UKBouldering.com

IT News (Read 167938 times)

BB

Offline
  • ****
  • junky
  • Posts: 927
  • Karma: +38/-0
  • Sissy climber
#75 Re: IT News
June 15, 2010, 04:10:15 pm
I can't see many corporate entities rushing to convert to IPv6. As far as I can see it's and enormous amount of expense and network upheaval for not a lot of benefit. What difference does it make if you use NAT or IPv6 for your internal network?

dobbin

Offline
  • *****
  • Global Moderator
  • forum hero
  • Posts: 3708
  • Karma: +147/-9
  • Buoux 7a
#76 Re: IT News
June 16, 2010, 09:13:39 am
Totally agree - i mean, if it aint broke etc. Especially, security takes on a whole new importance in the new post IPv6 world. And it doesnt matter if you use NAT and private IP addressing schemes, except perhaps in terms of load on routers maintaining NAT tables, but again - they are coping, so why change?

Reckon the first big leaps in this will come from either greenfield sites, mobile things (such as embedded SIM and smart metering and all that) and then asia.

"Hang on, I cant ping the toaster!"

Tris

Offline
  • *****
  • forum hero
  • Next left...
  • Posts: 1400
  • Karma: +28/-3
    • Cheshire Climbing

Tris

Offline
  • *****
  • forum hero
  • Next left...
  • Posts: 1400
  • Karma: +28/-3
    • Cheshire Climbing
#78 Re: IT News
June 30, 2010, 01:32:08 pm
Storage going daft  :o - 3TB external drives

Tris

Offline
  • *****
  • forum hero
  • Next left...
  • Posts: 1400
  • Karma: +28/-3
    • Cheshire Climbing
#79 Re: IT News
August 19, 2010, 02:41:54 pm

Johnny Brown

Offline
  • *****
  • forum hero
  • Posts: 11575
  • Karma: +719/-22
#80 Re: IT News
August 19, 2010, 02:48:03 pm
Storage going daft  :o - 3TB external drives

Quote
While the 3TB version sells for just $250 in the US, it will cost £329 in the UK

How the fuck do they justify that?

Jaspersharpe

Offline
  • *****
  • forum hero
  • 1B punter
  • Posts: 12344
  • Karma: +600/-20
  • Allez Oleeeve!
#81 Re: IT News
August 19, 2010, 03:53:42 pm
Absolutely brilliant takedown of Paul McGuinness' idotic GQ piece:

http://xrrf.blogspot.com/2010/08/bonos-friends-how-to-save-music.html

No wonder he and Bono get on well.  :wank:


slackline

Offline
  • *****
  • forum hero
  • Posts: 18863
  • Karma: +633/-26
    • Sheffield Boulder
#82 Re: IT News
September 09, 2010, 05:52:01 pm

Jaspersharpe

Offline
  • *****
  • forum hero
  • 1B punter
  • Posts: 12344
  • Karma: +600/-20
  • Allez Oleeeve!
#83 Re: IT News
September 30, 2010, 03:39:13 pm
Twattish bully boy lawyer pisses off 4chan. Only one winner.......

http://theitlawyer.blogspot.com/2010/09/not-good-week-for-andrew-crossly.html

slackline

Offline
  • *****
  • forum hero
  • Posts: 18863
  • Karma: +633/-26
    • Sheffield Boulder
#84 Re: IT News
October 01, 2010, 01:44:34 pm

slackline

Offline
  • *****
  • forum hero
  • Posts: 18863
  • Karma: +633/-26
    • Sheffield Boulder

slackline

Offline
  • *****
  • forum hero
  • Posts: 18863
  • Karma: +633/-26
    • Sheffield Boulder
#86 Re: IT News
October 28, 2010, 05:35:22 pm
Not seen it mentioned here despite cropping up a few days ago.

People might want to be wary of using unencrypted WiFi networks as there is a Firefox plugin called Firesheep that allows users to steal account login details from others using unencrypted WiFi connections.

See one article (of many) on it here.

One solution is to use the HTTPSEverywhere plugin to ensure that your connection to the site is encrypted even if the WiFi you're connected over isn't.

Stubbs

  • Guest
#87 Re: IT News
October 28, 2010, 09:49:09 pm
Erm if I have to type in a password to use by interweb connection, does that mean it's encrypted or just password protected? Is this something I should be setting up on my router or on my laptop?  (Yes I know I could Google this stuff, but I'm really not that bothered and I'm sure the answers are to hand for others!)

tomtom

Offline
  • *****
  • forum hero
  • Posts: 20325
  • Karma: +647/-11
#88 Re: IT News
October 28, 2010, 10:14:50 pm
Probably yes. Slackers knows more than me on this, but afaik when you connect it will say if it is an 'unsecured' network... (or not). Online banking things and shopping (where the padlock icon appears in your browser) are OK - or any address with https:// instead of http:// are OK... as this encrypts your data as you send it to and from your PC to the server etc..
The security gap highlighted by the firesheep plug in allows you to pick off usernames and passwords for sites like facebook and twitter that do not use a encrypted connection when you log in and off... (I think~!)

