Well, it turns out there’s a significant backdoor in most routers that can be exploited – in the form of a technology called WPS. Read on to find out how the hack works, how to test your own network, and what you can do to prevent it.

Background

WPA itself is quite secure. The passphrase can only be broken through brute force, so it’s only realistically hackable if you’ve chosen a weak single-word passphrase.

WPS on the other hand is a technology built into most wifi routers that allows you to easily bypass the WPA password by either using a physical PIN that’s written on the side of the router, or a button that you can press on both devices in order to pair them.

It turns out that the WPS PIN – a measly 8 digit numeric code – is very much vulnerable to brute force attacks. Assuming a susceptible router and good signal, the WPS PIN can be hacked in as little as 2 hours. Once the WPS PIN is obtained, the WPA passphrase is also revealed.

Reaver, released by Craig Heffner and available to download on Google Code, is a practical implementation that you can point and shoot at viable networks. Here’s a video of it in action (skip to the end if you want to just see the entire passphrase revealed to the attacker):

Stefan Viehböck also discovered the same vulnerability independently and has released a similar tool which you can download. Here’s a video of Stefan’s app in action:

Mitigating the Attack

There are a few methods of mitigating the attack. The first is to completely disable the WPS option on your router. Unfortunately, this isn’t possible on every router and is usually enabled by default, so non-tech savvy users are susceptible here.

Not only that, but I found that on my router, the option to DISABLE WPS PIN didn’t actually disable the PIN that written on the side of the router – only the user-defined PIN. I quote:

When it’s disabled, users still can add a wireless client through WPS with either Push Button or PIN Number method.

So in some cases, it seems this is a permanent backdoor that cannot be mitigated by user settings alone.

A second option is to disable the wireless network entirely on susceptible devices, though obviously this isn’t going to be a viable option for most users who need the wifi functionality for laptops and mobile devices.

Advanced users among you may be thinking at this point about MAC address filtering to set up a list of specific devices allowed to join the network – but this can be easily circumvented by faking the MAC address of an allowed device.

Finally, devices can initiate a lock out when successive failed attempts are detected. This does not completely mitigate an attack, but does increase the time needed to complete it significantly. I believe Netgear routers have an automatic 5 minute block built-in, but in my testing this only increased the attack time required to about a day at most.

A firmware update could increase the time for which devices are blocked, thereby exponentially increasing the total time needed for an attack), but this would need to be either user-initiated (unlikely for most users) or performed automatically when the router restarts (as is often the case with cable services).

Try It Yourself

For those who wish to test their own home setups for the vulnerability, you can obtain the latest code from the Reaver project on Google Code. You’ll need some flavour of Linux to test it on (I suggest Backtrack), as well as a card that allows for promiscuous wifi monitoring and the appropriate drivers/aircrack software suite. If you were able to follow my last tutorial on WEP cracking, this will work too.

After downloading the package, navigate to the directory and type (replacing XXXX with the current version number, or remember you can press TAB to have the console auto-complete the command for you with matching filename):

tar -xvf reaver-XXXXX.tar.gz 
cd reaver-XXXX/src
./configure
make
make install
airmon-ng start wlan0

You should see something about a mon0 interface being created. To scan for suitable networks, use:

walsh -i mon0

and to begin the reaver attack, type (replaced BSSID with the hexadecimal BSSID of the target network):

reaver -i mon0 -b BSSID -vv -d 0 --ignore-locks

It goes without saying that this would be a serious wire fraud criminal offence to perform on any network for which you don’t have explicit permission to test on.

Troubleshooting

Be sure to check out the Reaver wiki for a more fuller FAQ. The most common problem I found was either too weak a signal, meaning a full WPS handshake could never be completed, or the same PIN being repeated along with a timeout – this was due to the router 5 minute lockout.

I left the software running though, and after some time it would try some more PINs, until my home network was broken in under 8 hours, and the 20 aalphanumeric, mixed punctuation passphrase I had diligently set was revealed onscreen.

Should You Be Worried?

This is still very much a new attack, but it’s important you’re aware of the dangers and know how to protect yourself. If you find your router is vulnerable, and have a support number to call, I would suggest you ask them how long it will be until a suitable firmware update is available, or how you can go about the upgrade process if it is available already.

