Jump to content
CCleaner Community Forums
hazelnut

Something to check if you own an ipad

Recommended Posts

New ipad owners often get the Apple Store to help set it up and show them a few how to's.

 

You may want to read this if you did too.

 

What’s now evident is that a large number of devices are leaving Apple stores after having been connected to an insecure network leaving them at risk for years to come. Let me explain.

 

http://www.troyhunt.com/2013/04/your-mac-iphone-or-ipad-may-have-left.html

Share this post


Link to post
Share on other sites

I browsed the article, but basically what I got was that his ipad was auto connecting to any network called "apple demo" because he got his ipad set up at the apple store. I guess I can see why this is a problem but my cell phone does this too. I have a galaxy s3 and it auto connects to "ATT Wifi" networks without my consent all the time. (as well as any network with the same name I've connected to before). Maybe I'm wrong but this isn't so much an apple/ipad issue as just a general wifi/security issue because windows/mac/android devices will do the same thing. You can of course disable this behavior on all these devices. On windows always uncheck the box that says auto connect when you get on a public network.

Share this post


Link to post
Share on other sites

right but a lot of users (without said forum post/article) don't realize that that network (or even Starbucks) is always being looked for, they just know "when I go into applestore/starbucks it magically connects". which means anyone with a mobile hotspot can fake those locations and malware you

same as leaving your home net called "netgear" or "dlink" or (dread) "default".

Edited by Nergal

Share this post


Link to post
Share on other sites

Mine is gleefully named after my older cat :)

Now I need your Mother's maiden Name :o

Share this post


Link to post
Share on other sites

Now I need your Mother's maiden Name :o

 

Spoiler: I make all the security question's answers my password, so I don't forget :)

Share this post


Link to post
Share on other sites

They should force apps to exclusively use HTTPS - problem (mostly) solved. As a general rule, I never insecurely submit passwords on a wifi connection that I don't personally own.

 

Why are we still identifying routers by their name, anyway? Way too much possibility for conflicts and general chaos. Perhaps a unique serial key identifying AP's would be much better.

Share this post


Link to post
Share on other sites

My Wi-Fi denies all connections that I haven't already manually inputted the MAC address for myself, it's a bit of a pain to manually input everything but way more secure.

Share this post


Link to post
Share on other sites

My Wi-Fi denies all connections that I haven't already manually inputted the MAC address for myself, it's a bit of a pain to manually input everything but way more secure.

I do the same with the WiFi controls on my Router,

and that permits access to my Internet broadband for only the MAC addresses I have set up.

This blocks all outsiders - APART FROM any miscreant that his able to spoof one of my approved MAC addresses.

 

However, I am not aware of any ability in Tablets for setting the MAC address of the Router,

so I assume my Tablet could be captured by my neighbour's Router if he uses the same SSID and Security Key and has a much stronger signal.

Share this post


Link to post
Share on other sites

However, I am not aware of any ability in Tablets for setting the MAC address of the Router

 

In my config screen it logs and keeps a record of what has attempted to use my network. It's of course much easier to allow a device if someone names it properly such as "PersonsName_DeviceName" to know it's safe to allow.

 

Now the new Amazon Kindle Fire HD my mother bought and I allowed to access my Wi-Fi was a pain in the backside and some uneducated person from Amazon's customer support stated "it doesn't have a MAC" which was false info because it wouldn't even be able to use the Internet without one. So as I was looking for the MAC address in the Kindle itself with no success I instead had to look at my network logs to find it and finally allow it. I wouldn't stupidly lower network security to allow any and all devices access simply because someone at Amazon has stupidly in development omitted the showing of the MAC address via some deep config settings like was present in the original Kindle from years ago.

Share this post


Link to post
Share on other sites

... instead had to look at my network logs to find it and finally allow it.

So would it be true to say that Tablets are dumbed down computers that protect the user from the truth :unsure:

 

I have a Tablet and my Router has its MAC address on its approved list.

My Tablet knows my Router SSID because my daughter has gadgets that stop working if I disable SSID transmission.

My Tablet (and daughter's gadgets) have been given the WiFi WAP2 password.

 

From a quick read of the article Hazelnut linked to I have assumed that the danger is that,

Taking my Tablet with WiFi still enabled to a place with Public WiFi it will naturally default to use whatever it can access, especially if it is non-secured.

I would like to think it will wait for me to approve before connecting to a WiFi it has never used before.

I would like to think I would never mindlessly click and approve in that situation.

 

Is it feasible to permanently once and for all protect myself by configuring the Tablet to only connect to the MAC address of my Router ?

 

Regards

Al;an

Share this post


Link to post
Share on other sites

Depends upon the device I suppose. The way most home Wi-Fi's are configured is to ease the usage of any and all devices from tablets, game consoles, etc., but in my opinion they could be more secure and locked down especially if they're always broadcasting their presence/availability.

 

You could go the MAC address approach. There's also the approach of creating what I would deem "a new sub-network" (don't know if that is correct terminology because I'm not a network expert), and on that "sub-network" you can allow devices to use it, i.e.; on mine I can do that and instead of messing with MAC addresses I can tell it to let SomePersonsName_DeviceName always be allowed a connection either firewall'd or not firewall'd, etc., I prefer to have them firewall'd to protect the devices themselves from intrusion/malware.

Share this post


Link to post
Share on other sites

I'm also a MAC Address man with router settings, and all devices have unique personal names.

 

Apparently it's still feasible in theory to get past this, but it's like securing your house. If there's anything you can do to make it that much more difficult for the bad guy to get in then it's worth doing.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...