Go Back   Wireless and Wifi Forums > News > Newsgroups > alt.internet.wireless
Register FAQ Forum Rules Members List Calendar Search Today's Posts Advertise Mark Forums Read

 
Reply
 
LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 02-12-2010, 09:55 AM
Bob
Guest
 
Posts: n/a
Default WiFi Stumbler

Meraki have produced a browser based sniffer
<http://meraki.com/tools/stumbler/>

Frequently Asked Questions

Q: What is the WiFi Stumbler?

A: The WiFi Stumbler is a browser-based wireless scanner tool that
detects 802.11 wireless networks and displays useful information about
the networks in an easily searchable, intuitive web interface. WiFi
Stumbler can be used to optimize wireless network coverage, troubleshoot
performance issues, detect rogue APs and perform basic pre-deployment
site surveys.

Q: Can I use WiFI Stumbler when I am not connected to the Internet?

A: If your browser supports offline mode (currently only Firefox),
then it can load WiFi Stumbler from its offline cache. This means that
WiFi Stumbler will work in these browsers even when you are not
connected to the Internet, as long as your wireless card is enabled.
Simply visit the Stumbler page using Firefox once you are connected to
the Internet. The site will ask for permission to use offline storage.
Grant this permission, bookmark the page and you can revisit whenever
you need to use WiFi Stumbler.

Q: How does the WiFi Stumbler work?

A: WiFi Stumbler captures data about nearby wireless networks from
your computer's wireless card and displays it as a web page. It can
even work when you are not connected to the Internet if your browser
supports offline mode (currently Firefox only).

Q: Why is Stumbler a web-based tool instead of standalone,
downloadable software?

A: By running in a browser, there is no need to download software to
your computer. This makes it very easy to load and use since no
software installation is required. It also can run on either a PC or
Mac, unlike most downloadable software applications. In addition, as we
will be continually adding new features to Stumbler, you will
automatically get the latest version of the tool each time you reload
the page.

Q: The WiFi Stumbler doesn't load on my computer/in my browser. Why not?

A: WiFi Stumbler requires Java support and does not currently support
Linux. If your browser does not support Java or you are running Linux
and you try to load WiFi Stumbler, you will receive an error message in
your browser window. Currently, Google Chrome for Mac does not support
Java so it will not run WiFi Stumbler. WiFi Stumbler is also currently
a beta stage tool; if you encounter other problems getting Stumbler to
load, please let us know using the Make a Wish box at the bottom of the
page.

Reply With Quote
  #2 (permalink)  
Old 02-12-2010, 02:41 PM
John Navas
Guest
 
Posts: n/a
Default Re: WiFi Stumbler

On Fri, 12 Feb 2010 10:55:58 +0000, Bob <bob@invalid.invalid> wrote in
<icednYGIfrEjrujWnZ2dnUVZ8sOdnZ2d@bt.com>:

>Meraki have produced a browser based sniffer
><http://meraki.com/tools/stumbler/>


Nice.

<nitpick> It's "Wi-Fi", not "WiFi". </nitpick>

--
Best regards, FAQ for Wireless Internet: <http://wireless.navas.us>
John FAQ for Wi-Fi: <http://wireless.navas.us/wiki/Wi-Fi>
Wi-Fi How To: <http://wireless.navas.us/wiki/Wi-Fi_HowTo>
Fixes to Wi-Fi Problems: <http://wireless.navas.us/wiki/Wi-Fi_Fixes>

Reply With Quote
  #3 (permalink)  
Old 02-12-2010, 02:49 PM
Bob
Guest
 
Posts: n/a
Default Re: WiFi Stumbler

On 12/02/2010 15:41, John Navas wrote:
> On Fri, 12 Feb 2010 10:55:58 +0000, Bob<bob@invalid.invalid> wrote in
> <icednYGIfrEjrujWnZ2dnUVZ8sOdnZ2d@bt.com>:
>
>> Meraki have produced a browser based sniffer
>> <http://meraki.com/tools/stumbler/>

>
> Nice.
>
> <nitpick> It's "Wi-Fi", not "WiFi".</nitpick>
>

nitpick
"Meraki WiFi Stumbler"

