Unsecure Wifi Connections Spell Big Trouble for Home Wifi Users

Facebooktwittergoogle_plusredditpinterestlinkedinmail

Is your home Wifi connection wide open for anyone to use?  If it is, two  recent home Wifi horror stories might wake you up before it’s too late.

It looked like a scene straight out of SWAT Team Tech. This summer, heavily armed police broke down the door of an Evansville, Indiana home, smashing windows and lobbing a flashbang stun grenade into the livingroom. The SWAT team was convinced that someone in the house had made anonymous threats of violence against police that were posted online. But according to the Evansville Courier and Press, when police entered the house, what they found was a terrified teenager named Stephanie Milan watching the Food Network.  After investigating, the police realized their mistake. The IP address they’d traced back to the poster belonged to an unsecure Wifi router at the Milan residence. That meant the online threats against the police could have been made by anyone in the vicinity who used their Wifi connection.  As it turned out, that’s exactly what happened.  Police later identified another suspect living in a house on the same street.

Judge Says an IP Address Doesn’t Prove Personal Identity

 

During the past five years, unsecure home Wifi connections have been the catalyst for a wide variety of lawsuits and over-the-top police raids – especially ones involving terrorist threats, child pornography and copyright infringement.  In a landmark case, New York Magistrate Judge Gary Brown recently issued a scathing ruling that the use of an IP address alone is not sufficient proof that a specific person downloaded files illegally, especially in BitTorrent lawsuits (those involving peer-to-peer filesharing of large amounts of data over the Internet).  In his decision on a BitTorrent lawsuit on the alleged downloading of a pornographic video, Judge Brown observed that 61% of US homes now have home wireless access.  He said that makes proving who’s using a particular IP address extremely problematic:

It is no more likely that the subscriber to an IP address carried out a particular computer function – here the purported illegal down-loading of a single pornographic film – than to say an individual who pays the telephone bill made a specific telephone call … Unless the wireless router has been appropriately secured (and in some cases, even if it has been secured), neighbors or passersby could access the Internet using the IP address assigned to a particular subscriber and download the plaintiff’s film.

The decision is important for anyone with an Internet connection, especially those who use a shared or unsecure Wifi connection and those who use BitTorrent filesharing.  It also highlights how vulnerable home wireless networks are to hackers.

Researchers Say Time Warner Distributes Unsecure Wifi Routers

 

That’s not all.  A young security researcher and entrepreneur named Chris Naegelin recently discovered that securing your home Wifi connection might not always be in your control. According to a July article in Forbes, Naegelin discovered that a Wifi router installed by Time Warner Cable in his Brooklyn apartment didn’t have the most basic security features to protect anyone using it.  When Naegelin tried to change the password to the Arris TG852 router to one that was more secure, he couldn’t do that because the password was hardcoded.

Even worse, the factory password was nothing more than the device’s model number and the last six characters of the MAC (Media Access Control) address – which makes it extremely easy to hack with readily available tools.  Using a few simple tricks, Naegelin and fellow researcher Charlie Vedaa found they could access any Wifi network running the Arris device, alter its settings and bypass its authentication to compromise hundreds of thousands of routers over the Internet.  “I basically found there was no way to secure the device other than to unplug it,” Naegelin told Forbes. Arris told the magazine that, since learning of the questions raised about its product’s vulnerability, it’s been working to determine the level of risk and appropriate responses.

It’s Time to Wake Up to Home Wifi Dangers

Do you know how to secure your home Wifi connection?  Both the FBI and the FTC recommend changing the default identification and the administrative password on your wireless router. Creating a long strong password of letters, numbers and symbols and using WPA2 security are also critical for your online privacy.

 

What’s more, using VPN software like PRIVATE WiFi™ is critical for your online privacy. VPNs encrypt the information sent to and from your computer.  That makes it invisible to hackers.

If your Wifi connection was hacked at home, we’d like to hear what happened.  Drop us a line and share your story.

 

 

Get Private Wifi   Protect your personal information.
Get DataCompress   Cut your mobile data usage.

Jan Legnitto

Jan Legnitto is an investigative journalist and documentary producer who writes about criminal justice and intelligence issues. Jan is also a frequent contributor to the Private I blogs.

2 Responses

  1. hotchocolates says:

    My internet was hacked last summer, it was protected username and password, I did not receive the notification that we were getting close to our limit nor when we exceeded our limit, in Canada we are capped and the overage would have cost us 25.00.

    I called my internet company and thankfully they gave us a credit.

    As I used to be adsl tech I thought that would be enough to secure my network.

    I have since gone to mac filtering what devices are able to access my wireless internet that seems to be working.

    I have not not been hacked since.

  2. Kenpoboot says:

    We weren’t hacked, but I didn’t like the fact that the guy that set our router and everything up ‘had’ to put in the name and password. Right after he left our house I changed both myself. Don’t trust people, especially since the same guy needed my help to enter identifying information for the equipment, and he forgot his cell phone in my basement. It took him two and a half hours to install the equipment, the router, as wiring and everything else was already set up. He was high tech, but I could see someone like this looking to make a few bucks and selling his list of information to someone else. Not on my system you don’t.