Why is a good Wifi password necessary?

A place to discuss the science of computers and programs, from algorithms to computability.

Formal proofs preferred.

Moderators: phlip, Moderators General, Prelates

User avatar
King Author
Posts: 736
Joined: Sun Apr 12, 2009 12:30 pm UTC
Location: Pennsylvania, USA

Why is a good Wifi password necessary?

Postby King Author » Thu Apr 24, 2014 1:41 am UTC

Why is it important to have a good password for your Wifi hotspot? So what if somebody figures out your password and gets access to your internet connection? All that'll let them do is use your internet. Might slow you down a bit, but is that really a big deal? Plus, pretty much all Wifi routers have lights that blink as the wireless is being used, so if you know you or your family or whatever's not using the Wifi and you see it blinking, you'll know someone else is, and you can just turn it off.

People act like someone having access to your Wifi lets them have direct access to all the harddrives of every computer using that connection.
I have signitures disabled. If you do, too...you can't read this, so nevermind >_>

EvanED
Posts: 4331
Joined: Mon Aug 07, 2006 6:28 am UTC
Location: Madison, WI
Contact:

Re: Why is a good Wifi password necessary?

Postby EvanED » Thu Apr 24, 2014 2:08 am UTC

There are a number of potential issues. This list is not to try to convince you that you should value any reason particularly highly, just provide some reasons that some people have. There are others who deliberately keep their wireless open as a service.

  • As you mention, speed. Maybe you think it's not a big deal, maybe you do.
  • Potential legal liability. Suppose someone on your network engages in piracy or something else illegal? Even if you are eventually exonerated, it can cause you a tremendous amount of difficulty in the meantime and beyond. Your moocher downloads some child porn? Have fun while your electronics are all confiscated during the investigation and the press runs your name through the mud.
  • Do you have file sharing on so you can share files between computers? Then someone on your network does have access to the data that you have shared. I have for short times had this set up to be entire drives. Have a printer? Do you want people to be able to waste your paper?
  • If you're facing a determined hacker who actually wants to work to compromise your systems even if you don't have things openly shared, the wireless router and cable/dsl/whatever modem will act like a bit of a firewall. Maybe not a good one, but it's at least an additional step for them to overcome.
  • Non-HTTPS websites. For example, these forums. People on your network could easily sniff your packets and extract your passwords.
  • Privacy. Even if you're using websites that no security-sensitive information per se is transferred to or from (like this), that doesn't mean you want to tell anyone who cares to listen what websites you visit.
Finally, I don't find the "if you see it blinking" argument compelling at all. I'm somewhat rarely in the room where my router is, and even when I am it's out of the way and not really directly visible. Furthermore, if I am in the room where it is, I'm almost certainly using it. So no, I think the chance I'd notice it blinking because someone else is using it is really quite remote. Even if it wasn't, if you/friend/family are using it then the blinking lights won't tell you if someone who isn't supposed to be on it is on it.

User avatar
King Author
Posts: 736
Joined: Sun Apr 12, 2009 12:30 pm UTC
Location: Pennsylvania, USA

Re: Why is a good Wifi password necessary?

Postby King Author » Thu Apr 24, 2014 4:22 am UTC

Ooh, thanks for taking the time to write all that. I do have a good password and I do care, I just stepped back and wondered, "wait...why do I even care about this?" and didn't know the answer myself, which is why I asked.

So to clarify, if someone hacks my Wifi password that doesn't automatically give them access to my hard drive?

See, that's what I was really worried about, 'cause when I was having trouble configuring my router and was googling around for answers, I came across a lot of admonishments against lackluster security setups, and people would say vague things like, "if you're not careful, BOOM, your computer is compromised." By that, I thought they meant someone could access your files if they knew your WEP2 key or whatever, and I was like, "how? I can't access my desktop files from my laptop, even though I literally HAVE the WEP key."

Hmm...I wonder if I should try hacking my own computer to test my security...
I have signitures disabled. If you do, too...you can't read this, so nevermind >_>

User avatar
phlip
Restorer of Worlds
Posts: 7572
Joined: Sat Sep 23, 2006 3:56 am UTC
Location: Australia
Contact:

Re: Why is a good Wifi password necessary?

