Phoning it In

I experimented with post-by-email (not sufficient), with post-through-Flickr (slightly better, but only really suitable for image posts and still missing things like, oh, titles), and with using WPhone to provide a stripped-down admin interface in the hopes that my phone’s built-in browser could handle it (no such luck). No, I was clearly going to need a better web browser — one way or another.

Yesterday I went into a T-Mobile store, partly to look at the smartphones they had, and partly to ask about what data plan would allow me to use Opera Mini on my current phone. The guy tried to sell me a Blackberry, but I have to admit the Wing looked really nice, if expensive.

I asked about getting the Internet plan, and while the sales clerk was familiar with Opera Mini (he uses it on his own Blackberry), he was convinced it wouldn’t run on my RAZR V3t. I’d used an early version of it during a brief window in which T-Mobile allowed access even for phones with the T-Zones plan.  But he seemed convinced there would be no point, so I walked out without having changed anything.  30 seconds of Internet searching reveals that yes, Opera Mini is in fact known to work on the RAZR V3t.

Free WiFi

Today, the news started making the rounds that the con will have free wi-fi everywhere except the exhibit hall itself, sponsored by the film, Eagle Eye. (Which, now that I think about it, is oddly appropriate and somewhat disturbing.)   This is a huge relief, and makes the phone access much less critical. Though it would still be nice…

Sure, it’s going to be a very busy network. But I figure I’ll type things up in TextWrangler and load up the web just long enough to post. Gears will cut down on the amount of bandwidth needed for the admin interface.  And I’ll save any serious emailing or forum visits for the hotel room.  Actually, I’ll probably stay off the forums during most of the con, unless I have the opportunity to post “Hey, look what I just found out!”

Already checked—our home network isn’t in there. (As much as I’ve locked it down, it had better not be!) But they do list several in our neighborhood.

As always, the power of the Internet can be used for either good or evil.

(via Aunty Spam’s Net Patrol.)

Basically the guy (allegedly) drove around LA with a laptop looking for insecure wireless networks, then connected to them and sent spam using people’s home accounts.

The term comes from wardriving — driving around looking for unsecured networks — and warchalking — marking walls or sidewalks to indicate the presence, type and speed of the networks found. Early wardrivers discovered that Pringles cans make good amplifiers.

Further etymology: according to the Jargon File, war-driving is a play on war dialer. War dialers were programs that would call up a series of phone numbers looking for modems, faxes, or other phone-based systems it might be able to crack into. And that term started out as wargames dialer, a reference to the film War Games. (Whew!)

It turns out that warspamming is older than I thought: the term was coined two years ago, though this is the first case to go to trial. The scumbag defendant is being tried under CAN-SPAM, which went into effect this past January.

An interesting statement from the article:

If Tombros is convicted or pleads guilty then warspamming — also known as drive-by spamming — will move from being just a theoretical possibility to a genuine threat.

What, so in the two years since someone came up with the idea, no one has ever seen it done? And we have to wait for a conviction to determine whether it’s happened now? We don’t need to wait for a trial to know that spammers — an annoyingly resourceful lot — are using thousands of virus- and spyware-infested home computers as zombies. Warspamming doesn’t even require programming skills (or ties to virus writers — although I understand access to already-compromised networks has become a brisk business on the black market.) Surely someone has logs to show that it’s been done.

In my wired-for-ethernet campus housing, however, all bets were off. I watched people remotely controlling each others’ computers as pranks, or discovering hackers had gotten onto their systems from halfway across the planet, and figured it was safer to use Linux most of the time. This actually got me in trouble with the network admin at one point, who decided I must be running a server and shut off my port. It did at least teach me to disable services that were turned on by default, though I saw no indication that anything on there was actually being abused.*

Then there were firewalled environments. Still back in college, we rigged up my parents’ house for a home network. My brother put together a Linux box to dial into the Internet and act as a gateway, and effectively everything inside the network was safe from direct attacks. No point in internal firewalls, and since everyone was savvy enough to avoid the really nasty stuff (which was easier at the time), virus scanners were only a precaution, rather than a necessity.

For the past few years I’ve mainly worked with firewalled or NAT environments. It’s like having a wall around the city, with a guard at the gate. Miscreants can’t wander in, so they have to try to bluff their way past the guard. “Look, I’m just an ActiveX control on a web page!” “Hey, I’m an e-mail attachment!” “Relax, I’m just an MP3! I know my file extension ends in .exe, but trust me!” So it’s all about keeping the pull traffic secure – the web and email clients, watching what you download, etc. Virus scanners help, but they should be your last line of defense, not your first.

Wireless changes everything, though. You’ve noticed modern cities don’t have walls? There are two reasons for that: The first is the rise of large nations. The walls are at national borders, not city limits (and they’re more likely to be fences or just guards than physical walls). The second: flight. Enemies can jump in an airplane, fly over your walls, and drop bombs anywhere inside until you shoot them down.

Similarly, a wireless access point makes it possible to fly right over that elaborate firewall on your Internet connection — indeed, right past the walls of your building — so it’s critical to secure a wireless network. The first time I turned on AirPort I spotted at least three access points!

