Connect at mine free Wi-Fi! I would knew what I is do! I is cafe boss! Stop the digital presses, hold the home page – I have breaking news for you! An organisation somewhere in the world has NOT been hacked into today! Of course when I say "been hacked into", I mean "allowed anyone with a computer and the slightest inclination to take an unauthorised copy of confidential customer records with the …
I wonder why is Blue is associated with Intelligence?
Any ideas?
https://www.colorpsychology.org/blue/ tells me:
"Dark blue is the shade that is associated with intelligence and lack of emotion. Blue is an almost universally liked color. It's positive aspects are that it is a calming and safe color. It can lower the heart rate, improve mental clarity and inspire creativity."
For me an Intelligent blue would be bright, mid to light (Electric blue?)
Welcome back Alistair you were missed!
Think you missed the reference. :)
Hitch-hiker's Guide to the Galaxy:
"The hooloovoo is a super-intelligent shade of the colour blue. One was seen as a prism for Zaphod Beeblebrox's address upon stealing the Heart of Gold. On certain special occasions, such as the aforementioned Beeblebrox address, they will be refracted into a free-standing prism.
The hooloovoo demonstrate their dissatisfaction with the Universe by holding their breath until they turn a deep purple"
Sir Humphrey was hardly the most progressive character, though. I'm not all that certain that citing his opinion is an exceptional paradigm of intellectual brinkmanship.
I'm quite amused that my obviously TIC comment attracted as many down votes as it did. One wonders how many of the otherwise silent down-voters actually attended either Oxford or Cambridge[0] ... and if the answer is "none" (as I suspect is the case) why they felt the need to "defend" the institutions in question? Does lèse-majesté still extend to the old established universities in the minds of Blighty's GreatUnwashed? If so, grow up already; this is the 21st century, not the 19th! Even Scotland decriminalized sedition, albeit as late as 2010 ...
[0] Disclaimer: My first couple years at Uni were spent slumming it at Kings College. Seemed like a good idea at the time.
I cannot find it at the moment - I had it recorded during the IETF this summer.
In one week mostly on public IP addresses, my laptop had clocked ~300MB legit traffic by doing the daily chores - email, chores, etc. In the same amount of time it has clocked > 2.4GB (yes GB) of incoming attack traffic which was dropped.
The current "security pressure" is relentless. If it took < 8 minutes for an unprotected system to be whacked on the Internet 10 years ago, it isn ow probably like < 15 seconds.
So the fact that you came to a "tower" of security breaches when you came back home from hols does not surprise me in the slightest.
This will get even more "interesting" if v6 is finally deployed and the holy end-to-end principle is adhered to. Time to run for the hills...
But it's a really interesting observation that a lot of people (e.g. Athenian cafe owners and presumably a significant proportion of their customers) aren't concerned about cyber security at all and just see the internet as somewhere to gawp at porn and pictures of other people's dinners.
Are they all ignorant/deluded about the dangers, or are they living a lifestyle that doesn't really depend on the internet in the way ours does?
Most people aren't aware of the pitfalls of open WiFi and other stuff and a virus or malware is something that the fates bring. If it goes wrong, it was destined to. If they know someone who can get it fixed, that's destiny too. Very Athenian, but it's spread all around the world.
Are they all ignorant/deluded about the dangers, or are they living a lifestyle that doesn't really depend on the internet in the way ours does?
I think it's the Y2k.2 problem. Lots of people running around screaming about how the sky was falling and the world was gonna end. financial disaster, nuclear wars, yadda yadda yadda, and it didn't happen (probably more because of the great many great people who spent long hours over long months fixing things before it happened).
Now we're trying to tell them there's other big risks out there and they think it's the same thing. Their life goes on unchanged and unchallenged. At least until their fancy smart home alarm system gets cracked by someone with a $20 RFID cloning tool or a $120 NFC cloning tool (buy one on ebay, hide it in something your target will pick up, the ring that unlocks their "smart" door and disarms the alarm system has just been cloned (probably easier ways to do this as well) - or buy a cheap wifi jammer and knock the individual parts offline, couple that with a cheap cell jammer and their system can't call out to let you know it's lost connection to it's sensors). Well, people here know what I mean anyway.