Postby phlip » Thu Apr 24, 2014 4:48 am UTC

King Author wrote:So to clarify, if someone hacks my Wifi password that doesn't automatically give them access to my hard drive?

Well, that depends how your computer is set up. If it's set up to trust computers on the local subnet more than computers on the open Internet (as many are, and as Windows will do by default if you tell it you're on a Home or Work network, as opposed to a Private network), then it will be easier for a hacker to break into your computer if they're able to get onto your wifi network. Windows, for instance, has separate Public/Private firewall zones, so a lot of services (like file sharing) are only accessible from the Private zone, either by default or because you picked that option when setting up the service.

That, plus the fact that if you know the WEP/WPA key you can read every message sent to/from every user connected to the WiFi, so it's pretty simple to sit there and passively read any unencrypted messages sent over the air (which wouldn't even trigger your "look at the blinking lights" test).

Code: Select all

enum ಠ_ಠ {°□°╰=1, °Д°╰, ಠ益ಠ╰};
void ┻━┻︵​╰(ಠ_ಠ ⚠) {exit((int)⚠);}
[he/him/his]

User avatar
King Author
Posts: 736
Joined: Sun Apr 12, 2009 12:30 pm UTC
Location: Pennsylvania, USA

Re: Why is a good Wifi password necessary?

Postby King Author » Thu Apr 24, 2014 5:45 am UTC

phlip wrote:
King Author wrote:So to clarify, if someone hacks my Wifi password that doesn't automatically give them access to my hard drive?

Well, that depends how your computer is set up. If it's set up to trust computers on the local subnet more than computers on the open Internet (as many are, and as Windows will do by default if you tell it you're on a Home or Work network, as opposed to a Private network), then it will be easier for a hacker to break into your computer if they're able to get onto your wifi network. Windows, for instance, has separate Public/Private firewall zones, so a lot of services (like file sharing) are only accessible from the Private zone, either by default or because you picked that option when setting up the service.


There's no file sharing set up on my network, not even wiress printer support, and I'm pretty sure the wireless thing is set up as a Private Network. But even if there was no firewall or whatever, I still don't really understand how you could access a persons files from their internet connection. Or if there's no file sharing enabled, will you have no way to do that?

I'm just having trouble envisioning doing anything to my desktop computer that's sitting downstairs in the dining room from up here on my laptop. Obviously I'm not a hacker and have no tools or knowhow, but I can't even remotely envision messing around on my desktop from my laptop. Unless I specifically install a program on the desktop that lets me do so.

phlip wrote:That, plus the fact that if you know the WEP/WPA key you can read every message sent to/from every user connected to the WiFi, so it's pretty simple to sit there and passively read any unencrypted messages sent over the air (which wouldn't even trigger your "look at the blinking lights" test).


Wait, does that mean that I can see what websites are being accessed on the main computer from my laptop? And what data is being sent, including passwords?

Does this information get saved? Theoretically, could anyone down on the desktop look at my history of embarassing google porn searches? Or can you only sniff data as its being sent/received?
I have signitures disabled. If you do, too...you can't read this, so nevermind >_>

User avatar
phlip
Restorer of Worlds
Posts: 7572
Joined: Sat Sep 23, 2006 3:56 am UTC
Location: Australia
Contact:

Re: Why is a good Wifi password necessary?

Postby phlip » Thu Apr 24, 2014 5:58 am UTC

King Author wrote:There's no file sharing set up on my network, not even wiress printer support, and I'm pretty sure the wireless thing is set up as a Private Network. But even if there was no firewall or whatever, I still don't really understand how you could access a persons files from their internet connection. Or if there's no file sharing enabled, will you have no way to do that?

I'm just having trouble envisioning doing anything to my desktop computer that's sitting downstairs in the dining room from up here on my laptop. Obviously I'm not a hacker and have no tools or knowhow, but I can't even remotely envision messing around on my desktop from my laptop. Unless I specifically install a program on the desktop that lets me do so.