Reply With Quote
  #4 (permalink)  
Old 02-12-2010, 03:15 PM
John Navas
Guest
 
Posts: n/a
Default Re: WiFi Stumbler

On Fri, 12 Feb 2010 15:49:11 +0000, Bob <bob@invalid.invalid> wrote in
<3u6dnQKk-Prq5ejWnZ2dnUVZ8i5i4p2d@bt.com>:

>On 12/02/2010 15:41, John Navas wrote:
>> On Fri, 12 Feb 2010 10:55:58 +0000, Bob<bob@invalid.invalid> wrote in
>> <icednYGIfrEjrujWnZ2dnUVZ8sOdnZ2d@bt.com>:
>>
>>> Meraki have produced a browser based sniffer
>>> <http://meraki.com/tools/stumbler/>

>>
>> Nice.
>>
>> <nitpick> It's "Wi-Fi", not "WiFi".</nitpick>
>>

>nitpick
>"Meraki WiFi Stumbler"


So what? It's misuse of a term of art.

--
Best regards, FAQ for Wireless Internet: <http://wireless.navas.us>
John FAQ for Wi-Fi: <http://wireless.navas.us/wiki/Wi-Fi>
Wi-Fi How To: <http://wireless.navas.us/wiki/Wi-Fi_HowTo>
Fixes to Wi-Fi Problems: <http://wireless.navas.us/wiki/Wi-Fi_Fixes>

Reply With Quote
  #5 (permalink)  
Old 02-12-2010, 03:23 PM
Bob
Guest
 
Posts: n/a
Default Re: WiFi Stumbler

On 12/02/2010 16:15, John Navas wrote:

> So what? It's misuse of a term of art.
>

Twaddle
In no way does it engage my senses or emotions.

Wi-Fi is a trademark of the Wi-Fi Alliance.

Reply With Quote
  #6 (permalink)  
Old 02-12-2010, 03:26 PM
John Navas
Guest
 
Posts: n/a
Default Re: WiFi Stumbler

On Fri, 12 Feb 2010 16:23:00 +0000, Bob <bob@invalid.invalid> wrote in
<LJ6dndEYN_n5HejWnZ2dnUVZ8uadnZ2d@bt.com>:

>On 12/02/2010 16:15, John Navas wrote:
>
>> So what? It's misuse of a term of art.
>>

>Twaddle
>In no way does it engage my senses or emotions.


Your problem, not mine.

--
Best regards, FAQ for Wireless Internet: <http://wireless.navas.us>
John FAQ for Wi-Fi: <http://wireless.navas.us/wiki/Wi-Fi>
Wi-Fi How To: <http://wireless.navas.us/wiki/Wi-Fi_HowTo>
Fixes to Wi-Fi Problems: <http://wireless.navas.us/wiki/Wi-Fi_Fixes>

Reply With Quote
  #7 (permalink)  
Old 02-12-2010, 06:33 PM
fufu
Guest
 
Posts: n/a
Default Re: WiFi Stumbler

Bob <bob@invalid.invalid> wrote in
news:icednYGIfrEjrujWnZ2dnUVZ8sOdnZ2d@bt.com:

> Meraki have produced a browser based sniffer
> <http://meraki.com/tools/stumbler/>
>
> Frequently Asked Questions
>
> Q: What is the WiFi Stumbler?
>
> A: The WiFi Stumbler is a browser-based wireless scanner tool

that
> detects 802.11 wireless networks and displays useful information

about
> the networks in an easily searchable, intuitive web interface.

WiFi
> Stumbler can be used to optimize wireless network coverage,
> troubleshoot performance issues, detect rogue APs and perform

basic
> pre-deployment site surveys.
>
> Q: Can I use WiFI Stumbler when I am not connected to the

Internet?
>
> A: If your browser supports offline mode (currently only

Firefox),
> then it can load WiFi Stumbler from its offline cache. This means

that
> WiFi Stumbler will work in these browsers even when you are not
> connected to the Internet, as long as your wireless card is

enabled.
> Simply visit the Stumbler page using Firefox once you are

connected to
> the Internet. The site will ask for permission to use offline

storage.
> Grant this permission, bookmark the page and you can revisit

whenever
> you need to use WiFi Stumbler.
>
> Q: How does the WiFi Stumbler work?
>
> A: WiFi Stumbler captures data about nearby wireless networks

from
> your computer's wireless card and displays it as a web page. It

can
> even work when you are not connected to the Internet if your

browser
> supports offline mode (currently Firefox only).
>
> Q: Why is Stumbler a web-based tool instead of standalone,
> downloadable software?
>
> A: By running in a browser, there is no need to download

software to
> your computer. This makes it very easy to load and use since no
> software installation is required. It also can run on either a PC

or
> Mac, unlike most downloadable software applications. In addition,

as
> we will be continually adding new features to Stumbler, you will
> automatically get the latest version of the tool each time you

reload
> the page.
>
> Q: The WiFi Stumbler doesn't load on my computer/in my browser.

