Dave’s Tech Blog
A Third Eye on Technology

I came across a funny screenshot today that provides a pretty clear example of how social engineering is used to con people (in this case, Windows users) while browsing the Internet (click for full size):

Clearly, this user is not running Windows XP but Ubuntu Linux.  Yet with their pop-up blocker disabled in Firefox 3, a malicious website presents a window that mimics a “real” warning.  But it’s actually a trap.  This is probably the most common reason viruses find their way into Windows systems — by exploiting a users lack of expertise and susceptibility to intimidation on a technical level.  So fair warning to you Windows users out there.  Fortunately for our Linux user, he’ll just laugh and close this window.  If you’re a Windows user and you see an alert like this, you should close it too (but run a virus scan using something like AVG immediately afterwords).

In my previous blog, I wrote about staying at Holiday Inn and attempting to use their wireless networks to give my girlfriends’ Nintendo Wii access to the Internet.  Gateway access to the Internet is not typically granted until you click on a button that binds you to terms of usage.

Well, it turns out the Wii itself is causing quite a bit of mystery.  Spoofing it’s MAC address, I was able to get the agreement page to re-appear on my laptop.  But after shutting Backtrack down and trying again, the Wii still couldn’t gain access to the Internet for some odd reason.

I went ahead and contacted their IT department and within a couple minutes, they had granted the MAC address of the Wii access to the Internet.  Yet it still doesn’t work.  Which… doesn’t exactly surprise me, especially after the IT guy told me I was the first person to attempt to connect a Wii while staying at a Holiday Inn.  We sat on the phone for about 15 minutes testing and testing, power cycling and testing again, but the Wii wasn’t doing anything except giving up.  It would seem that the IT department and myself are both stumped about this.  So for the time being, the spoofing tutorial is useless.  But still, it was a fun experiment.

In the meantime, I’m going to sit down with Google and see if I can find an alternate solution.  If I find one, I’ll be sure to write about it here.

My girlfriend works as a manager for a major restaurant chain that has a catchy theme song about ribs. About a month ago, one of the restaurants located in a city about 50 minutes west of where we live lost three managers. I’m not very clear on the details, but I understand two walked out without giving advanced notice (why oh why, I wonder) and a third was fired for breaking a serious policy (I mean a federal law, but its been dealt with). As a result, the place is essentially in a state of needing emergency life support. They’ve called upon my girlfriend to help pick up the pieces (hopefully with the intention of letting her go someday, and not use this as an opportunity to coerce her to stay permanently). So far, she’s been scheduled to stay through till the end of July, and this was a very recent revelation on the part of her boss. I would not be surprised if “the end of July” becomes “the end of August” sometime soon.

Fortunately she is being put up in nice hotels (which I would imagine is coming out of her bosses bonus checks this year, and that sort of makes me feel a tad bit better about the whole long-distance relationship mini-drama). But there are many days I can’t stay with her, and spending time in a hotel alone can get really boring after a month or two or three (hopefully not four, but I’m a little pessimistic at this point).

Holiday Inn’s WiFi Meets Nintendo Wii

One of the things my girlfriend purchased before this stretch of work was delivered to her was a Nintendo Wii. I showed her at my house how to configure the wireless network connection settings and talked her through it over the phone when the time came. But for some reason, it just wouldn’t connect. By “connect”, I don’t mean wireless association followed by authentication (which, in this case, means nothing because the network does not use encryption). What I mean is, you’re not granted gateway access to external IP addresses until you’ve clicked on a link indicating that you agree to certain legal usage terms. Once you click the “I agree” button, you are then given full access to the Internet.

What the Nintendo Wii is trying to do is phone home (access Nintendo’s servers) immediately after it’s assigned a default gateway with the assumption that the gateway is not blocking traffic to external IP addresses. If it were to ping the gateway, it would likely get a reply. Any other site, nothing. The Wii assumes your router to be working, but the cable modem is broken, so it gives up and asks you to try a different network.