Well, I can't speak to specifics, I don't know what you have installed... but, as a start, any time this has ever popped up and you've unticked "Public networks" (or any time you've installed something or had something pre-installed, that has set that up like that by default), that's something that an attacker connected to your wifi could directly access, but an attacker from the Internet could (in theory) not get to as easily.

King Author wrote:Wait, does that mean that I can see what websites are being accessed on the main computer from my laptop? And what data is being sent, including passwords?

If they're both connected to the same wifi router, then yes. You need the right tools, but it can be done.
[edit] Actually, I think it can be easily done with WEP, but not necessarily with WPA, or at least certain modes of WPA. Still, not necessarily something you'd want to rely on.

King Author wrote:Does this information get saved? Theoretically, could anyone down on the desktop look at my history of embarassing google porn searches? Or can you only sniff data as its being sent/received?

Well, not intrinsically as part of the WiFi system. You'd be able to read packets if you're there as they're being sent/received. But there may be things that are logging that information (your browser history, for one), in which case it's just a question of whether an attacker can get access to that information.

Code: Select all

enum ಠ_ಠ {°□°╰=1, °Д°╰, ಠ益ಠ╰};
void ┻━┻︵​╰(ಠ_ಠ ⚠) {exit((int)⚠);}
[he/him/his]

User avatar
Thesh
Made to Fuck Dinosaurs
Posts: 6579
Joined: Tue Jan 12, 2010 1:55 am UTC
Location: Colorado

Re: Why is a good Wifi password necessary?

Postby Thesh » Thu Apr 24, 2014 6:17 am UTC

phlip wrote:[edit] Actually, I think it can be easily done with WEP, but not necessarily with WPA, or at least certain modes of WPA. Still, not necessarily something you'd want to rely on.


Well, WEP is breakable whether you know the password or not. WPA2-PSK can be sniffed if you know the password, but you have to start sniffing before the device is connected so you can capture the handshake. With enterprise authentication, you cannot sniff it, but a cheap home router won't support it. Maybe one of these days there will be a PSK+ECDH ephemeral mode, which would not be possible to sniff, but for now make sure you have a strong key. 5-6 word diceware passphrase is ideal.
Summum ius, summa iniuria.

User avatar
King Author
Posts: 736
Joined: Sun Apr 12, 2009 12:30 pm UTC
Location: Pennsylvania, USA

Re: Why is a good Wifi password necessary?

Postby King Author » Thu Apr 24, 2014 10:51 am UTC

phlip wrote:
King Author wrote:There's no file sharing set up on my network, not even wiress printer support, and I'm pretty sure the wireless thing is set up as a Private Network. But even if there was no firewall or whatever, I still don't really understand how you could access a persons files from their internet connection. Or if there's no file sharing enabled, will you have no way to do that?

I'm just having trouble envisioning doing anything to my desktop computer that's sitting downstairs in the dining room from up here on my laptop. Obviously I'm not a hacker and have no tools or knowhow, but I can't even remotely envision messing around on my desktop from my laptop. Unless I specifically install a program on the desktop that lets me do so.

Well, I can't speak to specifics, I don't know what you have installed... but, as a start, any time this has ever popped up and you've unticked "Public networks" (or any time you've installed something or had something pre-installed, that has set that up like that by default), that's something that an attacker connected to your wifi could directly access, but an attacker from the Internet could (in theory) not get to as easily.

Okay, that's actually not so scary. Pretty much the only things I use that have specific Firewall settings whatsoever are games.

phlip wrote:
King Author wrote:Wait, does that mean that I can see what websites are being accessed on the main computer from my laptop? And what data is being sent, including passwords?

If they're both connected to the same wifi router, then yes. You need the right tools, but it can be done.
[edit] Actually, I think it can be easily done with WEP, but not necessarily with WPA, or at least certain modes of WPA. Still, not necessarily something you'd want to rely on.


