Tilted Forum Project Discussion Community - View Single Post

Pragma · 04-30-2007, 03:23 PM

Based on my experience, what I imagine the situation with your friend / friend's roommate is the following:

The friend and roommate connect through the wireless network to the router, then go from there to the internet. The roommate was probably running something like dsniff to capture all messages that were going across in the clear. Changing the password on the router won't make a tiny bit of difference.

I'm also very suspicious of the "intending to spy on someone else" part, as he'd only be able to spy on people on the wireless network - which would be the friend+roommate (or are there other roommates?).

Either way, the best way to communicate would be to find an encrypted method - AIM+SSL certs (do they still do that? I remember reading about it a while ago) or something similar. Because the roommate has access to the transmission medium, it boils down to trust: do you/your friend trust the roommate not to try again? With physical access, you're basically hosed if he really wants in - worst case he'll install a keystroke logger and get whatever passwords he needs to own the net again.

04-30-2007, 03:23 PM	#6 (permalink)
Pragma I am Winter Born Location: Alexandria, VA	Based on my experience, what I imagine the situation with your friend / friend's roommate is the following: The friend and roommate connect through the wireless network to the router, then go from there to the internet. The roommate was probably running something like dsniff to capture all messages that were going across in the clear. Changing the password on the router won't make a tiny bit of difference. I'm also very suspicious of the "intending to spy on someone else" part, as he'd only be able to spy on people on the wireless network - which would be the friend+roommate (or are there other roommates?). Either way, the best way to communicate would be to find an encrypted method - AIM+SSL certs (do they still do that? I remember reading about it a while ago) or something similar. Because the roommate has access to the transmission medium, it boils down to trust: do you/your friend trust the roommate not to try again? With physical access, you're basically hosed if he really wants in - worst case he'll install a keystroke logger and get whatever passwords he needs to own the net again. __________________ Eat antimatter, Posleen-boy!