As was foretold, we've added advertisements to the forums! If you have questions, or if you encounter any bugs, please visit this thread: https://forums.penny-arcade.com/discussion/240191/forum-advertisement-faq-and-reports-thread/
Options
Quick question: Cable vs. WiFi Secrurity
Alfred J. Kwak
is it because you were insultedwhen I insulted your hair?Registered User regular
is it because you were insultedwhen I insulted your hair?Registered User regular
Hey there, I had a argument with a friend about whether or not WiFi connections are more secure than cable connections. He especially pointed out that's easier to track people with cable connections . I consider us both novices at best in this area, so some outside help is due to solve this silly situation.
Alfred J. Kwak on
0
Posts
WiFi has the ability encrypt data being transmitted, however, anyone can monitor it with the right equipment.
Regardless of encryption of traffic, hardwire networks will always be more secure.
Wireless connections, however, remain forever more vulnerable to outside scamps trying to steal your WiFi.
Bastards locked me out of a router, idiots.
Though on my personal and extended family I configure wireless with WPA2 encryption. There's no such thing as a 100% secure network, but the existing security options are enough to dissuade most unauthorized access attempts.
Then shout something at person #2 and ask person #3 what you said.
EDIT: "easier to track" doesn't make any sense. ANY connection can be tracked. Something connected with WiFi is connected to a wired connection somewhere. And everything has an IP address and, more specifically, a unique MAC address. So unless they are looking for some very narrow definition of "security", wired is almost always going to win.
Um your analogy is assuming the wireless network is unencrypted.
It is more like taking 2 other people, one of which speaks French, and one that doesn't. Now yell something in French to the second person. The third person heard what you said, but needs to spend the time to go look it up in order to figure out what it means.
While people will be able to see all of your packets, they will not be able to know what is in them unless they have the proper software to decrypt your wireless. That being said, it is not really difficult for someone to be able to do that if they are willing to put the time into it.
Is the OP asking about someone hacking into their network from the internet? Or from inside their network? If it is from the internet, then it is a moot point, like EggyToast said, since the security at the outside connection is the only barrier they need to get through.
My analogy is perfect, not assuming anything. You pointed out that they could say something person #3 doesn't understand (encryption) but they are still picking up what you said even if they don't understand it. No different than encrypting stuff on a wired connection, really.
In this analogy WEP is pig latin.
Ok, I see what you are saying. But isn't the whole point whether or not the third person can make any sense out of the data? Who cares if they can hear you if they do not know what it means?
I think that's the problem this entire thread has, we don't really know what the OP means by "security".
But keep in mind that wired connections can be encrypted as well, so by that measure there is really no difference.
But the reason it doesn't have security like that by default is because there's practically no reason to.
The fact that he yelled it in French and you heard it, gives way more of a security hole. Once he finds out you're speaking french, he can start speaking to you two as well, or use the secret information in a bad way.
Exactly.
By definition, any Internet connection has to be addressible. The mailbox metaphor (as opposed to any gooseyness about dump trucks and tubes), is still a pretty good one. When you send a letter in the postal mail, you have to put your address on or in the letter if you want a reply. Your mailbox has to be in a known location if you want the postal worker to deliver it.
While network addresses are much more fluid and ephemeral than house numbers and street addresses, they're still fixed and known for at least the duration of the connection. Any IP address can be tracked to some level of fidelity - the large IP blocks have published assignments. Regional blocks can be tracked by more granular databases (MaxMind has their relatively popular GeoIP product for doing exactly this). Of course, once it gets down to the individual ISP, finding out which IP address was assigned to which subscriber account at any particular time would require cooperation with that ISP - correlating their use account database with their network logs and DHCP lease server records. Generally, you'd better come with a warrant if you want that.
The ridiculous "network traces" you see on TV shows where a line traces itself across a map - that doesn't really happen in real life. Or rather, it happens ALL THE TIME in real life, just minus the CSI or NCIS cyber-geek watching it happen in real-time - your Internet connection is as a matter of course routed all over the place. It might not be the same path every day. It might even take a different route outbound than it does returning to you. And that route may differ yet again depending on where your connecting to is (your route to Google might differ greatly than the one you take to the PA forums). Accurately geo-locating each hop is the fantasy. And few places have the infrastructure or the automation to give a "OMG it's coming from inside the house!" accuracy. You usually have to correlate a lot of data in a lot of different places, and completely tracing it is seldom automated.
With a wireless connection, you could identify an signal and triangulate it with the right equipment, something you can't do with a wired connection (at least, not without direct knowledge of the network configuration and the details of the wiring plant).
I suppose if you used only Starbucks' open wifi access points, and moved around frequently. But then the AP could log your MAC address, and that could be linked uniquely to your device (it's *supposed* to be a unique identifier, it isn't always). It can be changed if you root the device, I suppose. You can also never sleep in the same place twice...
What's the risk you and you friend are concerned about in terms of being located? It's somewhat a prerequisite of using a network at all.
Bowen really brings up a really well-stated point. Wireless lowers the bar for the attacker in terms of effort. Most wireless cracking can be done offline and passively (read undetectable).
It's important to realize that the state of the art in terms of encryption cracking has been accelerating faster than most consumers realize. I'm sure most forumers realize that no WiFi encryption at all is asking for trouble and unauthorized connections on their access point. WEP is badly flawed, and can easily be cracked with open-source tools in seconds.
WPA is good - but it's no longer any assurance of privacy or security either. With the right tools and circumstances, even that can be cracked. Exploiting implementation flaws that have been discovered over time, it's quite feasible for the at-home cracker to break WPA pre-shared keys (PSK, which is what most of us home users would choose, since I don't think most of us run RADIUS servers). It's not trivial, but it's doable for the at-home cracker to break dictionary passwords. If you've sprung some multiple of $10K, you can use rainbow tables to crack even relatively strong passwords.
tldr; wireless has conveniences and some security, wired is relatively more secure.
I had a program that did literally exactly this 10 years ago.
I could find it again if I had to.
I can name several. NMAP's got a pretty cool network mapping tool nowadays. It can get confused though.
I already stated it could be done. Like I said, the absolute accuracy that the TV shows and movies portray is the fiction.
Also, it's not possible to look at a packet and tell where it's been. You can tell where it claims to be from, and where it's going, and the last place it claims to have come from. Where it went along the way isn't stored. While it can be inferred to some degree, the only accurate way would to correlate that packet with records (if they exist at all) at each hop (or at least most).