for the purpose of getting money, I'd definitely use marinas and airports. In both cases, they're filled with above-income people who are traveling away from home without the typical home access to alerts, phone calls, and computer access. Marinas especially are filled with people who are away from home for months at a time making purchases in many different places. Trawlers, sport fish, and megayachts are wonderful targets that way because their credit cards would be punctuated by large fuel purchases, each one in a different location. Another dozen larger purchases spread out over a dozen boats would hardly get noticed by the credit card company.

Boat owners often have larger assets sitting in a financial account somewhere. Setting up a wire transfer moves the money in a day and it's totally gone. I'm sure there are limits that wouldn't raise too many delays or concerns too.

None of that would be a good use of time at a college campus.

It's a good thing this ActiveCaptain thing is working out or else I would have time to mess around with some of that! :flowers:
 
You must log in or register to reply here.

Similar threads

Serene
NMEA2000 to WiFi Adapters?
Replies
11
Views
2K
Serene
Serene
Greg QS
Maretron notifications
Replies
4
Views
444
twistedtree
twistedtree
wkearney99
New Peplink gear
Replies
8
Views
972
wkearney99
wkearney99
mvweebles
WiFi Network Config for Weebles (Simple - sorta)
2 3
Replies
68
Views
4K
pjtemplin
P
I
Do I dump my Siren Marine Alarm
Replies
22
Views
2K
READY
R

Latest posts

Back
Top Bottom