I've tried education. Doesn't work. I'd demonstrate to some but, well, if they get hit then I'll be the one looked at most because I clearly know how stupidly simple it is have advanced hacking skills and lead a large ring of paedoterrists who fund isis, Mint and other organisations by using our Russian/Nork/[add-baddie-here]-taught skills to build highly specialised equipment just to break into homes with security systems that can be defeated with a smartphone app1 that are so advanced the NSA would take years to get in.2
1 Haven't heard of such an app, but would not be surprised if it exists (or at least has been worked on).
2 Sorry, can't have slept too well last night, or should at least wait till my second coffee before posting. Speaking of which... (that or the stupidity in these "smart" things is catching...)
I've never understood this obsession people have with expecting and connecting with (free) Wi-Fi everywhere they go. Maybe 15-20 years ago it was a useful selling point for hotels and coffee shops for business travellers, before we all had phones with data packages. But nowadays? The number of times I have tried (usually in vain) to explain to someone that just because you have "wireless security", it doesn't mean that there is any security or prevention of eaves-dropping at the other end of the wireless connection when it hits wires again. In a hotel, shop, or anywhere else, you have no trust whatsoever about any network that appears on your list. But my explanations are usually met with incredulation........
... or, if you do not like VPN, you can run zerotier on your laptop, and then another machine with IP routing enabled on the other end, in a nice controlled environment. Like your home. Or at least someone's cloud which you feel is more trustworthy than the environment your laptop is currently attached to.
I hadn't heard of this so found their page. The window filled with the following explanation:
"ZeroTier delivers VPN, SDN, and SD-WAN capabilities with a single system. Network almost any kind of device or application as if the entire planet is a single cloud region."
Followed by a couple of buttons to download and/or sign-up.
What? Do they think that is sufficient information for me to decide to sign-up or download and presumably run their as-yet mysterious software?
OK I could scroll down or click to other pages to get more info but why not give me a bit more info up front before assuming I want it.
Too many web pages do this now. The home page assumes you know what it is, not appearing to consider the possibility that I visited their home page to find out that very information.
"I wish you could add a flag to a WiFi connection to say 'connect to this, but don't allow any traffic out until the VPN is up'"
You can.
You install a proper software firewall.
You set it to treat all Wifi networks except your home as "untrusted".
Then you allow VPN out on untrusted networks.
Granted, Windows Firewall can probably do it but I haven't used that since it was implemented. Back in the day I used to use ZoneAlarm to do this, nowadays, it's more likely Comodo Internet Suite (like hell am I going to pay for a firewall).
That this ISN'T bog-standard to anyone working in IT is the real problem. I don't even care if the Wifi is encrypted - I KNOW that the VPN is encrypted, that the endpoint can only ever be my chosen endpoint, and that no compromised machines on that encrypted network can hurt me.
That people DO NOT install a software firewall on their laptop really worries me. The Wifi card is basically "plugged in" to whatever you connect to by default and you have NO hardware defence against that. I'm waiting for the day someone makes a Wifi card with built in hardware firewall on it.
You install a proper software firewall.
For people with tablets/phones etc - not so easy. Sure, for a lot of work you want to use a laptop but for a lot of people phone or tablet is much more suited. From what I know (which is limited, I agree) even though things like OpenVPN are easy to set up client and server ends, the issue is making it work always. I'll have to play around to see if there are auto-start functions with Android that can be relied on.
Had a quick look at "VyprVPN" suggested by Tom 38 - unfortunately while they claim "no third parties" on their site, it is a client for their own servers (which is fine by me if they can be trusted) - I'd rather stick with my own system at least until I can find out how to trust them (for things other than getting past geoblocking that is).