I'm using WPA2-PSK, actually. I think I said WEP2 earlier. Interesting, though. I guess it should've been obvious to me that you can sniff out that kind of data, I mean, for gods sake, when I use a laptop, every bit of data I'm sending and receiving is literally travelling through the air.

phlip wrote:
King Author wrote:Does this information get saved? Theoretically, could anyone down on the desktop look at my history of embarassing google porn searches? Or can you only sniff data as its being sent/received?

Well, not intrinsically as part of the WiFi system. You'd be able to read packets if you're there as they're being sent/received. But there may be things that are logging that information (your browser history, for one), in which case it's just a question of whether an attacker can get access to that information.


Heh.
"Remember Visited Webpages for: 0 Days"

No problem there, lol.

Thesh wrote:
phlip wrote:[edit] Actually, I think it can be easily done with WEP, but not necessarily with WPA, or at least certain modes of WPA. Still, not necessarily something you'd want to rely on.


Well, WEP is breakable whether you know the password or not. WPA2-PSK can be sniffed if you know the password, but you have to start sniffing before the device is connected so you can capture the handshake. With enterprise authentication, you cannot sniff it, but a cheap home router won't support it. Maybe one of these days there will be a PSK+ECDH ephemeral mode, which would not be possible to sniff, but for now make sure you have a strong key. 5-6 word diceware passphrase is ideal.


Neat, didn't know that about PSK.
I have signitures disabled. If you do, too...you can't read this, so nevermind >_>

Tub
Posts: 472
Joined: Wed Jul 27, 2011 3:13 pm UTC

Re: Why is a good Wifi password necessary?

Postby Tub » Fri Apr 25, 2014 10:38 am UTC

King Author wrote:Okay, that's actually not so scary. Pretty much the only things I use that have specific Firewall settings whatsoever are games.

After breaking into your wifi, they can connect directly to your computers, printers and anything else on your local network. For anyone else on the internet, incoming connections are blocked by your router. So by giving away your wifi password, you're removing a line of defense, and you need to take extra care to secure the line after that, i.e. the services running on your computers.

Remember, there's malware, trojans, broken configurations due to carelessness, broken configurations due to brainfarts, broken configuration on devices set up by less tech savy family members and of course security vulnerabilities.

Say you're playing a game of quake over your LAN. The attacker connects to the server, exploits a vulnerability in the quake server and gets full access to your computer. Ouch.

Unlikely? Maybe. Has it happened before? Absolutely. But why take the risk if you can just use a strong wifi password?

User avatar
King Author
Posts: 736
Joined: Sun Apr 12, 2009 12:30 pm UTC
Location: Pennsylvania, USA

Re: Why is a good Wifi password necessary?

Postby King Author » Sat Apr 26, 2014 11:31 am UTC

Tub wrote:
King Author wrote:Okay, that's actually not so scary. Pretty much the only things I use that have specific Firewall settings whatsoever are games.

After breaking into your wifi, they can connect directly to your computers, printers and anything else on your local network. For anyone else on the internet, incoming connections are blocked by your router. So by giving away your wifi password, you're removing a line of defense, and you need to take extra care to secure the line after that, i.e. the services running on your computers.

Remember, there's malware, trojans, broken configurations due to carelessness, broken configurations due to brainfarts, broken configuration on devices set up by less tech savy family members and of course security vulnerabilities.

Say you're playing a game of quake over your LAN. The attacker connects to the server, exploits a vulnerability in the quake server and gets full access to your computer. Ouch.

Unlikely? Maybe. Has it happened before? Absolutely. But why take the risk if you can just use a strong wifi password?


What do you mean by "full access" to my computer?
I have signitures disabled. If you do, too...you can't read this, so nevermind >_>

korona
Posts: 495
Joined: Sun Jul 04, 2010 8:40 pm UTC

Re: Why is a good Wifi password necessary?

Postby korona » Sat Apr 26, 2014 5:18 pm UTC

If the attacker is able to abuse a security vulnerability in some program running on your computer it might be possible (depending on the severity of this vulnerability and the privileges the attacked process has) for him to get full access, e.g. administrator access to your computer, including but not limited to all files on your hard drive, installing software or changing the system configuration.