Since I’ve already agreed to a certain group of usage terms I shouldn’t be required to click “agree” again so as to personally access the Internet. But it’s the MAC address that acts as my identity, more like a name-badge, and the MAC on the Wii will be different from the MAC on the laptop. Your MAC address is a hard-coded number used to uniquely identify your wireless networking adapter. No two MAC addresses are said to be the same. So at first, it would seem there’s nothing I can do with the Wii to get it to connect to the Internet… Or is there?

What can be done about this?

There are a couple solutions. The first is to contact customer service and see if they can get their IT guy on the phone. I would then ask him if he could manually add the MAC address of the Wii to their routing tables and grant the device access. For some, this would be the simpler solution… though your mileage may vary. How long do you think it would take? Because I really don’t feel like placing bets on them being immediately available. I’m just telling you right now that the IT people at this particular hotel are not very advanced. The reason I say this is because the channels they picked for their 3 routers are all within the same frequency range (channels 1, 2 and 3) instead of spread out (channels 1, 6 and 12). In other words: They’re not very professional. Bandwidth is being lost because the routers are overlapping each others frequencies, and this is basic wireless network design technique we’re talking about here.

The other solution is to trick their wireless networks into thinking my laptop is the Wii and click “I agree” a second time, and then disconnect. I would do this by changing the MAC address of my wireless adapter. This is what is known as “MAC address spoofing”, the act of using a networking device to appear to be another (not to be confused with a “spoofing attack”, because we’re not going to attack anybody). Not all networking devices can do this. I happen to be using one that contains an Atheros chipset (it’s a D-Link WNA-2330 to be exact), which can be made to do anything I want it to do in the world of Linux. (Another blog I’m going to write in the future about Wireless Adapter hacking is turning my laptop into a Wireless router, and then share my cellphone’s Internet access wirelessly).

The Trick

I intend to use a copy of Backtrack 3 beta to carry out this little experiment. But it’s late, I’m away from home and have to download a fresh ISO and burn it to a disc first before I can try this out. By the way, spoofing a MAC address can be done in Windows, but I’m not going to write about Windows software that does this in here (because I’m lazy. But if you’re really curious, google can help).

In Backtrack (or even Ubuntu if I install the MadWifi drivers, which is not as easy as burning a Backtrack Live CD) the commands to change the MAC are as follows (reference link):

• wlanconfig ath0 destroy

You can use any mac address you like. In this example: 00:11:22:33:44:55

• macchanger -m 00:11:22:33:44:55 wifi0
  
• wlanconfig ath0 create wlandev wifi0 wlanmode managed
• ifconfig wifi0 up

After this, I can just use a plain old connection manager to connect to the network.  I could also use this command to do it manually:

• iwconfig ath0 essid [NetworkName] key [WepKeyHere]

Pretty simple. Note though that if your card uses a chipset other than Atheros, you might not be able to do this with your card, and the first command “wlanconfig ath0 destroy” might be slightly different (like “eth1″ for instance), depending on the device name Linux assigns your wireless adapter.

Isn’t this a little extreme?

If by “extreme” you mean “illegal”, the answer is no. Spoofing doesn’t become illegal until you use it in to acquire private information you’re not supposed to have access to (which requires a lot more work anyway). The Nintendo Wii is flawed in that it doesn’t included a web browser with it by default, and even if it were installed, it wouldn’t believe it was actually able to connect to the Internet. Perhaps I’ll send Nintendo a little suggestion so they’ll release a patch in their next update sweep. Though it surprises me that they’ve not encountered this problem, considering they sell Nintendo Wii carrying cases for smug Wii-owners to take their Wii’s to their non-Wii-owning friends’ house so they can show it off over and over… though this probably doesn’t take place in nice Hotels with moderate network security in place. And Nintendo would probably ignore me because they charge people to buy their web browser (you have to be able to download it from their servers anyway), which is required to agree to view Holiday Inn’s agreement page.