Some users will be able to easily prevent this attack with a simple setting alteration, but for the vast numbers of routers in use this is a permanent backdoor for which only a firmware update is going to mitigate somewhat.

Let us know in the comments if you have any questions or managed to try this on your own wifi.

Microsoft has since resolved these shortcomings with the latest release of its successor to the clunky old Windows Mobile. Windows Phone 7.5 “Mango” is currently shipping on new devices from HTC, Nokia and Samsung and first generation devices can be upgraded to run this version of the software, which includes wireless tethering. This will enable you to share your mobile Internet connection with other devices.

Why the Big Deal?

News of this feature came late in the day (release day in fact!) thanks to Microsoft being cagey about some of the details of the Mango release. Despite being a much-requested function there was never any confirmation (although plenty of denials) that tethering of any kind would be included.

Fortunately for Windows Phone users, wireless tethering is now a possibility. The benefits of this are considerable. For instance, you might own a tablet, netbook or laptop and have no wireless functionality or access to any nearby wireless networks. Thanks to wireless tethering you can easily use your Windows Phone as a Wi-Fi router and connect to the Internet!

There are a couple of things to bear in mind, however. The first is that if your mobile phone contract does not have suitable Internet usage terms you could easily end up being billed for more than you can afford, so before proceeding, check the small print.

The second point to consider is that using wireless tethering can be quite draining on your mobile phone battery, so it is advised for only short-term use unless you are able to keep your Windows Phone charged.

Activating Internet Sharing

Microsoft’s inclusion of wireless tethering was done with so little fanfare that you might be forgiven for not realising that it is included on Windows Phone Mango. To get started using this function, you will need to open the Settings menu. This can be found on the Start screen and is also available by swiping left or tapping the arrow in the top-right corner of the screen.

With the Settings menu open, first scroll down to Mobile network to confirm that both Data connection and 3G connection are activated. You will need the 3G connection active if you are to have any hope of achieving fast mobile Internet! Enable these options by tapping the switches; when active they will be highlighted to match your phone’s current accent (the color of the tiles on your Start screen).

Tap the Back button on your phone to continue. You will now need to find the Internet sharing option in the Settings menu; a single tap of the switch in this screen will enable tethering.

By activating wireless tethering you will also activate your phone’s wireless function, which is one of the reasons why battery life is affected by this feature.

The Internet sharing screen will now display a few instructions, advising you that up to 5 guests can share your phone’s mobile Internet connection. A default broadcast name will be listed along with a password that you can use on any device that will be used to share the connection. The number of connected devices will also be listed.

Connecting To Your Windows Phone Wireless Hub

You don’t have to use the default options, however. By tapping the Setup button you can configure your own broadcast name by tapping into the field and overtyping the existing name; the same can be done with the password (a minimum of 8 characters is required) and you can also switch the Security type between Open and WPA2. Remember to tap the OK button when you’re done.

With the options set as required and Internet sharing activated you will now be able to connect to your phone as if it was a standard wireless hotspot. Any tablet, e-reader, laptop, netbook, even a desktop computer or another mobile phone can take advantage of your Windows Phone Wi-Fi hotspot by simply identifying the device’s broadcast name and entering the password.

Battery & Security Considerations

Despite the excellent flexibility that wireless tethering offers, there are obvious drawbacks. The first is with the battery life; the more users you allow to connect to your Windows Phone the more data will be processed and the greater reliance on both mobile Internet and Wi-Fi. You could end up with your phone’s battery being seriously drained in under an hour!

Although an open (password-free) connection is available as an option, this isn’t recommended unless you’re in a relatively remote area. The last thing you need – especially if you’re billed on mobile Internet data usage – is to be sharing your connection with unauthorized people.

Despite the battery issues, this is a welcome addition to Windows Phone, one that is quick and easy to use and is great for providing a much-needed Internet connection to other devices.

Let us know if you have any questions or problems setting it up.

With the threat of drive-by Wi-Fi theft and the risk of secure data being transferred over a non-secure connection, wireless routers without the most current security options can be temporarily shored up with just a bit of imagination. Meanwhile, there are ways in which you can get hold of modern routers for free and connect to them using low-cost USB devices.

