[The Wolf]

We just moved into a new place. A neighbor has an open wireless network that I can reach with my MacBook, but my wife cannot reach it with her AIBook. I would like to use my AE to rebroadcast the signal for her. Obviously, I don't know what type of basestation is being used as the main, and whether or not it's made by Apple. Nevertheless, is there some way to rebroadcast their network using my AirPort Express as a "remote" via WDS, if I can't effect any of the settings on the neighbor's "main" basestation? So far everything I've tried hasn't worked.

[Simon]

If you can't configure his network, your only chance is to hook up your wife's AlBook to your MB through Ethernet. Go to SystemPrefs > Sharing > Internet and select to share the your AP connection over Ethernet. Not a nice solution, but it works.

[The Wolf]

Simon, thanks for the info. Neat little trick, but then she can't get on the net if I'm not home. Guess I have to spring for the $30/month to get internet. WAIT! Maybe I can just get her a MB too!

[Atheist]

I suppose we shouldn't bother with the ethical aspect of stealing someone else's connection? Just cuz they left it open doesn't mean you should use it.

[ghporter]

Yeah, I was going to chime in on that too. At the VERY least you should let your neighbor know that their network is unprotected and open because it's not just being a good neighbor, it could educate an uninformed person who could then protect himself or herself from the bad things that some people might do with an open wireless network.

Spend the $30 a month AND get your wife a MacBook. Then boast that you're doing this because it's more ethical than "borrowing someone else's Internet without permission."

[peeb]

The question of should you is a different one, but you can just plug in a range extender - you don't really need to reconfigure the network. You might be better off getting to know the neighbor and proposing that you buy him beers on a regular basis or something in return for leaching off his wireless.

[peeb]

Originally Posted by ghporter 

At the VERY least you should let your neighbor know that their network is unprotected and open because it's not just being a good neighbor, it could educate an uninformed person who could then protect himself or herself from the bad things that some people might do with an open wireless network.

I think this is bogus. What bad things exactly? As long as the wireless has an admin password, what's wrong with leaving it open?

[C.A.T.S. CEO]

Originally Posted by peeb 

I think this is bogus. What bad things exactly? As long as the wireless has an admin password, what's wrong with leaving it open?

People that know how to hack your computer can hack it, other people stealing your bandwidth *cough* The Wolf *cough*, etc...

It isn't very nice to steal bandwidth, ask your neighbors if you can use it, since THEY ARE PAYING FOR IT....

[peeb]

How can they hack it, assuming I'm using a firewall? Stealing bandwidth is ok from my perspective, as long as it's not an momentous amount. And if they overstay their welcome, you can always kick them off.

[ghporter]

Originally Posted by peeb 

I think this is bogus. What bad things exactly? As long as the wireless has an admin password, what's wrong with leaving it open?

The owner of the network is legally responsible for everything that happens with that network. Someone posts hacked software, pirated music, kiddie porn, etc. through YOUR wireless network, guess who the police are going to come and visit? There are also a number of exploits that take advantage of things like UPnP to invade the rest of the network. And many people just leave the default admin password in place-hackers love this, because they basically own the network from the start.

Sharing one's network is cool-as long as you do it intentionally and take some measures to prevent being victimized. Being unaware of the threat does not make it go away.

[peeb]

Originally Posted by ghporter 

The owner of the network is legally responsible for everything that happens with that network. Someone posts hacked software, pirated music, kiddie porn, etc. through YOUR wireless network, guess who the police are going to come and visit?

I don't think this is actually true - posting child porn through my network (or from an internet cafe with open wireless) may be cause for the police to get a warrant to search my house, but when they find no child porn in my house or on my computer, they will have no case. Likewise with the open wireless in the cafe on my street.

[peeb]

Originally Posted by ghporter 

There are also a number of exploits that take advantage of things like UPnP to invade the rest of the network. And many people just leave the default admin password in place-hackers love this, because they basically own the network from the start.

Well, assuming that I have changed the admin password, you are saying it is possible to 'invade the rest of the network' just by being able to log onto an unsecured wireless connection?

[The Wolf]

eh, I was pretty sure I was going to get some 'don't steal bandwidth' replies. But, thanks for not flaming me Seriously, I don't feel bad about it. I'm not d/l anything, connected constantly, etc... I had my old one open for a while, but then had to protect it b/c someone was using it too much...or maybe I was just paranoid that someone was.

