Author Topic: Protecting against invasion of privacy (shared wireless with roommates)  (Read 5694 times)

astvilla

  • Stubble
  • **
  • Posts: 236
So I'm planning on moving out soon (expenses will go up more than a thousand fold...sigh...but what can you do...) into most likely a room in a shared house.  I was reading the updates about the NSA surveillance and on Snowden and it made me wonder how easy or feasible it would be for a roommate or someone using the same wireless to track everything you do on your computer (blog posts, site visits, email, finances, chat, being a closet mustachian, the whole shebang).  Turns out it can be quite easy and I was searching the web and read a couple horror stories on the web and it doesn't end well for most when someone with more technical expertise decides to invade your privacy through a shared wireless network.

So the question is, how does one protect their computer privacy on a shared wireless network? (note: I'm really bad with computer technical skills)

Just some context, I had an experience once where a girl went through my phone to read my text messages. It had a screen lock but apparently she studied the pattern I scroll.  And in case you were wondering, it wasn't about cheating or an affair (I was telling someone I wanted some space away from her and she got pissed).  I felt violated for some reason, like my mind had been raped and that I didn't have a private thought from this person at that time.  Even if there's nothing bad and not a big deal in life overall, having your private thoughts, your privacy being violated is a real terrible feeling and a paranoia sort of sets in (similar to stories I've read).  And it seems just unethical to be looking through what someone does without them knowing.  That experience made me understand Snowden a bit more and I can't understand those that opposed him if they never experienced it themselves.

Unrelated but is it normal for people to just look or try and peek at your screen at work? It seems like it is, I can tell just by the glare on my screen at times and it feels a bit uncomfortable, even if it's work related.  That's why I always try to avoid looking or face backwards sort of when I come up behind someone. Looking at someone's screen is sort of like peeking at what they are doing and what they are thinking.
« Last Edit: June 05, 2015, 11:13:18 PM by astvilla »

EricMA

  • 5 O'Clock Shadow
  • *
  • Posts: 20
  • Age: 37
  • Location: Massachusetts
There's a few things in here I could probably rant about, but I'll leave that to others. I'll stick to answering your question directly.

The best (and fairly easy) way to keep your traffic private is with a VPN tunnel. It will encrypt everything from your computer to the end point your connected to so no one will be able to read anything. It should be noted that the company providing the VPN service could in theory read everything. Using secure sites (https vs http) would provide an additional layer of encryption so even the VPN company couldn't read that. In theory only the intended recipient could read it.

I use www.privateinternetaccess.com at work. There's an IT guy there who thinks it's fun to make offhand comments like "ohh I see you were checking out ______ over lunch" or other such creepy things. This was an easy fix to that problem. It's between $3 and $8 per month depending on how long you commit to the service. If you're REALLY concerned about privacy you can actually pay for it with a gift card so they don't get any of your payment information, but you wind up paying more than you would if you just used cash.

As for people looking at your monitor... I think many people at work, at least for me, do it but don't realize that it can bother people. If they don't mind it themselves they'll never be aware that it bothers others unless they're told. What's the old saying? Never attribute to malice what can otherwise be explained by ignorance or something like that?

DocCyane

  • Bristles
  • ***
  • Posts: 389
  • Location: USA
  • Keep going. You're doing just fine.
With regards to the content of your monitor, you can go to Best Buy and pick up a privacy filter to place across the front. This way people cannot see what you're looking at unless they stand directly behind you. I've seen people use these when they work in confidential areas like finance. Or if they just don't want coworkers getting nosy.

vhalros

  • Bristles
  • ***
  • Posts: 308
Some one sharing a wireless network with you would be able to read any unencrypted traffic, yes. More and more things like web e-mail, Facebook, are encrypted using https these days (you can see https in the url, and some kind of lock icon in your browser, to know if it is encrypted). A VPN service could be used to just encrypt everything.

Depending on how paranoid you want to be, you could also use full disc encryption on your computer. This has nothing to do with the network, but would make it really difficult to access anything stored on it with out the password.

Of course, I think ultimately having a roommate means some level of trust is required. Then again, you not only have to worry about deliberate spying, but that their computer could be infected with malware that is spying on some one else's behalf (probably a more likely scenario). Back when I had roommates, I remember one of them had inadvertently acquired some malware that was trying to change the wireless router to use a web proxy to serve adds.
« Last Edit: June 06, 2015, 07:39:59 AM by vhalros »

Insanity

  • Handlebar Stache
  • *****
  • Posts: 1021
Physical access to the device means there is no such thing as privacy.  It is just how complicated you want to make it.   The person can put a key logger or other controls on your machine which can decrypt traffic before it even leaves the device if they are so inclined.   Even physical access to an encrypted drive can lead to discovery over time (a very, very, very long time if
The encryption key is long enough and the right algorithm is used).