Secure Your Wireless Router with Its Name

According to figures published in October 2011, Windows XP still has a respectable market share as the operating system on around 33% of all computers connected to the web. However, few of these machines will have the native hardware to connect to a Wireless-N connection. Similarly, there are users of Vista and Windows 7 who might be experiencing problems using older routers.

For anyone who doesn’t wish to spend money on a new router (or has concerns about using their old router until a replacement arrives) there are various steps that can be taken to configure the router so that it doesn’t appeal to anyone outside of your home or office.

In order for users to connect to a wireless network, a wireless router typically broadcasts an SSID, or Service Set Identifier. This is usually named by default and commonly identifies either the hardware itself or the company that provided it – for instance your wireless router might identify as NETGEAR123334321. This SSID can be seen by anyone using a Wi-Fi device; if they have the correct key then the router will allow access to the Internet. Should the wireless router be open – that is, not have WEP or WPA encryption – then no key is required. Setting an older router as open might be the only way to successfully connect to it from a computer running Windows Vista, 7 or Mac OS X.

If you are running a router with no security you can use the SSID to your advantage by assigning an “aggressive” name to the network. For instance, you might call it one of the following (offered as suggestions; you should ideally make up your own):

• IWillHackYou
• ScammerVille
• IAmWatchingYou

Basically, the idea is to rename the SSID so that anyone who is tempted to connect to any random networks they find will feel uncomfortable doing so. The threat of lost data or identity theft implied in the new SSID should be enough to put most people off.

Configuring An Old Wireless Router

To rename your SSID you will need to login to the router via Ethernet – changing the SSID will drop existing wireless connections.

To log into your router you will need to know the internal name for the device or its IP address. Checking the IP address from your computer is different on all operating systems.

On Windows press WINKEY+R, type cmd and click OK. In the resulting command prompt, type ipconfig and tap Enter. The “Default Gateway” entry lists the IP address you need.

Under Mac OS X, open Settings > Network and select the correct network connection in the left-hand pane; in the main pane your router IP will be listed.

The next step is to open a browser window and enter the router’s IP address in the following manner:

http://123.456.78.90

A new webpage will load, prompting you to log in; the default admin credentials can usually be found printed on the side of the router. If these are not present or have worn off, an online search for your router model should reveal them (if you have previously set your own username and password, use these).

Each manufacturer uses a different console for altering the configuration of the router, usually providing a help button if you get stuck. Typically the SSID can be found on the first screen along with other master security settings such as security type and passphrase.

All you need to do here is change the SSID and click the Save button to confirm.

Another way to secure an older wireless router can be tried via the configuration screen, requiring just a pen and paper to jot down the SSID. Next, hide the network by disabling the Broadcast SSID function. This is usually achieved by clearing the checkbox to hide your SSID; reconnecting to your wireless network after taking this step will require you to enter the SSID so that your computer can find it.

Conclusion

With your SSID renamed (and perhaps hidden) you should be able to protect yourself from most other users. Sadly you won’t be protected from anyone using Wi-Fi sniffer software so be aware of the risks here.

These steps are only best for short-term use. Securing your Internet connection is vital for maintaining your privacy and keeping all of those user-identifiable pieces of data under your control.

If you’re unable to afford a modern new router offering the latest WPA encryption methods and Wireless-N, the best thing you can do is contact your ISP, or perhaps switch to a provider that offers a suitable new router which might be coupled with one or more USB wireless dongles that can to connection to the new router.

Over the next week (December 21st – December 27th), Skype will be offering a free hour of Internet access to third-party wireless hotspots in 50 airports across the US. This will be available for anyone with a PC, Mac or iOS device. It will not be available for Android or any other mobile platform other than iOS.

In order to start, install Skype on your computer or the Skype Wi-Fi app on your iPhone, iPad or iPod Touch. Sign in using your Skype ID, and then check the wireless network connection. You should now be able to connect to a supported wireless hotspot, if you’re in one of the supported airports. To find out if your airport is included, check out this interactive map.