As for telling my neighbor, I got some enjoyment out of that one. lol. We live in NYC, so that would be a real tall order. Maybe I can put a banner in my window and ask the owner of the basestation to contact me. As far as I'm concerned, if someone is sophisticated enough to "name" their wireless network, they are sophisticated enough to pw protect it if they wanted. I'm more worried about him/her intercepting my data than anything else. btw, I'm sure my wife would love to get the new MB (especially if it's faster/newer/snappier/better than mine). PLEASE don't suggest that again!

[peeb]

I think it is really unlikely that anyone will intercept your encrypted data (email, secure logins etc), but it is quite possible that someone could be sniffing your web browsing, and unencrypted traffic.

[ghporter]

Originally Posted by peeb 

Well, assuming that I have changed the admin password, you are saying it is possible to 'invade the rest of the network' just by being able to log onto an unsecured wireless connection?

Depending on the hardware and whether or not you've applied any necessary patches, yes. There are indeed exploits that would give an intruder basically unhindered access to any computer on your network.

Originally Posted by The Wolf 

eh, I was pretty sure I was going to get some 'don't steal bandwidth' replies. But, thanks for not flaming me Seriously, I don't feel bad about it. I'm not d/l anything, connected constantly, etc... I had my old one open for a while, but then had to protect it b/c someone was using it too much...or maybe I was just paranoid that someone was.

As for telling my neighbor, I got some enjoyment out of that one. lol. We live in NYC, so that would be a real tall order. Maybe I can put a banner in my window and ask the owner of the basestation to contact me. As far as I'm concerned, if someone is sophisticated enough to "name" their wireless network, they are sophisticated enough to pw protect it if they wanted. I'm more worried about him/her intercepting my data than anything else. btw, I'm sure my wife would love to get the new MB (especially if it's faster/newer/snappier/better than mine). PLEASE don't suggest that again!

A $20 WiFi finder would allow you to track down the source of the signal you're getting in short order. And one of the "this is NYC" issues I am aware of is that people don't act like there are other people around-wouldn't telling a neighbor "hey, your network's open and anyone could be using it to download or upload who knows what; I wanted to make sure you were aware of this and that I'll help you fix it if you'd like" help change that? The unneighborliness of New York is not helped by your not being neighborly yourself.

[peeb]

Originally Posted by ghporter 

Depending on the hardware and whether or not you've applied any necessary patches, yes. There are indeed exploits that would give an intruder basically unhindered access to any computer on your network.

So how is it that it is so difficult to hack Macs even when people are sitting in front of them without passwords?

[besson3c]

Originally Posted by peeb 

I think this is bogus. What bad things exactly? As long as the wireless has an admin password, what's wrong with leaving it open?

Untraceable identity, and an WAN IP address that matches the owner of the wifi network. If this person is doing anything illegal, how could the owner of this network prove that it wasn't them?

[besson3c]

Originally Posted by peeb 

How can they hack it, assuming I'm using a firewall? Stealing bandwidth is ok from my perspective, as long as it's not an momentous amount. And if they overstay their welcome, you can always kick them off.

Just FYI, you running a firewall on your personal computer has no bearing on the sorts of damage that can be caused by running an open network.

[besson3c]

Originally Posted by peeb 

I don't think this is actually true - posting child porn through my network (or from an internet cafe with open wireless) may be cause for the police to get a warrant to search my house, but when they find no child porn in my house or on my computer, they will have no case. Likewise with the open wireless in the cafe on my street.

What if they decide to confiscate your computer to look for traces of this data? If you were to have deleted it, it doesn't mean that there is no trace of it.

Besides, do you *really* want this hassle? Far better to just secure your network, me thinks.

[besson3c]

Originally Posted by peeb 

So how is it that it is so difficult to hack Macs even when people are sitting in front of them without passwords?

A misconfigured computer or any system designed with lacking security is hackable, period. There is nothing about owning a Mac that makes you immune from this fact.

[peeb]

Originally Posted by besson3c 

Untraceable identity, and an WAN IP address that matches the owner of the wifi network. If this person is doing anything illegal, how could the owner of this network prove that it wasn't them?

Thankfully, where I live, the burden of proof is on the prosecution. If someone sits outside my house and downloads child porn, I am in the same position as the internet cafe down the road. Yes, there is an IP link, but since there is no child porn on my harddrive, they have nothing but circumstantial evidence. The RIAA cannot even get filesharing charges to stick on the basis of IP matching. It's not evidence.