Why
> not?
>
> A: WiFi Stumbler requires Java support and does not currently
> support
> Linux. If your browser does not support Java or you are running

Linux
> and you try to load WiFi Stumbler, you will receive an error

message
> in your browser window. Currently, Google Chrome for Mac does not
> support Java so it will not run WiFi Stumbler. WiFi Stumbler is

also
> currently a beta stage tool; if you encounter other problems

getting
> Stumbler to load, please let us know using the Make a Wish box at

the
> bottom of the page.
>


Seems to me using this would risk privacy invasion on the part of
those "sniffing" your data. Certainly could not use with anything
that might contain a transmitted password or other personal data.
Guess I really do not understand just what the usefulness of this
would be other than trying to hack unauthorized connections. Maybe
to troubleshoot local networks.

Reply With Quote
  #8 (permalink)  
Old 02-12-2010, 06:36 PM
John Navas
Guest
 
Posts: n/a
Default Re: WiFi Stumbler

On Fri, 12 Feb 2010 19:33:38 +0000 (UTC), fufu
<fufu@Use-Author-Supplied-Address.invalid> wrote in
<45de8120d348be70e7b3afbc11340c70@tioat.net>:

>Bob <bob@invalid.invalid> wrote in
>news:icednYGIfrEjrujWnZ2dnUVZ8sOdnZ2d@bt.com:


>Seems to me using this would risk privacy invasion on the part of
>those "sniffing" your data. Certainly could not use with anything
>that might contain a transmitted password or other personal data.
>Guess I really do not understand just what the usefulness of this
>would be other than trying to hack unauthorized connections. Maybe
>to troubleshoot local networks.


There's no privacy issue. It's a Site Survey tool. See
<http://wireless.navas.us/wiki/Wi-Fi_How_To#Why_and_How_to_do_a_Site_Survey>

--
Best regards, FAQ for Wireless Internet: <http://wireless.navas.us>
John FAQ for Wi-Fi: <http://wireless.navas.us/wiki/Wi-Fi>
Wi-Fi How To: <http://wireless.navas.us/wiki/Wi-Fi_HowTo>
Fixes to Wi-Fi Problems: <http://wireless.navas.us/wiki/Wi-Fi_Fixes>

Reply With Quote
  #9 (permalink)  
Old 02-13-2010, 12:33 AM
Jeff Liebermann
Guest
 
Posts: n/a
Default Re: WiFi Stumbler

On Fri, 12 Feb 2010 19:33:38 +0000 (UTC), fufu
<fufu@Use-Author-Supplied-Address.invalid> wrote:

>Seems to me using this would risk privacy invasion on the part of
>those "sniffing" your data.


Sniffing is much like looking in a phone directory for someones
address. Just because you know where they live, doesn't magically
give you access to what's inside their house. It's the same with
wireless. The MAC addresses are all send in the clear and not
encrypted. That's like your address and is generally considered
public information. What's not available are the constents of the
encrypted data packets, which contain all kinds of interesting
information that might result in a privacy leak. As long as the
encryption is functional and unbroken, there's no privacy invasion
possible.

>Certainly could not use with anything
>that might contain a transmitted password or other personal data.


Actually, I've found two wireless lans that also used the SSID as
their WPA password. I found one and explained to the semi-intoxicated
owner what was happening. He claimed he understood, but it's still
unchanged about 6 months later. Oh well.

>Guess I really do not understand just what the usefulness of this
>would be other than trying to hack unauthorized connections. Maybe
>to troubleshoot local networks.


