Free WiFI Security

The friendliest place on the web for anyone with an RV or an interest in RVing!
If you have answers, please help by responding to the unanswered posts.

blueblood

Well-known member
Joined
Mar 16, 2005
Posts
1,082
I've just started cheking this out but thought some of you might be interested in joining me. Essentially they provide an encrpted wi-fi transmission from your laptop/PC to Interent for free.? ?http://www.iopus.com/ipig/

Some things I've found out. The free account provides 5 GB bandwidth usage which for the average person ought to last for several years. The software provides the ability to filter what one wants to encrypt so it could be limited to e-mails and sensitive web information. Limiting not only means more available bandwidth but keeps up speeds since sending encrypted data slows everything down. I have been communicatiing with developer by BB forum and he says they'll provide 100 GB for a price yet to be determined (possible in January) but probably $29.99. If one downloads the free Pro Server and runs it yourself one can get unlimited accounts for $99.95. The business model is similar to ZA i.e. they intend to all ways have a free version and then have some pay upgrades as well. They hope this leads to purchases of other products they sell as well.
 

BruceinFL

Well-known member
Joined
Mar 12, 2005
Posts
3,205
Not sure I understand how this works. Can someone explain in simple terms?
 

blueblood

Well-known member
Joined
Mar 16, 2005
Posts
1,082
BruceinFL said:
Not sure I understand how this works. Can someone explain in simple terms?
+

IOpus supplies you with a piece of client software that corrals any e-mails,IM or web pages (you decide what) that are being sent by you and encrypts them. The software directs them to an iOpus server where they are decrypted and sent to what they call a deep wired Ethernet Interent connection. 
 

Ned

Moderator Emeritus
Joined
Feb 1, 2005
Posts
25,107
Location
USA
Everything you then do on the internet is passing through, and known by, someone elses server.  Are you sure you trust Iopus with that much information about you?
 

blueblood

Well-known member
Joined
Mar 16, 2005
Posts
1,082
Ned said:
Everything you then do on the internet is passing through, and known by, someone elses server.? Are you sure you trust Iopus with that much information about you?

Unless I'm missing something in your question that's a risk I take with my local ISP about whom I know nothing.  However, there is a solution here. Just take the free server software and install on your computer connection to Internet and then change the routing in the client software to your address.
 

Ned

Moderator Emeritus
Joined
Feb 1, 2005
Posts
25,107
Location
USA
You know more about your ISP and have a contractual arrangement with them.  Running a server is beyond most internet users abilities.  Once the data leaves the Iopus server, it's in the clear again, so where's the real security?  They're just playing on the paranoia of the uninformed, in my opinion.
 

blueblood

Well-known member
Joined
Mar 16, 2005
Posts
1,082
Ned said:
You know more about your ISP and have a contractual arrangement with them.? Running a server is beyond most internet users abilities.? Once the data leaves the Iopus server, it's in the clear again, so where's the real security?? They're just playing on the paranoia of the uninformed, in my opinion.

The security is where it is supposed to be i.e. the open RF between the network adapter on the laptop and the hotspot. No different then using WAP except of course most free hotspots don't provide WAP. The balance of the security is "normal" Internet wired. I don't understand the paranoia comment in this context unless you also feel the use of WAP is being paranoid as well.
 

John From Detroit

Well-known member
Joined
Apr 12, 2005
Posts
24,938
Location
Davison Michigan
My personal feeling on this issue is related to my opinion of "The Club" as a vehicle security device.

Now.. Understand that any reasonable tool box contains multiple tools that can remove the club w/o damage to the steering wheel on the car... In addition it is possible to cut the wheel and remove it,,, Takes just a couple of minutes or so I'm told by folks who know (US Military Police officers who specialised in arresting kids who came over the border into El-Paso and tried to steel the MP's private cars... Yup, boy did those kids get a surprise... Not to mention free room and board at the hotel: Don't Drop In...)

The idea is not so much to prevent the steeling of a car (or internet service) as it is to get the theif to look for easier pickings.  Thus, while it's tue that any decent hacker can break WPA or WAP or MAC-Filter.. Why should he go to the trouble when there is an open access node across the street?

Thus the best WI-FI security.. It your idiot neighbor who does not use any
 

Bob Zambenini

Well-known member
Joined
Mar 4, 2005
Posts
270
Location
Orange County California
Karl said:
Like Ned, I'm not sure that's a good idea. Much simpler would be to encrypt on your computer; then use a public/private key or similar method to secure your data.

Need some clarification for a novice user. 

There was an article in the local paper today from a 'so called expert' on the subject of using your computer at a 'hotspot'.

Kinda funny, like if at Starbucks look around and see if anyone looks shady, etc, before logging on.

But he got into the sites with https  as that is the best way to be safe,

I don't take long trips anymore so have just been waiting until I am home to check into my banking and credit card sites but when I log onto my bank or CC site to put in username and password I see it goes to https.

I realize  a real expert like from NSA or some agency could probably get through this https encryption but I don't believe they are that interested in a 73 yr old coot.

I feel I am much more vulnerable from using my CCs are various stores and restaurants, as years ago I did have a bartender at a upscale place in Dallas get my CC data and next week he was loading a rock band on a flight using it. Fortunately American Airlines called me in the middle of the night and wanted to verify that these 10 tickets were OK! Turned out that was the only place in Dallas I ever used that particular CC so he was toast with the security folks.

