The Illusion of WiFi Anonymity Is Gone For Most Comcast Users and WPA2-PSK Security Can Be a Myth

banditThe illusion of WiFi anonymity is gone for Comcast users.  Many of my acquaintances have purposely named their WiFi routers with innocuous names thinking that it helps keep them below the radar of eavesdroppers.  Unfortunately, Comcast is turning their WiFi routers into public hotspots if they use a Comcast / XFINITY provided router. 

Oops – The spotlight just went on to expose their pseudoally humble digital abodes. 

Click here to read additional details about Comcast / Xfinity hotspots:

In truth, they were always open to eavesdropping even if they were using WPA2-PSK encryption on their routers thanks to their own generous natures. 

In most cases, they gave their WiFi passkey to extended family, friends and visitors thinking that the encryption kept them safe from intruders.  (The discussion about related liability is a separate topic).

Little did they realize that WPA2-PSK is relatively easy to hack thanks to their own attitudes of sharing.  Eventually, a determined or even not so determined eavesdropper will acquire their passkey and then with some readily available software tools crack the WPA2-PSK encryption and snoop through all the traffic going through their WiFi routers.

An article on the “How To Geek” website walks us through the depressingly simple process of cracking WPA2-PSK encryption in an effort to alert us to our illusion that the encrypted protection we’ve trusted is easily mutated into a myth.

Face it, most residential WiFi users are clueless about the scope of their vulnerability even if they actively trying to do everything right.

Read the How To Geek article and then turn into the Grinch, not sharing your WiFi passkey with anyone and actively distrusting everyone … even the person looking back at you in the mirror.

Folks like Steve Gibson of Gibson Research know how to secure their home networks but most of us struggle to even stay current with the names of the security holes, threats and exposures that plague us constantly, let alone keep all the holes plugged.

 

 

How do we stay relatively safe in this ever changing security nightmare environment? 

We must incessantly read articles by respected security focused authors while at the same time actively distrusting what they are saying unless it is confirmed by other similarly respected authors.  Focus on security experts, not news organizations who rarely understand the topic in any depth and parrot security news with some abandon.

Steve Gibson and Leo Leporte talk about security in Steve’s weekly “Security Now” webcast.    

You may not understand everything Steve is talking about but he’ll clearly tell you when to gather up your skirts and hunker down by the fire.  

Leo has coined the constant security hacks and warnings in the news as “Breach Fatigue“.  He is right about the fatigue.  Nothing seems safe in the digital security world and maybe it isn’t.  We simply stop listening to security news due to the constant reports of security failures and our own inability to keep up with the recommended security practices needed to ‘be safe’.

Few if any of us will stop using the Internet though, thus we need to do our best to be as security intelligent as possible and actually practice the security instructions that we are given by folks like Steve.

Good luck.  If we opt to stay current with the best security practices and secure applications, we may end up being dragged screaming into the realm of security shows and articles by folks like Steve.  At least we are learning by being involved in that venue and actively engaging in the best security practices that we’ve learned there.

Don’t you sometimes long for the Rose Colored Glasses we have all worn from time to time?

© Article Posted 9 December 2014 by Lee R. Drew on Lee Drew’s Views

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s