1. Check of interference on specific channels. There are only 3
non-overlapping channels (1, 8, 11). The trick is to find a channel
that's NOT being used for your LAN. If not, start thinking about
5.7Ghz. 802.11a.
2. Track down the source of Wi-Fi interference.
3. Identify users of junk wireless routers and try to sell them
something better. I've tried this a few times with mixed results.
4. Collect traffic statistics (error rate, retransmissions, etc).
5. Find the dingbat with the new MIMO router that's hogging the
entire 2.4GHz band with a 40Mhz wide HD video feed so that he doesn't
have to run an HDMI or ethernet cable 10 ft across his living room.
I've already given away one ethernet cable to get one of these off the
air.
6. Identify potential municipal Wi-Fi or mesh network nodes for
internet access.
7. Find the idiot with the 1 watt power amplifier trying to drill
through 5 brick walls to his router.
8. Whatever else I forgot.
--
Jeff Liebermann jeffl@cruzio.com
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558

Reply With Quote
  #10 (permalink)  
Old 02-13-2010, 01:00 AM
me here
Guest
 
Posts: n/a
Default Re: WiFi Stumbler

Jeff Liebermann wrote:

> On Fri, 12 Feb 2010 19:33:38 +0000 (UTC), fufu
> <fufu@Use-Author-Supplied-Address.invalid> wrote:
>
> > Seems to me using this would risk privacy invasion on the part of
> > those "sniffing" your data.

>
> Sniffing is much like looking in a phone directory for someones
> address. Just because you know where they live, doesn't magically
> give you access to what's inside their house. It's the same with
> wireless. The MAC addresses are all send in the clear and not
> encrypted. That's like your address and is generally considered
> public information. What's not available are the constents of the
> encrypted data packets, which contain all kinds of interesting
> information that might result in a privacy leak. As long as the
> encryption is functional and unbroken, there's no privacy invasion
> possible.
>
> > Certainly could not use with anything
> > that might contain a transmitted password or other personal data.

>
> Actually, I've found two wireless lans that also used the SSID as
> their WPA password. I found one and explained to the semi-intoxicated
> owner what was happening. He claimed he understood, but it's still
> unchanged about 6 months later. Oh well.
>
> > Guess I really do not understand just what the usefulness of this
> > would be other than trying to hack unauthorized connections. Maybe
> > to troubleshoot local networks.

>
> 1. Check of interference on specific channels. There are only 3
> non-overlapping channels (1, 8, 11). The trick is to find a channel
> that's NOT being used for your LAN. If not, start thinking about
> 5.7Ghz. 802.11a.
> 2. Track down the source of Wi-Fi interference.
> 3. Identify users of junk wireless routers and try to sell them
> something better. I've tried this a few times with mixed results.
> 4. Collect traffic statistics (error rate, retransmissions, etc).
> 5. Find the dingbat with the new MIMO router that's hogging the
> entire 2.4GHz band with a 40Mhz wide HD video feed so that he doesn't
> have to run an HDMI or ethernet cable 10 ft across his living room.
> I've already given away one ethernet cable to get one of these off the
> air.
> 6. Identify potential municipal Wi-Fi or mesh network nodes for
> internet access.
> 7. Find the idiot with the 1 watt power amplifier trying to drill
> through 5 brick walls to his router.
> 8. Whatever else I forgot.


This java script really only displays the same information as the wifi
adapter does when set to scan - it's a bit of a con really - and
certainly no more of a privacy issue than the basic adapter software.

Not much to get excited about.


Reply With Quote
  #11 (permalink)  
Old 02-13-2010, 12:28 PM
Warren Oates
Guest
 
Posts: n/a
Default Re: WiFi Stumbler

In article <4b7607d6$1@dnews.tpgi.com.au>,
"me here" <gloaming_agnet@hotmail.com> wrote:

> This java script really only displays the same information as the wifi
> adapter does when set to scan - it's a bit of a con really -


Yes and no. It's using my Airport Extreme for scanning, obviously, and
it displays my wireless info, and my next door neighbour's. But Airport
by itself only shows _my_ network _unless_ the Meraki applet is running.
Next door is weak -- maybe Airport has a threshold of some kind.

Hmm. The guy's still on WEP. I should hack it. Although his password is
probably his wife's name ...
--
Very old woody beets will never cook tender.
-- Fannie Farmer

Reply With Quote
  #12 (permalink)  
Old 02-13-2010, 08:47 PM
Moe Trin
Guest
 
Posts: n/a
Default Re: WiFi Stumbler

On Sat, 13 Feb 2010, in the Usenet newsgroup alt.internet.wireless, in article
<4b76a8fb$0$14675$c3e8da3@news.astraweb.com>, Warren Oates wrote:

>Hmm. The guy's still on WEP. I should hack it. Although his password
>is probably his wife's name ...