So I suppose the next best place to put the blame is on Holiday Inn….and we know that IT guy isn’t in the mood to revamp company policy (and I can’t really think of an easy solution, other than unblocking the MAC). You see, it becomes this dilemma of, “Just how out of my way should I have to go?” If I had a backtrack CD with me right now, I’d hopefully be able to solve this problem in 5 minutes. To me, that’s the opposite of extreme. I’d call it practical (for me). For most people, they’re either stuck with a design flaw in their game console, or hotel Internet policies that were not designed to accommodate these kinds of dumb devices.  Quite a double-bind we have here.

Well, I’ve got some sleep to get… At least they have nice pillows here and the bathroom sink is to die for!

A client of mine recently wiped his computer clean when they accidentally initiated a destructive recovery via the F10 key during POST. This caused their hard drive to be formated and their OS to be reinstalled as it was when it was originally installed at the factory. The lost files on the system were not recoverable, and the only alternative would be to have an advanced data forensics lab extract the old data off, the cost of which could go up as high as a couple thousand dollars.

There are some simple things you should get in the habit of doing if you want to decrease your odds of facing such a horrid situation as the one above:

Unplug your PC when there is lightning outside

I shouldn’t have to tell people this, but some of you uber-nerds out there think that the bigger their basement-computer-bedroom-cave-hermit dwelling is, the more invincible they are. It’s not a matter of probability of being struck, but probability of surviving a lightning strike unscathed. Like the Black Knight from Monty Python.

Don’t let the price tag on that expensive Uninterrupted Power Supply fool you. Its purpose isn’t to safe-guard you from a lightning strike, but to sustain power to your PC in the event of an unexpected outage and to compensate for brownouts and power spikes. Lightning can still penetrate it and make its way to your computer. Once there, it’s up in the air how much damage it might inflict, and hard to diagnose the extent of damage after the fact. Every time I’ve seen a system that’s been hit by lightning, I’ve ended up having to tell people to buy a new computer, because so many parts were damaged in a split second.

Do what most people do during severe weather: Watch TV till the power goes out, grab a radio and flash light, salvage the remaining beer from the unpowered refrigerator, and hope for the best when you regain consciousness in the morning. Or whatever floats your boat.  If you have an Internet addiction like I do, use a wireless device like a laptop or a cell phone to get your info fix.

Backup to an external storage device

Here’s what I’ve got pictured above from left to right:

• An external USB hard drive. Advantages: Cheap for price per megabyte, easy to setup and use. Disadvantages: Subject to failure from old age after several years of use (see your warranty), and sometimes bulky (depends on how cheap you are).
• A USB Flash Drive. Advantages: Small, handy, convenient, instant plug-and-play capable (usually). Disadvantages: Must be replaced after about 250 uses, easy to misplace and lose (get a nice 4 dollar lanyard like I did). Costly if you have lots of data to backup.
• A cell phone with a MicroSD card. Same as the USB flash drive, but slower. The advantage is that it’s in your phone, and you probably aren’t as likely to misplace that thing.
• Network Attached Storage. Network attached storage is basically a “computer-less” hard drive that attaches to your local network (router) and shares hard drive space to other computers on the network. Advantage: Highest fault tolerance (there are multiple copies of files spread across hard drives, so if one drive fails, the file is not lost). Disadvantage: Expensive.

You can also backup data to external CD’s or DVD’s and keep them in a dark place. Doing so will keep your data safe for a long time. But it’s good to shed old storage media after several years of data sitting on them and move data to a fresher medium that is less likely to suddenly flake out unexpectedly.

You can also use software to automate backing data up. A good one is Amanda Open Source Backup. I’ll write more about it sometime in the future. But for now, you should consider using one of the external devices above and practice good habits to protect your computer and your documents from being lost.

