I was looking around researching wifi security and saw that somebody can read somebody else's cookies when they hook up to his LAN via a wireless access point. He says he can view passwords to all sorts of accounts and routinely goes into people's accounts but "doesn't do anything bad."
Anyway, what prevents somebody at a hotel from doing the same thing? Could any jackass on a hotel network set up a sniffer and get pretty much everyone info?
Most financial and banking web sites offer SSL (secure socket layer) encryption between your browser and the bank. The degree of encryption varies among banks. Some encrypt the entire session. Others only encrypt logins and specific sessions.
Despite SSL and authentication, there are still problems:
These problems are not unique to wireless and can also ocurr with a wired internet connection. All I can offer is the usual "be careful" warning. The one that worries me is where banks place a secure login box in the middle of an unencrypted web page. That's an open invitation to a man-in-the-middle exploit. Wells Fargo, my bank, is a prime culprit.
A real danger in wireless online banking using Wi-Fi is a spoofed or faked web site designed to trick you into logging in with your login and password. Banks use various measures to avoid fraudulent web sites, but all rely on the user recognizing the difference between the real site and the fake. That's not really reliable.
If you're paranoid, discuss using x.509 certificates and a one time password generator (S/key) dongle with your bank. They may not do anything, but they might recognize that there's a problem and therefore a demand for such devices. For example:
Most banks already use these for their employees and inside transactions.
Despite SSL and authentication, there are still problems:
These problems are not unique to wireless and can also ocurr with a wired internet connection. All I can offer is the usual "be careful" warning.
You could also use a VPN service, which would encrypt everything between your laptop and the proxy server. Sniffing would be impossible.
In the context of this thread, I guess. I used jiwire's VPN service for a few years, they sent an email informing me they were discontinuing the consumer service, which was a shame, it was only $25 a year, if I remember.
Thanks. I didn't know that they had shut down the VPN service (Hotspot Helper).
I got creative and setup my own VPN termination on an colocated customers server. Lots of bandwidth but I don't use it much. I have
5 laptops and 2 PDA phones, but no time to use them at coffee shops (except for troubleshooting). Sigh.
I haven't looked to see what else is available for VPN's:
(plenty more...) Prices run around $10/month. It appears that few care much about wireless security, but are mostly interested in providing a proxy server for anonymous surfing (used mostly to bypass access restrictions).
I know odd question but has anyone seen or run across an wifi (g) thermometer that can be accessed via a LAN or for that mater an IP thermometer? Plenty of wireless ones via Google but have a need to place one outside and have it readable from the LAN if possible.
Only one temperature? If so, then it's much easier to communicate the temperature using one of the cheap consumer 49MHz wireless sensors to a base unit that has ethernet, than to do all the processing outdoors, and communicate the results via wireless. For example, the typical wireless thermometer runs on two AA batteries and runs for 2 years. A Wi-Fi link will require far more power to operate. Search for wireless weather stations with ethernet:
If you really want to get crude, just get a decent hand held optical IR thermometer
and point it outside to a fixed object to get its temperature. Then read the display or connect it to something that does ethernet. Some such IR thermometers have a serial output for a data logger.
I have had a couple of Oregon Scientific weather stations in the last 10 years and while the base stations have been reliable the remote Temp sensors have never lasted. I have used the 418MHz and 433MHz versions and had problems with:-
Range, should be about 30 metres but due to the location of the base stations have never got more than 10 metres.
Min Temp, according to the manual the "proposed operating range" was
-5C to +50c and on a frosty morning I would lose the indication on the base station and you had to wait for the temp to increase and you would then have to force the base station to do a search to get the remote sensor to synchronise.
Sensors were prone to failure when being knocked, squirrels and birds used to tap one of the sensors and I on a couple of occasions hit one moving ladders in the garage eventually causing it to fail.
Performance of the remote sensors degraded over time such that after about 15 months I had to place them on the outside wall of the house as they had virtually no range.
The 433MHz sensors were prone to interference from everything from car alarm remotes to wireless bell pushes.
After having about 8 remote sensors I have eventually given up on them.
In light of issues with simple radio telemetry sensors, I mention FWIW a simple WiFi solution that has been proven by years in the field: Ken McGuire has employed a Zipit Wireless Messenger as a weather station controller and 802.11b/g link for remote data acquisition for years:
I ported 1-Wire code to this device to support a variety of sensors (temp, humidity, etc.), and even the old Dallas 1-Wire weather station could be interfaced to this machine.
One gains the facility of local data caching, data verification and error checking, arbitrary control of sensors and equipment and flexibility in programming by using a general purpose controller and wireless LAN. The 'Zipit' is tiny and a power miser - about the size of a deck of playing cards.
Quite a few high-end weatherstations have USB connections and can be interrogated via suitable software.
Most of the ones I'm aware of have wireless sensors (933Mhz seems common), and a base-station that can be hooked up to a computer. I would expect that to be more reliable as the sensitive electronics can be kept in the dry, and all you need outside is a simple digital meter and UHF transmitter.