Did he _really_ pick something so secret and unusual? Wow - most
users choose one of the 86 passwords the 'deloader' worm (CERT Advisory
CA-2003-08) was looking for in March 2003:

[NULL] 0 000000 00000000 007 1 110 111 111111 11111111 12
121212 123 123123 1234 12345 123456 1234567 12345678 123456789
1234qwer 123abc 123asd 123qwe 2002 2003 2600 54321 654321
88888888 Admin Internet Login Password a aaa abc abc123 abcd
admin admin123 administrator alpha asdf computer database
enable foobar god godblessyou home ihavenopass login love
mypass mypass123 mypc mypc123 oracle owner pass passwd password
pat patrick pc pw pw123 pwd qwer root secret server sex super
sybase temp temp123 test test123 win xp xxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx yxcv zxcv

That first one ( [NULL] ) really means none (hit the enter key). I
wonder how many idiots have chosen one of these because they think
that no one could _possibly_ guess such a secret/complex set of letters
and/or numbers. Of course, that assumes the password was changed from
the factory default.

Old guy

Reply With Quote
  #13 (permalink)  
Old 02-14-2010, 01:00 AM
Jeff Liebermann
Guest
 
Posts: n/a
Default Re: WiFi Stumbler

On Sat, 13 Feb 2010 15:47:54 -0600,
ibuprofin@painkiller.example.tld.invalid (Moe Trin) wrote:


>Did he _really_ pick something so secret and unusual? Wow - most
>users choose one of the 86 passwords the 'deloader' worm (CERT Advisory
>CA-2003-08) was looking for in March 2003:
>
> [NULL] 0 000000 00000000 007 1 110 111 111111 11111111 12
> 121212 123 123123 1234 12345 123456 1234567 12345678 123456789

(etc...)

Most of those listed will not work with WEP. Assuming an ASCII key
(not a Hex key), it has to be exactly either 5 or 10 characters long,
which corresponds to 64 or 128bit WEP encryption.

My favorite throw away WEP/WPA password is "changethis". Note that
it's exactly 10 characters so that it will work with both WEP and WPA.

--
Jeff Liebermann jeffl@cruzio.com
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558

Reply With Quote
  #14 (permalink)  
Old 02-14-2010, 01:28 AM
John Navas
Guest
 
Posts: n/a
Default Re: WiFi Stumbler

On Sat, 13 Feb 2010 20:34:15 +0000 (UTC), p
<p@Use-Author-Supplied-Address.invalid> wrote in
<f517c01ae1c0db874b6851396a06f024@tioat.net>:

>Since I am connecting from am unencrypted public AP, I won't be using their
>sniffer ;-). I used TOR when I need to keep my data transfers private, so I
>guess I might try it with TOR.


What makes you think Tor is actually real protection? Faith?
<http://en.wikipedia.org/wiki/Tor_%28anonymity_network%29#Weaknesses>
And those are just the _known_ weaknesses.
I'm reminded of WEP. And TKIP. And on and on.

--
Best regards, FAQ for Wireless Internet: <http://wireless.navas.us>
John FAQ for Wi-Fi: <http://wireless.navas.us/wiki/Wi-Fi>
Wi-Fi How To: <http://wireless.navas.us/wiki/Wi-Fi_HowTo>
Fixes to Wi-Fi Problems: <http://wireless.navas.us/wiki/Wi-Fi_Fixes>

Reply With Quote
  #15 (permalink)  
Old 02-14-2010, 02:28 AM
Moe Trin
Guest
 
Posts: n/a
Default Re: WiFi Stumbler

On Sat, 13 Feb 2010, in the Usenet newsgroup alt.internet.wireless, in article
<qvlen51om4m26kig9pd4006ed7430khape@4ax.com>, Jeff Liebermann wrote:

[CERT Advisory CA-2003-08 ``passwords'']

>Most of those listed will not work with WEP. Assuming an ASCII key
>(not a Hex key), it has to be exactly either 5 or 10 characters long,
>which corresponds to 64 or 128bit WEP encryption.