Click on the image below to see the entire screenshot

(The Great Singularity will be continued in a later blog)…

The Early Days of Wireless Networking

The 1990’s was a period of great excitement for computer hobbyists and nerds alike. Particularly the few who enjoyed building electronic toys on breadboards with little capacitors and microchips from Radio Shack. As rare as such people are, I once knew a man named Rick who had actually built his own serial cable adapter to hook his 66Mhz computer up to a CB radio and use it to send data over the air to someone else with the same setup on their end, using only radio frequencies to transmit data for miles and miles. This little idea of wireless data sharing wasn’t all that ground breaking at the time, mostly because it was SLOWWWW.

Still, it was the early 90’s, and just plain dial-up Internet access was THE wet dream of nerds like myself and the fellow I mentioned above. The Internet came late in the rural area I grew up in, so the next best thing was to connect directly to someone else’s computer via one means or another, usually a phone modem. (I have many very fond memories of playing Duke Nukem with a friend by using our phone lines to dial each others’ computers and start playing head to head. It was a degree more personal, direct, instant and consequently more fun than most of today’s impersonal multi-player games played against strangers, I think, but that’s just my opinion).

Fortunately, dial-up (and later DSL and cable) availability soon swept the nation, and most computer users now had a dependable method to access this so-called Internet. The old lost hobby of transmitting data from one computer wirelessly to another located miles away — seemingly for nothing more than a tiny fraction of your electric bill — became obsolete compared to the fast speed of 14.4 baud modem that was always available (unless you were using the busy-signal service provider AOL). It also had the added benefit of being a network with many millions of regular and increasingly diverse users. Suddenly, you didn’t have to be a student in a university to get access to hundreds of thousands of interesting websites and anybody could get an e-mail address from Yahoo with their very own 2 MB mailbox for free. The Internet was in the early stages of flowering, and many ISP services popped up to offer access for about 20 or 30 bucks a month.

Trying to build your own private network wirelessly with a CB radio wasn’t a bad idea. But if you had tried to do what Rick had done with a CB radio, and attempted to send a file the size of a 3 1/2 floppy over the air, it would have probably of taken at least an hour to send the whole thing. By comparison today, the same file can be downloaded via standard cable Internet in just 2 seconds (even over today’s wireless networks). In fact an increasing number of home users are now installing wireless networks in their homes for the convenience of being able to put their laptop anywhere in the house and get access to the Internet. This makes me wonder: What if the entire Internet were to be rebuilt (theoretically) with wireless radio signals instead of copper and fiber optics? We’ll come back to this idea later…

Net Neutrality

You have probably heard the term Net Neutrality come across the news on occasion, but not really have much of an understanding of what it is. In short, Net Neutrality is exercised when an ISP such as Cox, Road Runner or Comcast refuse to interfere with your Internet bandwidth based upon the types of traffic sent over the wire to your computer. An example of what a non-neutral ISP might do is if they sell their Internet in tiered packages, sold the same way cable companies sell their TV channel packages. You get the standard cable for X dollars, the premium channels for X dollars more, then there’s pay per view, etc. Do you want the Internet to be sold and regulated like that?

(Don’t worry. It’s fake….for now)

The current debate going on in congress is whether or not regulations should be put in place that would prevent companies like Cox or Comcast from establishing such tiered packages. Since the debate was brought to Congress in the middle of 2006, every bill proposed thus far has been killed. In a world where the Internet is packaged and sold under dubious terms and conditions such as limiting which websites you are allowed to visit, you’d soon realize that restricting access in such a manner would brush up against violating the First Ammendment.

One of the overlooked reasons behind cable based ISPs wanting to restrict and split Internet access into more controllable tiers is bandwidth usage by P2P file-sharing protocols such as the popular Bittorrent, which uses an efficient mesh-topology for sharing files. It allows users to upload and download files to each other in “swarms”, spreading the overhead of file transfer across many users at once, instead of relying on one individual to get stuck with the overhead of sending the whole file to multiple users one after another. The end result: You could theoretically share a file with thousands (if not millions) of people in the same amount of time as it used to take to share it with just 2 or 3 users.