Source: Official Skype Blog

Data plans tend to be limited, and connection speeds are sometimes not all that impressive. So when you use an Android phone (or any smartphone for that matter), Wi-Fi becomes an essential way to get online.

Today I’ll be showing you two different apps designed to make your Wi-Fi experience better so you can get better speeds and a more stable connection. These are both for Android, but you can actually use what you learn from them with any Wi-Fi device, including your laptop.

Improving Wi-Fi Connectivity At Home

Wikipedia says: “Many 2.4 GHz 802.11b and 802.11g access-points default to the same channel on initial startup, contributing to congestion on certain channels”. So while there are several available Wi-Fi channels, chances are that you and all of your neighbors are actually using the same single channel for your wireless communication. This causes interference and can slow things down.

You can always tell which Wi-Fi channel you are using using your access point’s configuration interface; but how can you tell what channels you neighbors are using? This is important so you know what’s free and where to switch, and this is where our first app comes in: Free Wifi Analyzer. With over 5 million downloads and over 61,000 reviews averaging 4.5 stars, Wifi Analyzer kicks some major butt, and provides a plethora of information about your wireless situation. Let’s take it for a spin:

This is the first screen shown when you launch the app, and right away, you can see how most of the networks around here are centered on channel 6. Only one network sits around channels 1-3, and channels 9 and up appear to be completely clear. Let’s swipe to the next screen:

Here, you get to select a network and see its signal strength graphically.  This display constantly updates, and can also beep according to the signal level (more beeping means a stronger signal). This is fun because you can walk around with your phone like a metal detector and see where the signal grows stronger or weaker: Does this or that wall actually block your Wi-Fi signal?

The last feature I want to show you is what I call “the bottom line”. This is the screen where Wi-Fi Analyzer recommends which channel you should switch to:

As you can see, my home network sits on the absolute worst part of the spectrum possible. Wifi Analyzer says I should switch to channels 11, 12, or 13, and I tend to agree. Doing this will result in less interference, and thus in a better connection for everyone (even my neighbors will have less interference with their Wi-Fi connections!).

Okay, that’s great for when you are at home and you get to control the access point’s channel. But what should you do to get a better connection when you’re outside, at a coffee shop or an airport?

Improving Wi-Fi Connectivity While On The Go

When you’re in a public location, the biggest problem with the Wi-Fi connection is usually poor signal strength. In other words, the access point is simply too far away. This can be very frustrating, because you usually don’t have any way to know where to go for better connectivity. Which way is closer to the access point? If you start walking around, you may lose the connection or end up making it even worse.

Well, this is where Wi-Fi Radar comes in. This handy little app also enjoys some stellar reviews (over 1,100 reviews averaging 4 stars), and its claim to fame is its ability to show you where access points are physically. So you get a radar-like display with your phone in the middle, surrounded by access points. It comes with simple instructions:

So when using it, you will find yourself slowly rotating with your device. People may look at you oddly, but you can just tell yourself they are suffering crappy connections and you’re smarter.  Once the scan starts, it looks like this:

This is the trickiest part in using the app. In the screenshot above, I have separated both bars so you can see them clearly. The brighter bark (around the 6% mark) moves on its own; the darker one (around the 20% mark) moves when you rotate the device slowly. Your goal is to keep them together. This means you need to very slowly rotate the device, a little bit at a time, while the progress bar moves. You are going to look pretty stupid while you’re busy doing this, but that is the price to pay for good connectivity.

This process takes a good two minutes, or even more. Once you’re done, you get a display that looks like this:

When you move around with your device, the display updates and things shift around. Even after all of this work, the display may not be correct; it is best if you have some point of reference, because then you can rotate the whole display as needed, using the “Result Offset” option.

This isn’t because the app is bad (it’s actually quite good), but because it is trying to do something that is remarkably difficult. If you’re patient and determined, you may find yourself enjoying the best Wi-Fi signal your airport can offer.

Other Wi-Fi Essentials

I am always on the lookout for awesome Android apps; did I miss an important Wi-Fi related application? Let me know in the comments, and I might review it!