[selene ~]$ sed -n '247,264'p worms/deloder | tr -s ' ' | tr ' ' '\n' |
grep ^.....$ | column
login admin super alpha owner 54321 Admin 12345 Login pw123
[selene ~]$

Well, there's ten of the 86 ;-)

>My favorite throw away WEP/WPA password is "changethis". Note that
>it's exactly 10 characters so that it will work with both WEP and WPA.


and will never be changed. We work under a different concept - the
default is going to be something like

[selene ~]$ head -2 /dev/random | mimencode | cut -c20-29 | tail -1
tqF+eE204n
[selene ~]$

"tqF+eE204n" is given to them on a piece of paper - along with the
output of 'whatis passwd' as a hint. The password is changed (probably
to one of those listed in CA-2003-08) when they discover how hard it
is to type that mess consistently - certainly not later than when they
loose the paper the second time.

Old guy

Reply With Quote
  #16 (permalink)  
Old 02-15-2010, 12:41 AM
p
Guest
 
Posts: n/a
Default Re: WiFi Stumbler

John Navas <spamfilter1@navasgroup.com> wrote in
news:5nnen5hpab00ggpiisuuspe4ldoahp1qfg@navasgroup .com:

> <http://en.wikipedia.org/wiki/Tor_%28...ity_network%29

#Weaknesses>
>


Subject: Re: WiFi Stumbler
From: John Navas <spamfilter1@navasgroup.com>
Newsgroups: alt.internet.wireless

On Sat, 13 Feb 2010 20:34:15 +0000 (UTC), p
<p@Use-Author-Supplied-Address.invalid> wrote in
<f517c01ae1c0db874b6851396a06f024@tioat.net>:

>Since I am connecting from am unencrypted public AP, I won't be

using their
>sniffer ;-). I used TOR when I need to keep my data transfers

private, so I
>guess I might try it with TOR.


What makes you think Tor is actually real protection? Faith?
<http://en.wikipedia.org/wiki/Tor_%28...ity_network%29
#Weaknesses>
And those are just the _known_ weaknesses.
I'm reminded of WEP. And TKIP. And on and on.

--
Best regards, FAQ for Wireless Internet:
<http://wireless.navas.us>
John FAQ for Wi-Fi: <http://wireless.navas.us/wiki/Wi-
Fi>
Wi-Fi How To: <http://wireless.navas.us/wiki/Wi-
Fi_HowTo>
Fixes to Wi-Fi Problems: <http://wireless.navas.us/wiki/Wi-
Fi_Fixes>

Explain to me what harm you'd be able to do on an end to end
encrypted tor connection, as I use with any sensitive data exchange?
Unless NSA or similar breaks encrypted data streams, as they
probably can if they work at it, all you will get is garbage.
And since I am not a terrorist, I don't have to worry much about
NSA.

Reply With Quote
  #17 (permalink)  
Old 02-15-2010, 01:04 AM
Jeff Liebermann
Guest
 
Posts: n/a
Default Re: WiFi Stumbler

On Mon, 15 Feb 2010 01:41:24 +0000 (UTC), p
<p@Use-Author-Supplied-Address.invalid> wrote:

>Explain to me what harm you'd be able to do on an end to end
>encrypted tor connection, as I use with any sensitive data exchange?


I was under the impression that TOR was an anonymizer, not an end to
end encryption tunnel as in a VPN. The data sent between the TOR exit
proxy server and the destination is not encrypted.
<http://en.wikipedia.org/wiki/Tor_(anonymity_network)>
Tor cannot and does not attempt to protect against monitoring
of traffic at the boundaries of the Tor network, i.e., the
traffic entering and exiting the network.

TOR is great security if you don't want anyone to know where your
packets are coming from, but not very useful if you're worried about
someone sniffing your "sensitive data".

I don't have an answer to what harm you might do using TOR.
Inflamatory political messages, stalking ex-spouses, spam, hate mail,
impersonating someone, online hacking, disagreeing with me, and other
internet activities where hiding your identity would be required,
seems like a good start.



--
Jeff Liebermann jeffl@cruzio.com
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558

Reply With Quote
  #18 (permalink)  
Old 02-15-2010, 01:04 AM
p
Guest
 
Posts: n/a
Default Re: WiFi Stumbler

John Navas <spamfilter1@navasgroup.com> wrote in
news:5nnen5hpab00ggpiisuuspe4ldoahp1qfg@navasgroup .com:

> On Sat, 13 Feb 2010 20:34:15 +0000 (UTC), p
> <p@Use-Author-Supplied-Address.invalid> wrote in
> <f517c01ae1c0db874b6851396a06f024@tioat.net>:
>
>>Since I am connecting from am unencrypted public AP, I won't be

using
>>their sniffer ;-). I used TOR when I need to keep my data

transfers
>>private, so I guess I might try it with TOR.