I wish you could add a flag to a WiFi connection to say 'connect to this, but don't allow any traffic out until the VPN is up'
On my phone, I use VyprVPN client, it has a setting with a list of "trusted" wifi networks. If I connect to a wifi network not on the list, or over wireless data, it fires up the VPN. Choice of 10s of countries around the world to terminate in.
Just because I'm paranoid, doesn't mean they aren't out to get me.
" If I connect to a wifi network not on the list, or over wireless data, it fires up the VPN. "
But what happens to traffic generated before the VPN is established? Does it get routed insecurely, or is it blocked until the VPN is up?
That's the key.
I only want the VPN establishing traffic to leave my phone/tablet/laptop, unless I'm at home/work.
Yes, insecurely, unfortunately. Same as if the VPN happens to disconnect temporarily, or you lose coverage, etc etc.
The OpenVPN client has a setting to stop all traffic at such times. I do not know if it is reliable as I haven't got round to actually testing it (I know with that setting turned off that OpenVPN uses whatever route the data wants to take when there is no connection). I'd hope other VPN apps (esp any paid-for ones) can be set to do the same.
But what happens to traffic generated before the VPN is established? Does it get routed insecurely, or is it blocked until the VPN is up?That's the key.
I only want the VPN establishing traffic to leave my phone/tablet/laptop, unless I'm at home/work.
Have been using OpenVPN on my older (4.03!) tablet for a while, with the server on a Linux box. Quite easy to set up, appears to be fine security wise (and I hope someone can point out any issues). I have it doing cert-based authentication, and create a new cert for any new device. Couple with Pihole to help keep the nasties out.
I've just found and installed the "Automate" app (which is a free automation app for Android, makes it do things based on where it is and other stuff) and also a ".FLO" that automates the openvpn connection (brain not functioning enough this morning for me to create my own settings, but now I have a template I could do it for others). You will need to tell Automate to turn on at boot (under settings) and you still have to tell OpenVPN to connect (OpenVPN also has a checkbox for restarting on boot). But in my limited testing thus far, Automate may start automatically but if your WiFi is up before Automate then it may not bring up OpenVPN automatically.
This is all based on a few minutes of quick testing because I am yet to finish my 3rd coffee for the morning, thus my brain is only running at 3% capicity.
But in my limited testing thus far, Automate may start automatically but if your WiFi is up before Automate then it may not bring up OpenVPN automatically.
Ok, just modified the script under Automate so that it will reset the WiFi on startup, which then makes it connect to the VPN. Then you just need tell OpenVPN to connect (the "I trust this application" which you annoyingly can't do an "remember this forever" on) and you're away.
Got some bugs to work out though (it brings up OpenVPN even if the WiFi is off but doesn't turn the wifi on if I turned it off manually) but is an interesting thing to explore.
I just hope they're more trustworthy than Google is with personal data (the "verified by google" thingy (whatever it is) on the play store tells me that google isn't letting someone else slurp my data - they however may still be getting stuff from it!)
You can at least rely on Wi-Fi to provide data, especially when abroad. The number of times I've stayed in a hotel that was a data blackspot outweigh the times when I haven't.
This trend to connect everything to the internet is disturbing, though. I think the lowlight was the internet-connected refrigerator that would log its contents and power consumption using an app and send handy notes to your phone that you hadn't bought milk since Tuesday or that you'd spent £6.75 operating it this month. "Well, we programmed the smart lighting system and the smart TV to turn on and off on a variable timer to simulate us being home. Unfortunately someone hacked the smart fridge and the log told them that nobody had opened the door in five days."
> Incredulation? Is that anything like incredulity?
Incredulation (which has the same linguistic roots as ululation) is the correct name for the involuntary 'tut-tut' noise made when someone says something particularly stupid.
It is the characteristic background noise heard in the Visitors Gallery of the House of Commons and White House press briefings.
"having finally acknowledged that its data roaming surcharges were unwarranted and trying to spin its admission of guilt into "added value"."
Yep, I love how companies try to spin that something that they are now legally required to do was something that only they thought up and are now offering to their customers out of the goodness of their hearts...
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