Image Credit: ShutterStock

But now those days are getting behind us. Apple has made it possible to walk into an Apple Store, purchase a device and have it up and running by the time you walk out. If you are an existing iOS user, you only have to connect one more time to make the wireless iCloud connection. Afterwards, your eyes may get watery when you open iTunes and see your iOS device(s) connected without wires. But hold on, if you haven’t set things up, there are some things you need to know.

iCloud Requirements

First off, to use iCloud, you will need to have a free MobileMe account. If you’re an existing iOS owner, you probably already have such an account, but if you don’t, you will be asked to set it up when you try to add iCloud to your system.

So now connect your iOS device to iTunes and complete the iOS 5 update. As usual, make sure existing content on the device is backed up by iTunes. After the update is completed, you need to click on the Info menu for your device.

If you plan on syncing your Address Book and iCal Calendar data using iCloud, you will want to uncheck the two sync buttons on that page.

Next, on the Summary page, click either “Back up to iCloud” or “Back up to this computer.” If you want to back up the content of your device to your iCloud device, remember that you only get 5GB of free storage, so depending upon how much content you have on your device, that might not be a good idea. On the other hand, backing up to iCloud means having another place to secure your data. So for the average user, backing up to iCloud should be okay.

If you are an existing MobileMe user, you might have more storage space, that is until Apple closes out all those accounts in June of next year.

Other Options

Notice also you have other options before you apply the iCloud setup. You will want to of course check “Sync with this iPad over Wi-Fi” and probably all the other boxes under that.

In managing your music, you will need to go to the Music section and click “Selected playlists, artists, albums, and genres” if you have a large iTunes library. Under Options, either select “Sync only checked songs and videos,” or “Manually manage music and videos,” which will prevent iTunes from trying to load your entire library onto your device.

The beauty of iCloud is that you can now add and delete songs for your devices over your Wi-Fi network connection. Unfortunately, you can’t do it over 3G. Once you have everything set the way you want it, click the Apply and Sync buttons to make your first iCloud connection.

After your data is restored to your device and it’s restarted, you should be invited to go through the process of setting up iCloud. But if some reason you did the upgrade and skipped this process, you can still go back and set it up using the following directions.

Setting Up An iOS Device

If you need to set up iCloud on your iOS 5 updated device, open the Settings app and tap on iCloud. Add your account and enable all the items you want to sync via iCloud. Do the same for your Mac or PC if you have data you want to sync from there (System Preference > iCloud.)

Enable the data that you want to upload to iCloud and sync between your computer and iOS device(s). In order to use Photo Stream, you will need to enable it also in iPhoto and/or Apple’s Aperture. Likewise, Documents & Data is for use with Apple’s iOS and Mac iWorks apps—Pages, Numbers, and Keynote.

If you scroll down on the iCloud menu and tap Storage and Backup, you will get that described information, as well as an invitation to purchase additional storage.

You can and should enable iCloud Backup, which means the data on your device will back up to your computer or to iCloud your camera roll, accounts, documents, and settings when the device is plugged, locked, and connected to Wi-Fi. Notice also, you can manually “Back Up Now” if you need to quickly push data to iCloud and other devices.

Once the backup is complete, you can tap Manage Storage to double-check that all the items are now backed up in iCloud.

Using iCloud

As stated above, iCloud synchronization works automatically, but you can also go into say iTunes on your computer and manually add songs or apps to your device(s) wirelessly. In my experience, however, the process of re-adding a single app on your Mac to a selected device is a slower process than simply going back into the App Store and locating an app you’re previously purchased and re-downloading it from there.

If you want to access your Mail, contacts, and calendar data online, simply go to iCloud and sign in using your iCloud/MobileMe username and password. You also go there to use the Find My iPhone, and to upload, download, and synchronize your iWork documents.

Sadly, in order to sync iWork documents with iCloud, you have to upload documents to your online account (click on the iWork icon, and then click on the gear button on the upper-right of the page to upload documents to iCloud.) You can’t upload documents to your account from within iWork applications.

If you’ve been using iWork, you will have to switch to iCloud if you want documents to automatically sync to all your iCloud supported devices.

Also, while we’re on the subject, if you’re a heavy iPhone camera user, you may or may not like the Photo Stream feature. It’s great that it automatically uploads all your iPhone photos to your corresponding devices and to your iPhoto/Aperture library.