Note that not being on the same network doesn't make such things impossible but a router hides most of the services your computer is running and makes it impossible to access them from outside.

Tub
Posts: 472
Joined: Wed Jul 27, 2011 3:13 pm UTC

Re: Why is a good Wifi password necessary?

Postby Tub » Sat Apr 26, 2014 6:14 pm UTC

King Author wrote:What do you mean by "full access" to my computer?

Depends on the service/game that's running, the user account the game is running from and the nature of the security vulnerability in said service.

Worst case, the game server can be tricked into executing arbitrary code, so the attacker can essentially run any code he likes on your computer, with the same rights the service used. If that was the admin account, he could do anything, including installing a permanent rootkit. For a game, it's usually your user account, but that's still enough to:
  • read all your personal files and send them over the internet
  • read any unprotected passwords from your mail client and/or browser, if they're not protected by a strong master password
  • install a keylogger to gain even more of your passwords
  • use your computer to distribute spam mail, share illegal files, contribute to DDoS attacks and other things you don't want to be involved in
  • combine the previous steps to send spam mail from your email-account, and harvest all your contacts for their email-lists. Then send one to your ex, claiming your undying love, and onother one to the FBI, politely informing them they'll never find the body.
  • blast your speaker at full volume, announcing to anyone in the vicinity that you're sexually attracted to llamas
  • hide the code inside your favourite game so it can keep doing those things again and again
  • use another local vulnerability to gain admin rights and do even worse

Granted, there are better ways to get more computers into someone's botnet than cracking wifi-passwords to exploit running game servers. An attacker needs to be close to your wifi, or control another computer in your vicinity, and that alone may make it financially unviable to exploit for criminal purposes. But the neighbour you keep annoying with your loud music, or the bored script kiddie next door...

It's nothing most people should ever have to worry about, but it's not something you want to take unneccesary risks on, either. You don't know which services and game servers on your computer are vulnerable, but you can be sure that a hacker does. Don't give them an opportunity to snoop around by leaving your wifi unprotected.

User avatar
King Author
Posts: 736
Joined: Sun Apr 12, 2009 12:30 pm UTC
Location: Pennsylvania, USA

Re: Why is a good Wifi password necessary?

Postby King Author » Thu May 01, 2014 4:23 pm UTC

korona wrote:If the attacker is able to abuse a security vulnerability in some program running on your computer it might be possible (depending on the severity of this vulnerability and the privileges the attacked process has) for him to get full access, e.g. administrator access to your computer, including but not limited to all files on your hard drive, installing software or changing the system configuration.

Note that not being on the same network doesn't make such things impossible but a router hides most of the services your computer is running and makes it impossible to access them from outside.


A router does that? I had no idea. So even if my desktop were completely compromised, they wouldn't be able to get access to my files and such on my laptop?

Tub wrote:
King Author wrote:What do you mean by "full access" to my computer?

Depends on the service/game that's running, the user account the game is running from and the nature of the security vulnerability in said service.

Worst case, the game server can be tricked into executing arbitrary code, so the attacker can essentially run any code he likes on your computer, with the same rights the service used. If that was the admin account, he could do anything, including installing a permanent rootkit. For a game, it's usually your user account, but that's still enough to:
  • read all your personal files and send them over the internet
  • read any unprotected passwords from your mail client and/or browser, if they're not protected by a strong master password
  • install a keylogger to gain even more of your passwords
  • use your computer to distribute spam mail, share illegal files, contribute to DDoS attacks and other things you don't want to be involved in
  • combine the previous steps to send spam mail from your email-account, and harvest all your contacts for their email-lists. Then send one to your ex, claiming your undying love, and onother one to the FBI, politely informing them they'll never find the body.
  • blast your speaker at full volume, announcing to anyone in the vicinity that you're sexually attracted to llamas
  • hide the code inside your favourite game so it can keep doing those things again and again
  • use another local vulnerability to gain admin rights and do even worse

Granted, there are better ways to get more computers into someone's botnet than cracking wifi-passwords to exploit running game servers. An attacker needs to be close to your wifi, or control another computer in your vicinity, and that alone may make it financially unviable to exploit for criminal purposes. But the neighbour you keep annoying with your loud music, or the bored script kiddie next door...