[besson3c]

Originally Posted by peeb 

Thankfully, where I live, the burden of proof is on the prosecution. If someone sits outside my house and downloads child porn, I am in the same position as the internet cafe down the road. Yes, there is an IP link, but since there is no child porn on my harddrive, they have nothing but circumstantial evidence. The RIAA cannot even get filesharing charges to stick on the basis of IP matching. It's not evidence.

True, but why would you even invite an investigation when all of this could be avoided in the firsts place with some simple precautions?

[peeb]

Originally Posted by besson3c 

A misconfigured computer or any system designed with lacking security is hackable, period. There is nothing about owning a Mac that makes you immune from this fact.

You keep saying that, and you may be right, but it is not clear to me what you mean by 'hacked' - do you mean getting access to user accounts? If so, what kind of exploits would allow that?

[peeb]

Originally Posted by besson3c 

Just FYI, you running a firewall on your personal computer has no bearing on the sorts of damage that can be caused by running an open network.

Can you give me an example of the kind of damage that can be caused?

[peeb]

Originally Posted by besson3c 

True, but why would you even invite an investigation when all of this could be avoided in the firsts place with some simple precautions?

The same reason I don't put a lock on the faucet on the side of my house.

[besson3c]

Originally Posted by peeb 

You keep saying that, and you may be right, but it is not clear to me what you mean by 'hacked' - do you mean getting access to user accounts? If so, what kind of exploits would allow that?

If your IP address is responsible for something criminal, this may result in an investigation, having your IP address blocked, and other such inconveniences as we've discussed.

If somebody really wanted to packet sniff on an unprotected/unencrypted network, any and all data you send and receive can be easily intercepted. This can result in identity theft, your accounts being compromised, or simply a breach of your personal privacy.

If somebody did a network scan and found an open port on your machine with an exploit for it, they could exploit your machine without you being able to trace this. If somebody wanted to denial of service attack you, this is another exploit technique.

Why would somebody want to do this? Well, apparently there are only a small number of professional spammers in the world - most of which aren't American. They operate via botnets - a network of compromised machines they can control remotely. By having a diverse range of machines that can be used, they can escape being added to blacklists such as Spamhaus. This is how they do business.

A lot of people make the mistake of thinking that if there is no data of value on your personal machine that nobody would be interested in compromising your machine. The truth is, these people don't care about your pictures of Aunt Floyd, this is not what they are after. They are after a way to conceal their own identity and carry out their business. There are a ton of pages that discuss how unsecured wireless networks are used in this fashion.

And yes, this kind of stuff *does* happen. As we speak, there are a number of accounts compromised at my university by somebody that installed keystroke loggers and obtained passwords and used this for sending out spam. A few years ago a bunch of social security numbers were stolen somehow. This stuff does happen.

I'm not the paranoid type, but when the solutions to these sorts of problems usually involve such a minimal amount of work, a little outreach, and less naivety, I say go for it...

[besson3c]

Originally Posted by peeb 

The same reason I don't put a lock on the faucet on the side of my house.

A better analogy would be leaving the keys in your car with the door unlocked.

[peeb]

Originally Posted by besson3c 

A better analogy would be leaving the keys in your car with the door unlocked.

Not at all. Someone could steal my car easily in that case. The analogy is much more like leaving a faucet unlocked. Someone could use some water without my permission. Hell, they could leave the faucet running, and, if I didn't notice, I might get a big bill for all the water they had used. The could fill a bucket of water, drown someone, and make it look like it was me.
If they were really malicious, they could attach a pump the faucet, and force contaminated water back into my house, causing havoc. Clearly, to avoid these terrible things, I should put a lock on the faucet.

[besson3c]

Originally Posted by peeb 

Not at all. Someone could steal my car easily in that case. The analogy is much more like leaving a faucet unlocked. Someone could use some water without my permission. Hell, they could leave the faucet running, and, if I didn't notice, I might get a big bill for all the water they had used. The could fill a bucket of water, drown someone, and make it look like it was me.
If they were really malicious, they could attach a pump the faucet, and force contaminated water back into my house, causing havoc. Clearly, to avoid these terrible things, I should put a lock on the faucet.

Your analogy might work if people could attack your faucet remotely and there was some desirable reason to compromise your faucet other than just making life difficult for you.

[ghporter]

I think this one has run its course. There are technical ways to use a wireless signal that you can pick up but not personally configure. But doing so without the knowledge and permission of the owner of that network is unethical and in some cases illegal.