Wireless Security with TiVo: WEP

Discussion in 'TiVo Coffee House - TiVo Discussion' started by burto, Dec 29, 2005.

  1. burto

    burto New Member

    1
    0
    Dec 29, 2005
    Hi All -

    Just got a TiVo for Christmas, along with a USB Wireless Adapter. Very much enjoying it so far!

    I've searched the forums on issues related to security, but didn't find an answer to the following:

    As background:
    I have a desktop computer and a wireless router attached to it. Most of the time on the internet at my house is on the desktop, which would use a wired network connection. My work computer has built-in wireless, so occasionally I use it for web surfing when someone else is using the desktop, or when I'm in another part of the house. I originally set up my network using WPA-PSK security, but have downgraded it to WEP to use TiVo wireless.

    My main question: Is my exposure to using a weak encryption scheme such as WEP limited only to data that I transmit wirelessly? By that, is there there any way that a hacker could have visibility to data on a hard drive, on either my desktop or laptop?

    If I'm only exposed on transmitted data, I'm not too concerned. - I'll downgrade the security for now and wait (hope!) for TiVo to implement WPA. This is acceptable to me since my wireless usage is rather light, and WEP should at least deter a casual attempt to intercept my wireless usage. But if my main home computer is somehow exposed, I may reconsider and switch to a wired network connection or a phone connection.

    I appreciate any responses - I'm quickly coming up on the return deadline for my wireless adapter.
     
  2. ADent

    ADent Active Member

    2,143
    3
    Jan 7, 2000
    Denver, CO
    If you have any services running on your computers (file sharing, iTunes, Remote Desktop, VNC, etc) then any hacker can get into those. With a broken WEP it's like having a port to your router on the pole outside your house that anyone can tap into.

    WEP key can be broken in minutes, but it is likely only to happen by bored teenagers next door and people out to get YOU specifically.
     
  3. djhansensr

    djhansensr New Member

    6
    0
    Dec 26, 2005
    Can anyone from TiVo chime in with info on when WPA will be supported?

    Thanks,
    Dean
     
  4. AnotherWin95

    AnotherWin95 Registered TiVo User

    321
    0
    Dec 12, 2004
    Jacksonville...
    They know the users want it and are working on it (gleaned from other posts on the board).
     
  5. rainwater

    rainwater Active Member

    7,066
    5
    Sep 21, 2004
    A hacker can't get into iTunes. There is an option to share your music on your lan. But even if a 'hacker' got access to your network, what are they going to do? Listen to your itunes music? Wow, that would be scary. If you don't have any security around VNC or remote desktop, then that is your own problem. Frankly, each machine connected to the lan should be secure as well, no matter what encryption you are using on your router.
     
  6. stevel

    stevel Dumb Blond TCF Club

    37,259
    8,297
    Aug 23, 2000
    Nashua, NH
    Well, there's lots they could do to cause mischief. Send spam and viruses, perhaps read your files, etc.
     
  7. rainwater

    rainwater Active Member

    7,066
    5
    Sep 21, 2004
    Perhaps read your files? If you are concerned with security they want have that access. Sure they can send spam, but if you set your router up correctly, you can even make that difficult. But if you want security, you can easily run your own VPN server. That is the only real protection you will have from sniffing anyway.
     
  8. c3

    c3 TiVoholic

    3,070
    0
    Sep 8, 2000
    Silicon...
  9. Jan 2, 2006 #9 of 14
    hksimpson

    hksimpson New Member

    7
    0
    Jan 3, 2005
    Monterey CA
    I am not sure why everyone is worried about WPA support. If you have a modern wireless access point you can use MAC filtering and block unknown devices from connecting to your access point.

    This way it does not really matter and if you are running even the basic Windows XP firewall and have your machine configured properly, the security risk is very low even if someone somehow connected to your network.

    Like anyone is going to waste their time trying to hack your network when there are so many corporate wireless networks that are not secure and just turing on your Windows computer is probably more dangerous than the threat from not having WPA.

    Even if someone could sniff your traffic and connect, all of your sensitive data should be encrypted anyway. If you are banking you are using SSL, if you are transferring files you should be using SFTP and so on. So someone sees that you are downloading Dukes of Hazzard from your Tivo to your desktop because the link is not protected by WEP or WPA, show cares. It is not like you are transferring and storing your tax returns on your Tivo (not yet anyway!)
     
  10. john123

    john123 New Member

    519
    0
    Nov 18, 2002
    Washington,US
    Ouch, you need to do some research quickly!

    MAC address filtering - sounds good in theory, but in practice is easy to bypass - just listen in to see what MAC addresses are being used, and then set yours to one of them. Security bypassed. It is still worth doing, but just don't rely on it.


    Once an intruder is on your network, they're inside your firewall, and then may be able to get access to any shared services such as file shares - where they may be able to find 'interesting' documents.
     
  11. hksimpson

    hksimpson New Member

    7
    0
    Jan 3, 2005
    Monterey CA
    That us why you don't reply on one level of security and harden your computer too. That would include a software firewall and more.

    Also, normally when a device that has MAC filtering enabled does not recognize the MAC of a device that might be running say a packet sniffer, it should deny any access to that device and network traffic, so I don't know how one would look for a MAC to clone, though I have heard that a determined hacker might be able to do it. Again, turing off SSID broadcast makes you a less likely target too.

    This all boils down to ease of access and the gain from hacking a home network. On my street there are at least 10 wireless networks that are completely open with no WEP and they are broadcasting their SSID. They are easy targets and mine is not. Especially since even if someone gained physical access to the wired portion of my home network, they would need to hack my software firewall and my machine is protected in other ways too.

    You could go one step further and limit the access of a device with a partical MAC has access so that even if they cloned the MAC of a device already on your network and had access, you can limit them access to particular services and ports. This kind of advanced filtering is available in Linksys products.
     
  12. john123

    john123 New Member

    519
    0
    Nov 18, 2002
    Washington,US
    A quick google search confirms my understanding : http://www.kismetwireless.net/ -

    Kismet identifies networks by passively collecting packets and detecting standard named networks, detecting (and given time, decloaking) hidden networks, and infering the presence of nonbeaconing networks via data traffic.

    So, they just need to listen in (i.e. no connection to network required) to enough traffic to figure out the WEP key, at which point they can view all traffic over the wireless network - MACs and all. They then just need to clone the MAC, and connect away. Turning off the SSID makes no difference - maybe just slows them down slightly.

    Yep, I have WEP set, MAC filtering, don't broadcast my SSID, software firewalls, but I'm still not happy having to avoid using better security for the network simply because my TiVo's don't yet support it. I felt this way a over a year ago, and the situation still hasn't changed. It seems everyone except TiVo knows how bad WEP is.
     
  13. Arcady

    Arcady Stargate Fan

    3,959
    3
    Oct 14, 2004
    Philadelphia...
    Don't worry about MAC. Buy a Mac.
     
  14. stevel

    stevel Dumb Blond TCF Club

    37,259
    8,297
    Aug 23, 2000
    Nashua, NH
    Buying a Mac does nothing for network security.
     

Share This Page