The tips mentioned above are very sound advice to protect against the average snoop though :)

electriceagle

  • Pencil Stache
  • ****
  • Posts: 521
You might be better off spending more resources on screening roommates. I.e. don't room with crazy if you can help it.

Anyone who is crazy enough to spy on your internet use is probably crazy enough to rub their balls on your toothbrush. Theres no app to protect against that.

astvilla

  • Stubble
  • **
  • Posts: 236
Thanks for the advice everyone.

Yeah the people looking directly at your screen isn't a big deal to me really, just a not so often talked about topic.

My main concern is the wireless snooping. Screening roommates is a good idea but you never know who snoops and who doesn't. And being bad with tech, I imagine I leave myself very vulnerable without realizing it. Knowledge is power and no knowledge leaves you to exploitation. Just like no knowledge/advice provided on Mustachian forums means you can be more easily exploited by financial advisers, sorta.

Would bringing my own wireless router work so that there would be 2 wireless routers in the house? Is this possible? I noticed that back when I dormed, some students did bring their own routers to connect instead of using the school wireless. You would see it on the list of networks you could connect to.  It seemed strange, I never knew why, seemed kind of redundant. Were those students concerned about privacy or some other issue?

shadowmoss

  • Handlebar Stache
  • *****
  • Posts: 1601
If you can use your own router, and then plug into the network port of it instead of using wireless, you will be better off security-wise.  If you have to plug your router into the one everyone else uses, it is less secure, but if you couple that with not actually using wireless and a vpn you will be about as good as you can get.  Another thing about sharing a network, willingly or not, is that if the other(s) go to sites that government entities with initial names are overly concerned with, it can cause everyone on the network to be suspect.  Just a bit more paranoia for you.  I live alone, btw...  :)

A 'friend' did brag to me that he was good enough at latching on to unsuspecting wireless networks that he could 'break' into mine (techie butt sniffing for Alpha geek bs).  Seems that when you connect to wireless, and at times after that for handshaking purposes, the wireless devices send, unencrypted, the SID and access info.  I try to use the actual ports on the router now if I'm doing much work on the computer(s).  This person mentioned boats off-shore latching onto the land-based home networks in order to have internet access.  He was 'better' than some because he did snoop enough to make sure it was a cable modem or such that wasn't charged per amount of traffic.

Be safe out there.

Insanity

  • Handlebar Stache
  • *****
  • Posts: 1021
Google can teach you many ways and free tools to get into places you shouldn't be. 

It isn't all that different from anything else you are protecting.  Get educated.  Having your own wireless router doesn't help if you don't change the admin password (or use an easy password) , set up an easy password to connect to your network.

Using https for web traffic and multi factor authentication where possible is also important.
 

vhalros

  • Bristles
  • ***
  • Posts: 308
I'd think plugging into the router with a cable would be only marginally more secure, you are basically still on the same network segment; it would be pretty easy for some one to do a little ARP spoofing and get stuff sent over the wireless (basically, lie to the router a little, so it thinks stuff needs to go over the wireless link). Although I guess it does make it less passive. I haven't thought about this in detail, so there may be some other reason what I described doesn't work.

WPA (new wireless encryption standard) does not send passwords in the clear, although the SSID is usually broadcast by the router any way. If we are talking about WEP (outdated wireless encryption standard), it is so compromised it doesn't matter. Of course, neither one helps against eavesdropping by people who are actually connected to the wireless access point any way.
« Last Edit: June 07, 2015, 07:02:59 AM by vhalros »

Katsplaying

  • 5 O'Clock Shadow
  • *
  • Posts: 99
  • Location: PNW
If your primary concern is privacy, when possible, use your own router/modem and plug in directly. Wireless is crazy convenient but how many of your roommates' FRIENDS have the password? Is the network even secured and how well?

Sharing a house or a network involves a fair amount of trust. Privacy is a way bigger illusion than most want to admit. People will (often) snoop, given the opportunity because curiosity is how we evolved this far. What is more likely than someone hacking your machine is someone finding your SS# or other personal data *on a piece of paper* that allows them to steal your identity.