But though it keeps those photos in your iCloud account for 30 days, it’s almost impossible to delete them from iCloud. You can turn off Photo Stream on your device to keep it from uploading images to iCloud, but it seems that images remain in iCloud until after 30 days.

There’s a lot more to iCloud, but hopefully this article has given you enough to get started. Let us know about your experiences using iCloud.

There are so many awesome websites and applications you can use to download music to any PC. Simon wrote about Free MusicZilla (one of my favorites), and he also covered some of the best sites where you can download free music. Of course, most users will be more than accustomed to paying for and downloading music from sites like iTunes or Amazon.

The problem I have is that when I download music to a PC, I may want to access that music from different PCs in my house. To solve that problem, I decided to create a sort of Wi-Fi PC Radio server where I can store all of my music and then allow users from anywhere to stream that music.

How The Wi-Fi PC Radio Setup Works

The way this setup works includes a web server with Subsonic installed. Technically, you don’t need to set up a web server – when you install Subsonic, it will use port 80 and serve up its own webpage. If you already have a web server, you can configure Subsonic to use its own subfolder within the public html folder.

When you first install Subsonic on your “server” PC, you’ll see the Subsonic Music Streamer icon appear in the task bar.

Right-click and go to “Subsonic Control Panel” to quickly set up how you would like the streaming service to run. This is also where you go to start and stop the service.

Click on the “Settings” tab to set up what server port the service will use, and the path where Subsonic should run from.

Once you have Subsonic running, you can either access the system by going to “http://localhost/” on the PC itself, or open up a browser on any other computer on your Wi-Fi network and type in the IP address of the server PC where Subsonic is running.

The first thing you’ll need to do is set up the admin account.

Set up a new password, and then start working through the menu systems to set everything up. The only area you really need to configure for your new jukebox-like Wi-Fi music streamer to work properly is to set up media folders on the server PC where you’ll store all of the music available for your users to listen to. You do this by clicking on the “Media Folders” link in the menu.

Name the folder, type the local link for the music directory and make sure it’s enabled. When you click Save, the music files stored in that folder will become available to all users that connect to your new music server on your Wi-Fi network. If you have music playlists set up, such as iTunes playlists, you can point Subsonic to those folders under the “General” settings link.

You can also define how your users can stream music over the network to their own computers or devices. Choices include launching the user’s own music players, or utilizing the embedded Jukebox player that is integrated with Subsonic.

This is the most convenient solution for users because no local player is required – they can play music just by logging into your Subsonic PC and clicking on the play button.

Another very cool feature of Subsonic that goes beyond just serving up music over your local Wi-Fi network is that you can also serve up video streams and podcast feeds.

This isn’t really anything too special, considering that you can just connect to those video or podcast streams yourself, but by adding all of those media stream links to your Subsonic server, you can keep everything organized on one computer system and then access it from anywhere. No longer will you have to wonder where you saved that podcast link, or where you saved that music file that you downloaded. Just log into your Subsonic server and it’s all there.

Another very cool feature of Subsonic is that as an admin you can track the overall usage of the server. What are the most popular files? Which files are currently being accessed? You can even see a trend of the bandwidth users have used over time.

Whenever users log in, all available music files are listed in the left menu bar. Each individual user can build their own player list by just adding the “+” sign next to the song. That song gets added to the personal player list, where the user can click on the “Play” button in the embedded player to get started. The files are streamed right over the network to the user’s PC or mobile device.

You can even add a special Guest account for people that visit your home and have a laptop or mobile device that can connect to your home Wi-Fi network. What’s especially cool about Subsonic is that it’s available for multiple platforms, and there are even Subsonic apps for Android, iPhone and Windows Mobile.

Your friends and family will love the fact that whenever they visit you, they can have access to a wide array of great music to listen to – and you protect your music investment, because the server does not allow the downloading of music files, only streaming.

Set up your own WiFi radio PC with Subsonic and see if it makes organizing and accessing your media collection easier. Let us know how you set up your server, and what people thought about your streaming music collection. Share your thoughts in the comments section below.