T

slackline

Offline
  • *****
  • forum hero
  • Posts: 18863
  • Karma: +633/-26
    • Sheffield Boulder
#89 Re: IT News
October 29, 2010, 12:00:57 am
There are two layers of encryption, one for connecting to your router which will be one of WPA (old and dated), WEP (better, but also superseded by...) WEP2.

You set which of these you want to use on your router and set the password.  Then every device that connects to the router (laptop, PS3, Xbox, smart phone etc.) has to provide the password.  You'll likely have come across this in public WiFi where you need to get a password from the store owners.

If you are not using this then you are vulnerable to the Firesheep exploit.

You then have a second layer of encryption after having established a connection to a WiFi router which kicks in when you are connecting to a web-site, and this is provided by Secure Sockets Layers (SSL), and when you attempt to connect to a site you will be asked for a username/password, once logged in you will have https at the start of your URL and the padlock on the bottom of your browser will be "locked".

There are however many web-sites (e.g. UKBouldering, Farcebook, Twitter) which require log-in but do not use SSL to encrypt things.

If you're using sites that require login but do not use SSL and you are connected via a WiFi that isn't using WPA/WEP/2 then you can have your usernames and passwords sniffed (irrespective of whether your using Firefox or not, since the Firesheep plugin is simple a way of getting this information from others).

So to answer your questions directly...

Erm if I have to type in a password to use by interweb connection, does that mean it's encrypted or just password protected?

If you are typing your password in to use your internet connection each and every time you connect to your home router then you are likely using WPA/WEP/2, but should really set your laptop to remember it so you don't have to type it in every time you connect.


Is this something I should be setting up on my router or on my laptop?

Both, but as I say it sounds as though you already have it in place.

Also if you use Firefox then install the plugin I suggested.

Tris

Offline
  • *****
  • forum hero
  • Next left...
  • Posts: 1400
  • Karma: +28/-3
    • Cheshire Climbing

Tris

Offline
  • *****
  • forum hero
  • Next left...
  • Posts: 1400
  • Karma: +28/-3
    • Cheshire Climbing

slackline

Offline
  • *****
  • forum hero
  • Posts: 18863
  • Karma: +633/-26
    • Sheffield Boulder
#92 Re: IT News
November 09, 2010, 01:16:27 pm

fatdoc

Offline
  • *****
  • forum hero
  • Posts: 4093
  • Karma: +100/-8
  • old and fearful
    • http://www.pincheswall.co.uk
#93 Re: IT News
November 10, 2010, 03:04:00 pm
There are two layers of encryption, one for connecting to your router which will be one of WPA (old and dated), WEP (better, but also superseded by...) WEP2.

You set which of these you want to use on your router and set the password.  Then every device that connects to the router (laptop, PS3, Xbox, smart phone etc.) has to provide the password.  You'll likely have come across this in public WiFi where you need to get a password from the store owners.

If you are not using this then you are vulnerable to the Firesheep exploit.

You then have a second layer of encryption after having established a connection to a WiFi router which kicks in when you are connecting to a web-site, and this is provided by Secure Sockets Layers (SSL), and when you attempt to connect to a site you will be asked for a username/password, once logged in you will have https at the start of your URL and the padlock on the bottom of your browser will be "locked".

There are however many web-sites (e.g. UKBouldering, Farcebook, Twitter) which require log-in but do not use SSL to encrypt things.

If you're using sites that require login but do not use SSL and you are connected via a WiFi that isn't using WPA/WEP/2 then you can have your usernames and passwords sniffed (irrespective of whether your using Firefox or not, since the Firesheep plugin is simple a way of getting this information from others).

So to answer your questions directly...

Erm if I have to type in a password to use by interweb connection, does that mean it's encrypted or just password protected?

If you are typing your password in to use your internet connection each and every time you connect to your home router then you are likely using WPA/WEP/2, but should really set your laptop to remember it so you don't have to type it in every time you connect.


Is this something I should be setting up on my router or on my laptop?

Both, but as I say it sounds as though you already have it in place.

Also if you use Firefox then install the plugin I suggested.

just seen this, where do I stand with the static MAC typed in only access system I have for my home network? I dont have WEP etc.. enabled. This all started with me getting a ps3 to work with voice whilst online gaming... for which I got some awesome advice of slackers & bubba at the time.

