VPN?

Who wants to see two pirates in a porn movie? To each their own you perverts!

image_21ab6080.jpeg
 
A:
Don't be afraid of public WiFi; You should treat -all- connections as though they were insecure.
B:
goto A.

I find people's panic about 'omg public wifi' quite amusing.

-Fox
 
Acrofox said:
A:
Don't be afraid of public WiFi; You should treat -all- connections as though they were insecure.
B:
goto A.

I find people's panic about 'omg public wifi' quite amusing.

-Fox
Click to expand...
I'm not the IT pro here, but public wifi is insecure. Sure, there are problems with secured connections, too. Does "treat all connections as though they were insecure" mean I can't ever log on to my online banking from any device?

Seriously, with the help of google and some linux tools a computer literate person can learn how to exploit a lot of wifi insecurities in a matter of hours. Go do it if you're bored, it could be a good learning experience.

I think your amusement is misplaced.
 
nibake said:
I'm not the IT pro here, but public wifi is insecure. Sure, there are problems with secured connections, too. Does "treat all connections as though they were insecure" mean I can't ever log on to my online banking from any device?

Seriously, with the help of google and some linux tools a computer literate person can learn how to exploit a lot of wifi insecurities in a matter of hours. Go do it if you're bored, it could be a good learning experience.

I think your amusement is misplaced.
Click to expand...

Bolded for emphasis. I have no qualms about logging into online banking on public wifi from any modern device.

I don't need the 'learning experience.'

-Fox
 
Actually, nevermind. I don't have time, energy or interest in baiting you on my normal "Oh interesting, tell me why X is Y" game, and I doubt anyone else would enjoy it.

I am an internet security expert who built secure operations infrastructures for decades. I am the person you want to ask questions of, not the person you want to try to lecture on security topics.

There are lots of caveats in all directions, because like anything else in the real world, better idiots are easy to come by, users, developers or admins... but generally there's nothing to fear from "public WiFi."
 
Acrofox said:
Actually, nevermind. I don't have time, energy or interest in baiting you on my normal "Oh interesting, tell me why X is Y" game, and I doubt anyone else would enjoy it.

I am an internet security expert who built secure operations infrastructures for decades. I am the person you want to ask questions of, not the person you want to try to lecture on security topics.

There are lots of caveats in all directions, because like anything else in the real world, better idiots are easy to come by, users, developers or admins... but generally there's nothing to fear from "public WiFi."
Click to expand...

Don't poo-poo the discussion. Tell us what's up. I never check banking/investment info on public wifi and you say it's fine. What should the non-pro worry about, if anything?
 
AAPalmTree said:
Don't poo-poo the discussion. Tell us what's up. I never check banking/investment info on public wifi and you say it's fine. What should the non-pro worry about, if anything?
Click to expand...
IMHO this kind of comment in response of that kind of comment just won the internet. My respects.
 
AAPalmTree said:
Don't poo-poo the discussion. Tell us what's up. I never check banking/investment info on public wifi and you say it's fine. What should the non-pro worry about, if anything?
Click to expand...

Sorry for being sharp. I'm really grumpy at the moment due to personal life issues, but it's not fair to expect people to know my background. I'd prefer a little more implicit respect, but I'm also confronting a point that's just accepted as fact by most people.

Basically, as long as everything is relatively up-to-date and you're using SSL appropriately with a site that's correctly built, it's impossible extremely difficult* to invisibly man-in-the-middle your session. It's also extremely (I can't emphasize this enough) dangerous to assume that just because you're not on "public wifi" that your connection is in any way more secure.

There are certain metadata that are considered "sensitive," but those metadata are more related to behaviors and profiling than any sort of actual compromise. There are also poorly-designed websites which "leak" cookies and other data due to vulnerable designs, or cross-site scripting issues, but despite all their other problems with security, most financial institutions do a good job of not doing that. And I'd like to emphasize once more that a "private" connection only gets you as far as the next hop, unless you're VPN-ed somewhere. So, basically, use a modicum of care and don't use insecure sites for important data.