It's nothing most people should ever have to worry about, but it's not something you want to take unneccesary risks on, either. You don't know which services and game servers on your computer are vulnerable, but you can be sure that a hacker does. Don't give them an opportunity to snoop around by leaving your wifi unprotected.


I'm having trouble imagining a case in which someone accessing some game on my computer allows them to run arbitrary code on my machine. Like, how could their finding out my username and password for World of Warcraft or something let them install programs on my system? Do you have any examples of such things that've happened that I could take a look at? You and korona and others just keep saying "if there were a program with the right vulnerabilities," but I can't imagine on my own what those might be.

(Note in case you missed it I do have a good Wifi password, I just never knew why it was important.)
I have signitures disabled. If you do, too...you can't read this, so nevermind >_>

Tub
Posts: 472
Joined: Wed Jul 27, 2011 3:13 pm UTC

Re: Why is a good Wifi password necessary?

Postby Tub » Sun May 04, 2014 10:01 am UTC

King Author wrote:A router does that? I had no idea. So even if my desktop were completely compromised, they wouldn't be able to get access to my files and such on my laptop?

A router (or rather the NAT running on your router) blocks incoming connections to your computers. So if you're running a game server on your computer, people from the internet cannot directly connect to it unless you configure some port forwarding in your router.

It doesn't block outgoing connections. When your computer is compromised and some malicious program is already running on it, nothing would stop the program from initiating a connection and sending your files away.


King Author wrote:I'm having trouble imagining a case in which someone accessing some game on my computer allows them to run arbitrary code on my machine. Like, how could their finding out my username and password for World of Warcraft or something let them install programs on my system?

I think you're mixing up several attack vectors. If someone can connect to your WLAN, they could do several things:

read your traffic
That might allow them to figure out your WoW passwords (it should be sent encrypted, but you never know), but that would only give them access to your account, not your computer. Though if it were me, I'd destroy your account, then send you a forged email from "Blizzard Customer Support", claiming that we had noticed some suspicious access patterns to your account, and if you wanted access back, you should kindly run the "Blizzard Account Unlocker.exe" I helpfully attached to the email. You'd be surprised how many people fall for that.

As said above, reading traffic may or may not be possible depending on the WLAN encryption used.

manipulating your traffic
One could try to run a custom DHCP server on your wlan, hoping that the next time your computer boots, it'd get an IP address from the attacker instead of the router. At that point, everything you send and receive gets routet through the attacker's computer, where it can be read, stopped or changed. Next time you'll download an executable, or even a WoW patch, they'll just replace it with the program they want you to run. Done.

connecting to your services
This is the easiest one, and the one I was talking about. If you were hosting a LAN server for quake or unreal tournament or something on your computer, and they managed to connect to that, they might be able to exploit a vulnerability in the game.

Note that even without playing quake, there are services running on your computer. Like the windows file and printer sharing. There have been exploits against those in the past, and exposing these services to an attacker may be unsafe.

King Author wrote:Do you have any examples of such things that've happened that I could take a look at? You and korona and others just keep saying "if there were a program with the right vulnerabilities," but I can't imagine on my own what those might be.

It's difficult to explain to someone who doesn't have a background in programming. So here's a geeky example. Super Mario World, tricked into executing arbitrary code with nothing but regular controller input. Since the input needs to be very precise (to 1/60th of a second), it has been carefully crafted and is being replayed by plugging a bot into the controller port, but it's still just controller data the default SNES gamepad could send.
http://www.youtube.com/watch?v=jnZ2NNYySuE

What happened here?
  • The game keeps a list of onscreen-objects in memory. The player shuffles objects to manipulate that list to his liking by doing seemingly random things.
  • A bug in the p-switch causes the game code to jump to the wrong memory location. It just so happens that this wrong memory location is right inside the list of onscreen objects.
  • The game now executes the code that was previously written into the object list. That code is just a very simple loop that reads further data from the controller and writes it to memory.
  • once all the new code has been transferred, it gets executed. And there's your new game.