BTW all computers are apple, with safari as default browser if that makes a difference.

cheers.

slackline

Offline
  • *****
  • forum hero
  • Posts: 18863
  • Karma: +633/-26
    • Sheffield Boulder
#94 Re: IT News
November 10, 2010, 03:24:46 pm
just seen this, where do I stand with the static MAC typed in only access system I have for my home network? I dont have WEP etc.. enabled. This all started with me getting a ps3 to work with voice whilst online gaming... for which I got some awesome advice of slackers & bubba at the time.

BTW all computers are apple, with safari as default browser if that makes a difference.

cheers.

Well the exploit is a Firefox plugin (called Firesheep), but it simply snoops on data passing over an unencrypted network (such as yours as you say you disabled WEP/WPA, the fact that you assign IP address' statically based on MAC address' is irrelevant here).

If someone else is sat outside your house and using this Firesheep plugin they can sniff out your personal connections because data passing between Safari on your Apple devices to the server (Farcebook etc.) is unencrypted (see one anecdotal example of someone sniffing on their own Safari usage).  So you are vulnerable.

I'm not overly familiar with OSX/Safari so my advice is limited but...

a) Make sure you always use SSL authenticated sessions this is when the URL starts with https and you have a little padlock that is locked in the bottom of most browsers to indicate that you are securely connected.

b) Try the OSX support site/forums for more info e.g.

If you were using Firefox (which is I believe available for OSX) then you could install the above mentioned Firefox plugin which automagically forces sessions to be SSL authenticated.  I don't know if similar plugins/settings are available for Safari though.

fatdoc

Offline
  • *****
  • forum hero
  • Posts: 4093
  • Karma: +100/-8
  • old and fearful
    • http://www.pincheswall.co.uk
#95 Re: IT News
November 10, 2010, 03:31:35 pm
cheers mate... awesome advice as usual.

so, to take it back to basics... even if I got WEP ( for example) enabled I can still be snooped on, & even if I'm not putting passwords / private date through the computers at home soemone can *look in* find that data from one of my computers and nick it for malice? Or is it not that bad & i Just always ensure I have ssl / the padlock when typing in credit card details / on line bank?

To put it simply, do I keep the static network but enable WEP etc.. to be safe or am I screwed whatever unless i move to firefox & get this plugin.

I'm likely to have got the wrong end of the stick.... I apologise for my lack of router / wifi savy.. I've never really got it.. obviously.

slackline

Offline
  • *****
  • forum hero
  • Posts: 18863
  • Karma: +633/-26
    • Sheffield Boulder
#96 Re: IT News
November 10, 2010, 03:49:29 pm
cheers mate... awesome advice as usual.

so, to take it back to basics... even if I got WEP ( for example) enabled I can still be snooped on,

No, not with Firesheep, it only works on unsecured wireless networks that are not using WEP or WPA/WPA2.

To put it simply, do I keep the static network but enable WEP etc.. to be safe or am I screwed whatever unless i move to firefox & get this plugin.

The 'static network' part is how IP address' are assigned to devices connecting to your network and has nothing to do with it at all, so leave it as it is.

Just always ensure I have ssl / the padlock when typing in credit card details / on line bank?

This should happen anyway with banks (it would be a shit online banking service if they didn't already use it), and personally I'd never buy anything from a web-site that doesn't use SSL (padlock in bottom corner).  Thus you are likely already protecting yourself on the money transaction front simply through your behaviour.

The point of Firesheep is that it allows you to snaffle username and passwords from sites that require login information but don't use SSL to do so, such as social networking sites like Farcebook and Twatter and likely even UKB.  The HTTPSEverywhere plugin for Firefox simply forces the use of https if it is available on these sites thus preventing Firesheep from sniffing.

If you're bothered about people sniffing on your Farcebook/Twatter/UKB accounts (some of which may well contain a lot of detailed personal information depending on what you've/members of your family have added to their account) then you might consider switching to Firefox and using that plugin or more practically seeking advice on the Apple forums as to how to get Safari to do the same.






fatdoc

Offline
  • *****
  • forum hero
  • Posts: 4093
  • Karma: +100/-8
  • old and fearful
    • http://www.pincheswall.co.uk
#97 Re: IT News
November 10, 2010, 06:50:00 pm
 :bow:


many thanks


slackline

Offline
  • *****
  • forum hero
  • Posts: 18863
  • Karma: +633/-26
    • Sheffield Boulder
#98 Re: IT News
November 12, 2010, 11:44:58 am

slackline

Offline
  • *****
  • forum hero
  • Posts: 18863
  • Karma: +633/-26
    • Sheffield Boulder
#99 Re: IT News
December 02, 2010, 01:20:15 pm
Protect your browsing history although technically that just tells you the information they'd harvest, if using Firefox or such like use NoScript to block everything and then allow those sites that you trust (temporarily too if ultra-paranoid).

(BBC News article)

 

SimplePortal 2.3.7 © 2008-2024, SimplePortal