How secure is internet with USB dongle ? (Ubuntu OS)

Discussion in 'all things UNIX' started by Ocky, Dec 10, 2010.

Thread Status:
Not open for further replies.
  1. Ocky

    Ocky Registered Member

    Joined:
    May 6, 2006
    Posts:
    2,677
    Location:
    George, S.Africa
    I am thinking of getting one on promotion here. http://www.cellc.co.za/internet/dat...omotion-supersonic-surfing-for-only-5c-per-mb

    They are based on Huawei modems and I think Ubuntu will pick them up without modprobe - i.e. plug and play hopefully.

    I am currently on ADSL with Netgear router and intend to use the speedstick as backup, also the speeds are faster than my ADSL.

    My concern is security. Any advice there ?
     
  2. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,695
    What do you mean security? What did you have in mind?
    Mrk
     
  3. mack_guy911

    mack_guy911 Registered Member

    Joined:
    Mar 21, 2007
    Posts:
    2,677
    yes i also like to ask same question i guss ocky means in router you have wpa2 encryption ....etc for wifi security (wireless network signal transmission)

    i also wonder what kinda security is there on usb modems in term of wireless network signal transmission or radio signal transmission whatever you call :rolleyes:
     
  4. Ocky

    Ocky Registered Member

    Joined:
    May 6, 2006
    Posts:
    2,677
    Location:
    George, S.Africa
    Geez, I have never used one of these things ever; plus I know that I know nothing. :'(
    Was just wondering how easy it is to hack the sim card as opposed to being behind a good router.
    I suppose there is not too much to worry about as the security protocols are of course handled by the browser, plus I have enabled firewall.

    In short I have no idea, especially after having had 2½ glasses of wine (big ones). :D

    In other words would you feel equally safe using an HSPA+ enabled USB speedstick as mentioned in my OP link as with being behind a router ?
     
  5. katio

    katio Guest

    In terms of firewall, you are using only one instead of two. Of course this reduces your overall security "potential". But if you've set up everything correctly one is just as good as two. However, if you made a mistake with iptables (which is easy to do...) no NAT will safe your day.

    The other point is more related to privacy. For one you have to trust your carrier instead of ISP, probably doesn't change anything. Then there's 3rd party sniffing. AFAIK HSPA+ uses the KASUMI cipher which is vulnerable to some attacks but I think there's still some way to go before we see script kiddy ready tools like they have for WEP and WPA.

    Overview on wikipedia:
    http://en.wikipedia.org/wiki/KASUMI_(block_cipher)#Cryptanalysis

    Finally, something to scare you...
    Remote kernel exploit in the Huawei driver. Well, or something like that.
    Here's their track record: http://www.cvedetails.com/vulnerability-list/vendor_id-5979/Huawei.html

    But more seriously, as long as your iptables are fine, go ahead.
     
  6. Ocky

    Ocky Registered Member

    Joined:
    May 6, 2006
    Posts:
    2,677
    Location:
    George, S.Africa
    Thanks katio, you are a veritable wikipedia :)
    I think I will go for it (as backup), the ADSL connections here are a bit iffy and recently I had to phone in a few times to ask the ISP to reset my router the port. Truly the dark continent.
     
    Last edited: Dec 10, 2010
  7. mack_guy911

    mack_guy911 Registered Member

    Joined:
    Mar 21, 2007
    Posts:
    2,677
    WPA2 is almost impossible to crack if paraphrase is strong and encryption is AES 256 bit try brute force attack sitting below your router and run continuous for week at least then you get my point @katio

    strong password i mean this for routers

    if you want to go for paranoid mode :D

    https://www.grc.com/passwords.htm
     
  8. katio

    katio Guest

    Yes, I know. I stated nothing to the contrary.
    Since there are easy to use tools widely available that can be used successful against WPA and its variants (brute force or the weaknesses in TKIP) this is a security issue to think about when deploying it.
    Against HSPA+ no such tools has been released (to my knowledge), from that point one could say it's more secure than WEP2-AES. Even though KASUMI is weaker than AES and even if weak passphrases are used an attack would still be impossible for the average script kiddie. Of course this is nothing but security through obscurity, nothing to get complacent about (@3GPP...)
     
Loading...
Thread Status:
Not open for further replies.