This is a greatly simplified explanation, and it's not really representative of the kind of bugs usually exploited. But it's surprising that a simple bug in the p-switch that usually just crashes the game can be exploited with a little effort.

Writing bug-free code is difficult. It takes effort and expertise, and both cost money. Especially game companies focus on gameplay, not security, and the lack of legal liability often results in buggy code. Don't trust it. The only reason we don't read about more game server exploits is that most of them aren't widespread enough to make attacks financially viable.

User avatar
King Author
Posts: 736
Joined: Sun Apr 12, 2009 12:30 pm UTC
Location: Pennsylvania, USA

Re: Why is a good Wifi password necessary?

Postby King Author » Wed May 07, 2014 9:52 pm UTC

Tub wrote:
King Author wrote:A router does that? I had no idea. So even if my desktop were completely compromised, they wouldn't be able to get access to my files and such on my laptop?

A router (or rather the NAT running on your router) blocks incoming connections to your computers. So if you're running a game server on your computer, people from the internet cannot directly connect to it unless you configure some port forwarding in your router.

It doesn't block outgoing connections. When your computer is compromised and some malicious program is already running on it, nothing would stop the program from initiating a connection and sending your files away.


King Author wrote:I'm having trouble imagining a case in which someone accessing some game on my computer allows them to run arbitrary code on my machine. Like, how could their finding out my username and password for World of Warcraft or something let them install programs on my system?

I think you're mixing up several attack vectors. If someone can connect to your WLAN, they could do several things:

read your traffic
That might allow them to figure out your WoW passwords (it should be sent encrypted, but you never know), but that would only give them access to your account, not your computer. Though if it were me, I'd destroy your account, then send you a forged email from "Blizzard Customer Support", claiming that we had noticed some suspicious access patterns to your account, and if you wanted access back, you should kindly run the "Blizzard Account Unlocker.exe" I helpfully attached to the email. You'd be surprised how many people fall for that.

As said above, reading traffic may or may not be possible depending on the WLAN encryption used.

manipulating your traffic
One could try to run a custom DHCP server on your wlan, hoping that the next time your computer boots, it'd get an IP address from the attacker instead of the router. At that point, everything you send and receive gets routet through the attacker's computer, where it can be read, stopped or changed. Next time you'll download an executable, or even a WoW patch, they'll just replace it with the program they want you to run. Done.

connecting to your services
This is the easiest one, and the one I was talking about. If you were hosting a LAN server for quake or unreal tournament or something on your computer, and they managed to connect to that, they might be able to exploit a vulnerability in the game.

Note that even without playing quake, there are services running on your computer. Like the windows file and printer sharing. There have been exploits against those in the past, and exposing these services to an attacker may be unsafe.

King Author wrote:Do you have any examples of such things that've happened that I could take a look at? You and korona and others just keep saying "if there were a program with the right vulnerabilities," but I can't imagine on my own what those might be.

It's difficult to explain to someone who doesn't have a background in programming. So here's a geeky example. Super Mario World, tricked into executing arbitrary code with nothing but regular controller input. Since the input needs to be very precise (to 1/60th of a second), it has been carefully crafted and is being replayed by plugging a bot into the controller port, but it's still just controller data the default SNES gamepad could send.
http://www.youtube.com/watch?v=jnZ2NNYySuE

What happened here?
  • The game keeps a list of onscreen-objects in memory. The player shuffles objects to manipulate that list to his liking by doing seemingly random things.
  • A bug in the p-switch causes the game code to jump to the wrong memory location. It just so happens that this wrong memory location is right inside the list of onscreen objects.
  • The game now executes the code that was previously written into the object list. That code is just a very simple loop that reads further data from the controller and writes it to memory.
  • once all the new code has been transferred, it gets executed. And there's your new game.

This is a greatly simplified explanation, and it's not really representative of the kind of bugs usually exploited. But it's surprising that a simple bug in the p-switch that usually just crashes the game can be exploited with a little effort.