(Above: Bittorrent in action, starting with one “seed” and seven “leeches” which all become seeds themselves in the end)

While a majority of Bittorrent traffic on the web is currently used for illegal file-sharing, it is also a technology that is used for legitimate purposes and poses unlimited potential to TV program producers. So much so that large TV networks will inevitably use it to distribute their programs (new value chain = Producer<Advertiser), instead of through tradition means (Producer<Distributor<Broadcaster<Advertiser); effectively cutting out middle men like Direct TV or Cox and replacing them with the Internet in general. The term used to describe TV distributed via Bittorrent or similar file sharing protocols is called “hyper distribution,” and it’s a threat Cable companies are attempting to squash.

So what do you do when your ISP starts to block your downloads when ABC start to distribute Desperate Housewives over the Internet for free? Well, you’d do the natural thing, and choose a competing ISP who doesn’t filter your traffic… But what if that wasn’t a very easy thing to do? In a world where you are forced to seek out an alternative method of accessing an uncensored Internet, it might be difficult to find an outlet. Because if one ISP practices such traffic filtering, what would stop others from following suit in some form? What if DSL Internet access suddenly cost a lot more money so you could access and download legitimate, legal torrent files? What then?

Municipal Wireless Internet

There are many metropolitan areas in the US that have established or are attempting to build what is called a Municipal Broadband Wireless Internet. This is essentially a government supported infrastructure that allows anyone in the public free or low-cost wireless Internet access from anywhere within city limits. You could be sitting on a park bench reading Yahoo News for instance and it would be paid for by tax dollars. The flaw with this setup (from an Orwellian perspective) is that it was built by the government, or at least heavily subsidized by it. This defaults to them the ability to regulate and/or monitor that particular avenue of Internet access more quickly and at their discretion. After all, they built it via tax dollars you gave them in the first place, which governments like ours so often use in our best interests… right?

Enter Orwell’s Internet (Tinfoil hats optional)

At this point I will attempt to introduce elements of a hypothetical scenario that George Orwell would have likely written into his classic novel 1984 had he known the Internet would exist on such a global scale as it does today. Granted, it is hard to picture what such a world would be like — where the information you are allowed to download to your computer is sanctioned and closely monitored by your own government. But all you have to do is look at the many places in the world that actually practice heavy Internet censorship, like China or Burma, to see that such restrictions exist in many places and are very scary to think about.

Could such restrictions and unwarranted surveillance be visited upon the general public here in America? To a degree, it already does occur, though it’s exercised under the banner of national security and anti-terrorism efforts. There is a remote possibility that it could get a lot worse, but that strongly depends on the public’s misunderstanding about topics like Net Neutrality, combined with the heavy lobbying efforts put forth by the nations largest media corporations, not to mention who ever happens to be President at the time and what the FCC has to say about it. So what I’d like to bring up is this remote possibility of such intense government regulations over the Internet taking place, and why such a scenario would never actually fly if it were implemented in the US.

So far I’ve touched base on the boom of the Internet, followed by Net Neutrality and now the dawn of Municipal WiFi, with a warning that it’s not so delightful a thing in a typical Orwellian dystopia: Googleing the word “democracy” would get you no search results. Personal privacy would be complete fantasy, everybody would be their own brothers policeman, so on and so forth. You’d be surprised what a government might be able to get its own citizens to do with enough fear propaganda. Ask any German who lived when Hitler was in power, or anyone from China who is accustomed to reading state sanctioned “news.”

Fortunately, things are much better off for us today. We have an Internet that is still very very neutral and open and booming. Blogging and alternative channels of news are replacing mainstream news, and criticism of the Iraq war and our current President (for instance) are at an all time high. I believe the Internet is the primary reason for such rapid disapproval percentages. Back in the days of Vietnam, you didn’t see hundreds of thousands of people protesting in the streets of New York before the invasion. You didn’t see approval ratings of the war and the president drop until after 20,000 of our men were killed. And you likely didn’t hear any open commentary on the TV about whether or not the Gulf of Tonkin Incident had actually occurred, since such news was dictated down to the media by the government, who simply transcribed and repeated the line. Why? Well, probably because the Internet as we know it today didn’t exist, nor anything like it at that time.