>
> What makes you think Tor is actually real protection? Faith?
> <http://en.wikipedia.org/wiki/Tor_%28...ity_network%29

#Weaknesses>
> And those are just the _known_ weaknesses.
> I'm reminded of WEP. And TKIP. And on and on.
>


(Don't know what happened to my newserver, but hiccups occur
occasionally.)

There is nothing that you can get when using TOR if the connection
is SSL because it is encrypted end to end. The only people who
possible can read data (other than garbage encryption) is people
like the NSA and since I am not a terrorist, I have little to fear
from them.

Reply With Quote
  #19 (permalink)  
Old 02-15-2010, 02:45 AM
p
Guest
 
Posts: n/a
Default Re: WiFi Stumbler

Jeff Liebermann <jeffl@cruzio.com> wrote in
news:1r9hn51f3i444hdt60ls6bd2mqs5i3ica7@4ax.com:

> On Mon, 15 Feb 2010 01:41:24 +0000 (UTC), p
> <p@Use-Author-Supplied-Address.invalid> wrote:
>
>>Explain to me what harm you'd be able to do on an end to end
>>encrypted tor connection, as I use with any sensitive data

exchange?
>
> I was under the impression that TOR was an anonymizer, not an end

to
> end encryption tunnel as in a VPN. The data sent between the TOR

exit
> proxy server and the destination is not encrypted.
> <http://en.wikipedia.org/wiki/Tor_(anonymity_network)>
> Tor cannot and does not attempt to protect against monitoring
> of traffic at the boundaries of the Tor network, i.e., the
> traffic entering and exiting the network.
>
> TOR is great security if you don't want anyone to know where your
> packets are coming from, but not very useful if you're worried

about
> someone sniffing your "sensitive data".
>
> I don't have an answer to what harm you might do using TOR.
> Inflamatory political messages, stalking ex-spouses, spam, hate

mail,
> impersonating someone, online hacking, disagreeing with me, and

other
> internet activities where hiding your identity would be required,
> seems like a good start.
>


It's end to end if you use SSL--->torentrynode----onionrouted--->
torexitnode--->host (ssl decrypted by host)

unless some gov agency breaks the ecryption algorithm for tor and
for ssl, your data is safe, in so far as it is possible to ever be
safe on the net.

Reply With Quote
  #20 (permalink)  
Old 02-15-2010, 11:50 AM
Warren Oates
Guest
 
Posts: n/a
Default Re: WiFi Stumbler

In article <1r9hn51f3i444hdt60ls6bd2mqs5i3ica7@4ax.com>,
Jeff Liebermann <jeffl@cruzio.com> wrote:

>
> TOR is great security if you don't want anyone to know where your
> packets are coming from, but not very useful if you're worried about
> someone sniffing your "sensitive data".


One problem with TOR is that if you have Java enabled, your real IP is
visible. This isn't TOR's fault -- it encrypts data, it doesn't alter it.

https://www.torproject.org/download.html.en#Warning

http://pseudo-flaw.net/content/tor/a...ort-with-java/

There are lots of ways of being anonymous, though; most of us don't need
them.
--
Very old woody beets will never cook tender.
-- Fannie Farmer

Reply With Quote
Reply


« NEWS: FBI wants records kept of Web sites visited | Broadcast Forwarding Methodology »
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are Off
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


Similar Threads
Thread Thread Starter Forum Replies Last Post
iPhones now get free AT&T WiFi iPhone News alt.cellular.attws 46 05-05-2008 09:01 PM
iPhones now get free AT&T WiFi iPhone News alt.cellular.cingular 43 05-05-2008 09:01 PM
SIP WIFI Phones qqm888@gmail.com uk.telecom.mobile 0 02-20-2008 06:26 AM
Intel Wifi card issues... eggoeater Troubleshooting 2 01-14-2007 11:54 AM
can a wifi AP connect to a wifi router wirelessly?? pstock alt.internet.wireless 4 08-07-2006 05:56 PM


All times are GMT. The time now is 03:30 AM.



Powered by vBulletin® Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.6.0 PL2

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45