Writing bug-free code is difficult. It takes effort and expertise, and both cost money. Especially game companies focus on gameplay, not security, and the lack of legal liability often results in buggy code. Don't trust it. The only reason we don't read about more game server exploits is that most of them aren't widespread enough to make attacks financially viable.


Whoa, that arbitrary code thing is awesome! The SNES is the best console ever, no question.

I'm not sure financial viability is a concern of most hackers, though. I get the impression that most people hack just to be dicks. Sure, there're those that go after credit card info and SSNs, but they usually target big companies and stuff, because they'll get a lot more info than if they just randomly hack some suburban nobody.

Thanks for all the info, though :)
I have signitures disabled. If you do, too...you can't read this, so nevermind >_>

Tub
Posts: 472
Joined: Wed Jul 27, 2011 3:13 pm UTC

Re: Why is a good Wifi password necessary?

Postby Tub » Thu May 08, 2014 7:17 am UTC

King Author wrote:Whoa, that arbitrary code thing is awesome! The SNES is the best console ever, no question.

They've found similar bugs on Pokemon, Super Mario 3 and Super Metroid, though the latter two movies just execute some small code that says "finish the game and show the credits", nothing elaborate.

These kinds of exploits are in no way specific to the SNES (or, for pokemon, the gameboy) though. They're just much more interesting when explained via classic console games, and they're easier to find on simple games as well. Multitasking, multithreading, giant operating system APIs or memory protection tend to complicate things.

King Author wrote:I'm not sure financial viability is a concern of most hackers, though. I get the impression that most people hack just to be dicks. Sure, there're those that go after credit card info and SSNs, but they usually target big companies and stuff, because they'll get a lot more info than if they just randomly hack some suburban nobody.

You'd be surprised at the size of the industry. Good exploits get sold for $10.000 or more, and you can bet that whoever is buying them is using them to gain even more.

Control enough computers and you can have a giant botnet, which is essentially a free cloud without liability or traceability. Send spam for money, DDoS competitor's websites for money, press money from web companies and DDoS their website if they don't pay up, use free CPU time to mine bitcoins or crack cryptographic keys for further attacks. You get the idea. It doesn't matter if those computers belong to a suburban nobody. You need their processing power, not the data stored on them.

Then again, while you're at it, sniffing password and credit card numbers isn't unprofitable either. Passwords to banking sites are great. Go and initiate a money transfer, route it through some idiot for laundering, voila! Free money!

Some have gone as far as sniffing facebook passwords, retrieving private information, then blackmailing the owners. Or encrypting the contents of the user's hard drive, offering a decryption tool against money. Because, as we know, nobody does proper backups. Nobody!
Some have made the controlled computers offer copyrighted files, collected evidence of the deeds, then sent costly cease-and-desist letters.

Keep in mind that they don't just hack "some suburban nobody", but "thousands of suburban nobodys". Scale makes it profitable. Even if 90% of the targets turn out to be duds, the remaining 10% can cover the costs.

Tub
Posts: 472
Joined: Wed Jul 27, 2011 3:13 pm UTC

Re: Why is a good Wifi password necessary?

Postby Tub » Fri May 09, 2014 6:10 am UTC

Tub wrote:Then again, while you're at it, sniffing password and credit card numbers isn't unprofitable either.

Addendum, because I just stumbled upon such a case again: the one-stop crack-all solution against most people is their email-account. Once you have access to that, you can ask for password-reminder-mails, you can intercept authentication or confirmation mails, you can enter correspondence with your bank's contact, you can ask everyone in your contact list to borrow some money, you can ask your co-worker for that server password you "forgot" and a whole lot of other things. Saves you the trouble of cracking all those passwords separately, and allows some new social engineering opportunities as well.
Even today, some mail providers still don't offer encrypted logins to their mail servers. Which means that you should have a strong email password, you should never save it on your computer unless protected by a strong master password, and you should change it regularly.

Yeah, security is annoying, I know.


Return to “Computer Science”

Who is online

Users browsing this forum: No registered users and 4 guests