Now the tables are turned, as there is an infinite choice of outlets to get information at the click of a mouse. The Internet isn’t just a great resource for finding information, but also for finding diverse opinions, instead of canned opinions espoused by pundits. You see, news papers and TV stations and magazines are essentially owned by their advertisers. That doesn’t sound quite right at first but that’s the way it’s always been in the mainstream. What you see reported or discussed on TV is strongly influenced by the money that is coming in from advertisers. If a news report holds a potential for dramatically affecting the bottom line of a company that pays the news outlet money to advertise, it might choose to take it’s money elsewhere, lest the news outlet leave certain bits out, or drop a story all together. The increased use of the Internet for gathering and cross-referencing the veracity behind a headline or article or even an opinionated blog (like this one) is a sign of great change in our culture. Whether it be by leaving a comment, starting their own blog, using Digg to bring attention to something important, organizing a grassroots organization, whatever, the bottom line is the public now feels an increased sense of empowerment and participation and ability to be more involved with political movements.

But what if access were suddenly limited? What if, in a perfect George Orwell dystopia, the Internet as we know it died, and was replaced with one where public dissent is censored, its authors secretly jailed, and all the rest that goes with living within an absolute monarchy? How might a freedom-willed public which has roots going back to the Constitution or Bill of Rights counter act such an anti-democratic place when the most popular form of communication is swept out from under them and controlled by some invisible overlord?

Wireless Darknet

Remember Rick? The guy who had successfully sent data to someone else using a computer and his own CB radio? We’ve come a long way from that kind of technology. Today, we have Wireless B and G, soon to be Wireless N, and others yet to be invented. Wireless N is pretty noteworthy as it will be able to go about 4-8 times faster than Wireless G. Let’s put this in perspective. The average cable modem can download ~5 megabits of data per second and upload ~0.60 per second. Wireless N is capable of uploading and downloading ~240 Megabits per second simultaneously. That’s 48 times faster than cable!

Now, think back on how Bittorrent works. Every person (or node) on the network uploads and downloads to a few other people simultaneously as a collective swarm. This is called a mesh-topology, where each users acts as a client/server and pseudo-router at the same time. Lets say you were to build a network of a few thousand computers on a Wireless N backbone, combining the bandwidth of all nodes together, and you’d have yourself one damn fast network of computers. Those computers could all share their own resources with each other if they wish, such as files or other networks they’re connected to that are off the grid (such as the “real” Internet), acting as a source or simply an intermediary between two points.

So what does Orwell have to say about all this? Well, he’d probably pipe up and start asking about security. If your data is being transmitted over the web through dozens, if not thousands of other computers in the public, whats keeping someone from capturing your data out of the air and stealing information from you? The same question could be asked about the Internet as it exists today, but doesn’t come up much because you’re supposed to trust your ISP not to spy on you. One answer to this problem is strong encryption. In addition, cypher keys could shift at random intervals, making the task of locking onto one for the purposes of exploiting it extremely difficult, if not entirely pointless.

There are obviously more details and concerns that arise from attempting to build such a wireless darknet of sorts, but simply knowing that you could easily get it off the ground with the right software speaks volumes. Especially to the millions of people in America who already own wireless adapters on their home PC’s and Laptops. You theoretically wouldn’t even have to purchase any new hardware; it’s already in place if you live in the right neighborhood. The difference would be in how you use it, and a simple piece of software could take care of that.

The idea of a wireless darknet being built in a country where Internet censorship is exercised is not new, just unconventional for us at the moment. However, China is one country that has all the right ingredients for seeing such a technology take off: high-tech culture, dictatorship, aggressive suppression of political dissent, and most importantly a high population density. Now all they need is a little motivation. It doesn’t take much for us Americans to get motivated though. We’d more likely embrace a darknet of sorts simply to save a lot of money than we would to read the news or post a blog. Nevertheless, it is an option we have at our disposal.