So it’s back to treating the network as (potentially) hostile. Keep the patches up, of course — always keep the patches up — but install local firewalls. Turn off unused services. Limit or disable remote logins. And again, secure your wireless network! (See the previous link for some good resources, particularly “Securing Your Wireless Access Point: What Do All Those Settings Mean Anyways?” ) Mac OS X, most Linux distributions, and now Windows XP Service Pack 2 include built-in firewalls (but you have to turn them on), or you can install a product like ZoneAlarm. These days an unpatched Windows system hooked straight up to the Internet is broken into within an average of 20 minutes. This is what firewalls — whether network-level or computer-level — are for!

Just remember: Keeping your computer safe is like defending yourself against the dark arts:

Constant Vigilance!

* Actually there was one instance, but it involved Windows-style file sharing, and since I was actually running Samba under Linux, I was able to use settings that prevented them from really exploiting it. So not only could it have happened on a Windows box, it would have been far worse if it had.

Early in the year, figuring some sort of file-sharing was useful within the house, I set up two public shares, one read-only and one write-only. A folder where I could post things and a dropbox. Within a few months I’d forgotten about the dropbox. Sometime the following year I was cleaning up the system and stumbled across the folder. Embarrassingly, I discovered two very large MPEG files containing Entrapment. Apparently someone had found a writable share, uploaded it with the intent to transfer it somewhere else, and discovered they couldn’t get the file back. (This was exactly why I made it write-only in the first place — so it couldn’t be used as a transfer point). I told my brother about this, and he laughed and said, “At the very least they could have pirated a good movie!”

First: familiarity. Since I hadn’t researched specific models, I wanted a brand I knew or had used before. This meant Netgear, Linksys, or Belkin.

Belkin was out of the question. In fact, I was muttering about how I’d never buy a Belkin router, when I was approached by a Belkin representative who proceeded to explain about how much better their product was than any of the others. The problem is that Belkin lost my trust last year when they set their routers to redirect web requests to their own advertisement page. (Basically one every eight hours until you bought the filtering service or clicked on an opt-out link on that web page). Aside from the annoyance factor, there’s a lot of web traffic that isn’t actually trying to load a web page. It could be your antivirus program trying to download new definitions, or your news reader updating an RSS or Atom feed. It could be Windows Update. Sure, they eventually disabled the “feature”, but come on!

So at that point it basically a toss-up between Netgear and Linksys. The Netgear packaging was more focused on the networking capabilities, and the Linksys packaging was more focused on the parental controls, so I went with the Netgear.

So I should have thought of the hub immediately when the network started acting up today.

I had been on and off the computer and the net all morning with no noticeable problems, and Katie had been on for just a few minutes when it stopped loading websites.

The players involved:

• My computer, the homebrew Linux system
• Katie’s computer, the Mac G4
• The shared laptop (a PowerBook, not hooked up initially)
• The DSL modem
• The consumer-grade mini-router
• The ethernet hub
• Lots of cables

Initial troubleshooting:

1. Modem lights: all good.
2. Load a site from homebrew: check.
3. Ping G4: check.
4. Reset router: check.
5. Connect to router config: uh…. come on…

It was about that point that I looked at the hub and saw the insane amount of traffic apparently going between one of the computers and the router, along with a high number of collisions. Powering the hub off and back on didn’t seem to make a difference. Once I determined it was my computer, I disconnected it from the hub, and Katie was able to reach the web.

OK, so I’d found out what was preventing the G4 from connecting. Now I had to figure out what was going on. The traffic didn’t show up on any network monitors, and nothing seemed to be running to generate it. I started shutting services down one by one. No change. I logged off. No change. I deactivated the network and dropped to single-user mode. No change.

So I turned the machine off. Traffic stopped. (Good.) But the network card was chattering even when it was supposed to be inactive, which suggests either it was in some funny mode or it was broken. I hoped it was just some funny mode, because I really didn’t want to have to replace it. Aside from the whole disassembly process, it’s a combination USB2/Firewire/Ethernet card, so I’d need to either find another with the same combination or get a separate USB2/Firewire card… and I couldn’t remember whether there were enough free slots.

Power on. The insane network chatter started up during the BIOS check! There was no operating system running, and it was saturating the connection! Fine, I disconnected the computer and started trying to figure out whether it was something I could fix, or whether I’d have to replace the card.

At this point I pulled out the laptop and hooked it up so that I’d be able to do some troubleshooting online. But the weird thing was, the same bizarre traffic pattern was going on between the router and the laptop. Again, no sign of any network hogs actually on the system. I started to get suspicious.

I hooked my system back up to the network, watched the hub go insane, and then disconnected the router. Now, the ridiculous traffic was going between my computer and the laptop!

So here’s the situation:

• One device (the G4) seems okay.
• Of three other devices (including the connection to the Internet), any two cause the network to be flooded.
• What’s left that hasn’t been changed? The hub

Fortunately, I never got rid of the old 10-baseT hub when we went to 10/100. I dug it out of the closet, hooked up all the computers to it instead of the faster one, and you know what? Everything worked.

So now we need to head over to Fry’s or someplace and pick up a new hub. I’m hoping to find a wireless access point that has enough physical ports, because then we only need to get one device. (We want to go wireless for the laptop, but the other machines — with the possible exception of the G4 — still need cables.)