As far as "google," "Linux tools," and "Learning experiences," I'm a senior cloud architect with well over twenty years of experience. I've worked on network security issues with distributions and packaging since the dawn of wireless networking, and security has been the butter on my bread for my entire career. It's good to see people educating themselves on the issues, but it's also frustrating to see the dissemination of bad (or incomplete) info as "common sense."

Anyway, I could go on, but I'm really tired, and still extremely grumpy, and you get the idea.

-Fox
* - I can't bring myself to use words like impossible in security discussions. Nothing is impossible, only secure system powered off encased concrete etc.
 
To answer the original question. I have used Witopia for quite few years not. It has the best capability for defeating China's attempts to block it. I also like that I can choose where I want it to connect. For instance, when I am outside of the USA, but need a USA IP address for something it helps to have that flexibility.
 
Acrofox said:
A:
Don't be afraid of public WiFi; You should treat -all- connections as though they were insecure.
B:
goto A.

I find people's panic about 'omg public wifi' quite amusing.

-Fox
Click to expand...

I live in a neighborhood rife with linksys SSID's and basic wep encryption.

Public wifi isn't half as bad as some people's own house.
 
Acrofox said:
Sorry for being sharp. I'm really grumpy at the moment due to personal life issues, but it's not fair to expect people to know my background. I'd prefer a little more implicit respect, but I'm also confronting a point that's just accepted as fact by most people.

Basically, as long as everything is relatively up-to-date and you're using SSL appropriately with a site that's correctly built, it's impossible extremely difficult* to invisibly man-in-the-middle your session. It's also extremely (I can't emphasize this enough) dangerous to assume that just because you're not on "public wifi" that your connection is in any way more secure.

There are certain metadata that are considered "sensitive," but those metadata are more related to behaviors and profiling than any sort of actual compromise. There are also poorly-designed websites which "leak" cookies and other data due to vulnerable designs, or cross-site scripting issues, but despite all their other problems with security, most financial institutions do a good job of not doing that. And I'd like to emphasize once more that a "private" connection only gets you as far as the next hop, unless you're VPN-ed somewhere. So, basically, use a modicum of care and don't use insecure sites for important data.

As far as "google," "Linux tools," and "Learning experiences," I'm a senior cloud architect with well over twenty years of experience. I've worked on network security issues with distributions and packaging since the dawn of wireless networking, and security has been the butter on my bread for my entire career. It's good to see people educating themselves on the issues, but it's also frustrating to see the dissemination of bad (or incomplete) info as "common sense."

Anyway, I could go on, but I'm really tired, and still extremely grumpy, and you get the idea.

-Fox
* - I can't bring myself to use words like impossible in security discussions. Nothing is impossible, only secure system powered off encased concrete etc.
Click to expand...

Wifi is cute at home, but my solution to most problems is more power, so I just ran the damned Ethernet cable all over the house. Secure as can be and no loss of signal.

laser_pointer_more_power.png


@Autothrust Blue
 
jtrain609 said:
Wifi is cute at home, but my solution to most problems is more power, so I just ran the damned Ethernet cable all over the house. Secure as can be and no loss of signal.
Click to expand...

That's kind of old school thinking.

Where I work we no longer have patch cables at desks in our newer/remodeled offices. The typical user is wi-fi only for both voice and data. In addition, we run office 365 so all users are storing data in the MS Cloud (heavy bandwidth use). I'm talking about large multi floor offices. There are some exceptions but those are typically staff which manage multiple VoIP phone lines, executive admins, help desk, call center types.

Much of our Wide Area Network is wireless also, we own it. We're shooting microwave (voice and data) from about 65 mountain tops to offices throughout much of California. We've been doing that for 20+ years.

I often work from home on my wireless company laptop doing video conference calls daily. No issues.

I can't talk about security but the company I work for is a major international target. All the bad dudes make runs at our firewalls daily.

23115915676_2472a05420_b.jpg
 
You must log in or register to reply here.
Back
Top