Anyway, any comments on security of using https sites from a hotspot??

Bob



 

blueblood

Well-known member
Joined
Mar 16, 2005
Posts
1,082
Bob Zambenini said:
.

Anyway, any comments on security of using https sites from a hotspot??

Bob

Yes, there good but -------- One can't just choose to do https. You have to have access to web sites that have set this up, usually banks and web ordering sites. This still leaves any of your e-mail, IM and many web sites vulnerable for security breaches. The issue is how much material you send or discuss on Internet is really critical i.e. an account number, business strategy, legal stuff, etc. I believe this is not a large amount for the average use and that is why this Ipig software is so useful. It can very easily be turned on and off. 
 

Ned

Moderator Emeritus
Joined
Feb 1, 2005
Posts
25,107
Location
USA
When you see https:// in the URL and see the locked icon in the status bar, everything between your computer and server is encrypted and secure from anyone that could tap the datastream.? When you use a service like Iopus, you're only encrypted from your computer to their server, from then on everything is in the clear unless you're talking to a secure server (https) and then you don't need Iopus.

The biggest problem service is POP3 email which normally sends everything in the clear.? This includes the user name and password as well as the message itself.? For email at public hotspots I recommend using a email service that supports security like GMail.? Then everything is encrypted as it is when using secure web sites.
 

blueblood

Well-known member
Joined
Mar 16, 2005
Posts
1,082
iPig is excellent for the purpose for which it was designed. For one opinion - Steve Gibson has reviewed and discussed with the developer the security involved and his conclusion is -

The bottom line is that your cryptographic system looks VERY solid to me, so long as users are cautioned that there IS an offline attack possible (as there is for any simple pre-shared keying system) and that for really good security they should use a highly-random high-entropy and LONG passphrase.

Nice job!
_________________
__________
steve.

BTW- The password security of iPig is same type as used by G-Mail. The entire security discussion can be read at the iOpus forum.

 

ptribe

Member
Joined
Jan 1, 2006
Posts
7
Location
Temecula, California
Blueblood,

It's nice to see someone else out there knows Steve Gibson, I thought I was the only one that followed his broadcasts.  For those of you that would like to check it out, go to www.grc.com and click on the "Security Now" section, he has all kinds of information about wireless security.

Basically, there really is no foolproof method for ensuring that someone will not be able to get your information, especially if you are using a public hotspot.  By hotspot I am referring to using your personal computer to access wifi at places like Starbucks, etc.  I would never use a public kiosk or any computer that is open for use to the general public, these are never secure no matter what they tell you.  The best method to ensure that your data is secure is to set up a Virtual Private Network (VPN) with a trusted VPN server either at your house or a paid service.  A google search for VPN access will show you some of these services.
 

koos

Member
Joined
Mar 30, 2005
Posts
9
Location
Netherlands
John In Detroit said:
Thus, while it's tue that any decent hacker can break WPA or WAP or MAC-Filter.. Why should he go to the trouble when there is an open access node across the street?

With the current available tools for WEP cracking, consider that 'almost open'. Anybody who runs the tools can break in to a WEP encrypted network (and don't blame the tools, it's WEP that is vulnerable).

But WEP is not very useful for 'public' access points (like those at starbucks and at campsites). You'd have to tell every valid user the (same) password and tell them not to tell anybody else. At least WPA has options to have lists of valid users.
 

blueblood

Well-known member
Joined
Mar 16, 2005
Posts
1,082
ptribe said:
Blueblood,

It's nice to see someone else out there knows Steve Gibson, I thought I was the only one that followed his broadcasts.? For those of you that would like to check it out, go to www.grc.com and click on the "Security Now" section, he has all kinds of information about wireless security.

Basically, there really is no foolproof method for ensuring that someone will not be able to get your information, especially if you are using a public hotspot.? By hotspot I am referring to using your personal computer to access wifi at places like Starbucks, etc.? I would never use a public kiosk or any computer that is open for use to the general public, these are never secure no matter what they tell you.? The best method to ensure that your data is secure is to set up a Virtual Private Network (VPN) with a trusted VPN server either at your house or a paid service.? A google search for VPN access will show you some of these services.

I think you wil find many folks here use Steve's web site for testing, etc. The point of my original message was that iPig does supply a secure link (VPN) from a hotspot to their server and return. The issue raised by others is that it isn't secure beyond that server which is true. However, that's the case with all services if you don't have a VPN to endpoint. I beleive it is generally acknowledged that a reasonable degree of security is provided by using hardwire. I suggested one could accomplish a secure route, at least for sensitive messages going to your home or place of work, ?by using the free server iPig version on your home/work computer. Both software versions (client/server) are very easy to use. Some one suggested using gmail as an alternative. However, gmail is not secure i.e. encryted except for user name and password unless one forces the system to use https by a hack. Further, gmail retains and has complete access to all your info forever and that generates a whole world of controversy and concern. (They didn't go the invitation route for nothing) Some say that that is probably the case with all big servers that process our information but we just don't know it. All the more reason to VPN to end point if you have really critical needs. For some of the rest of us, just getting out of the hotspot secure is enough for now.
 
Top Bottom