Defensive computing at a hacker conference
If there were ever a place be obsessively careful, it's at the Last HOPE hacker conference.
If there were ever a place for Defensive Computing, it's at a hacker conference.
So while attending the Last HOPE conference, a number of my previous postings came to mind.
First, there was the list of available Wi-Fi networks (see below) at the conference which, at times, showed four computer-to-computer networks (using the Windows XP terminology). These networks, also known as ad-hoc networks, are not governed by a router. While they may be set up on purpose, they are more likely to be accidental creations on the part of nontechnical computer users, or a purposeful trap set by someone with ill intentions. I wrote about this back in May. (See "A warning about 'free' public Wi-Fi.")
Everyone knows not to send anything sensitive, such as a password, over a wireless network. At a hacker convention, even a wired Ethernet connection to the outside world should be treated with caution. Not to pick on hackers, at any convention or at any hotel, a wired Ethernet connection deserves the same caution as a public wireless network. Back in January, I wrote that "wired connections to the Internet in a hotel are not, by their very nature, more secure than wireless connections." (See Ethernet connections in a hotel room are not secure.)
What to do? Rent a personal VPN.
The classic use for a VPN is an employee of a company using it to make a secure, encrypted connection to the office. But someone without a corporation, can rent a VPN that offers a secure connection to the VPN provider. Once data gets to the VPN company, it is dumped, unencrypted, on the Internet with everything else. The point is to encrypt everything coming into and out of your computer to protect it from any local bad guys.
The downside is speed. The speed test at Speakeasy.net showed that while I was connected to my VPN, the speed dropped by over half compared to using the Internet in an unprotected way.
The laptop I had with me was running the Online Armor firewall instead of ZoneAlarm, and as I noted a few days ago, I really missed not being able to see a log of intrusion attempts on my machine. At home, behind a router on my personal LAN, this isn't very interesting. But at a hacker conference, using a shared Wi-Fi network, it would have been fascinating to see who, if anyone, was knocking on my virtual door.
Something easily overlooked when connecting to public networks is file and printer sharing. While it's not the be all and end all, you're safer with it turned off. Windows XP users can find this with Control Panel -> Network Connections -> Properties of the network connection (you may want to do this for both wired and wireless networks) -> General tab -> checkbox for "File and Printer Sharing for Microsoft Networks."
Another easily forgotten protection involves turning off the wireless radio when you are not using it. This goes beyond the obvious issue of disconnecting from a public Wi-Fi network when you don't need it. There was a case where, due to a bug in some driver software, a computer could be hacked even when it was not logically connected to any network. All that was needed was for the Wi-Fi radio to be physically turned on. Plus, turning off the radio saves battery power.
Some laptops have a physical switch that turns off the radio. ThinkPads use Function-F5. As a last resort, Windows XP users can disable the Wi-Fi network. In my experience, that also turned off the radio.
Update July 19: Added topics on file and printer sharing and turning off the radio--thus proving, they are easily forgotten.
See a summary of all my Defensive Computing postings.