College Wireless (Part 2)

August 31, 2008

A little while ago I wrote about the state of wireless networks on my campus. This article will make a bit more sense of if you read part I, but it is not essential. Today I finally got around to doing the second scan. Everyone has been moved in for a week so I figure any access points would have been setup by this time. I found some interesting results and it certainly seems there are more access points than before. Here is the new list of unsecured WEP networks:


1   00:18:39:F1:68:13   "<hidden>"                     off
2   00:13:10:BC:21:25   "alicia"                       off
3   02:E0:DD:5C:D3:D8   "ANY"                          off
4   02:13:CE:00:00:8C   "ANY"                          off
5   00:11:50:76:40:E5   "belkin54g"                    off
6   00:1C:DF:5E:7C:BB   "belkin54g"                    off
7   00:0B:86:A4:F5:92   "CaptivePortalTemp"            off
8   E2:84:77:23:63:BD   "Free Public WiFi"             off
9   FA:50:CF:E8:E0:F6   "Free Public WiFi"             off
10  AA:0B:61:5E:AD:4E   "x y's Computer"               off
11  02:E0:42:41:32:60   "HHONORS"                      off
12  A6:52:5A:D7:2C:D2   "hpsetup"                      off
13  02:13:02:20:81:7C   "hpsetup"                      off
14  5E:0A:12:AD:95:68   "hpsetup"                      off
15  EA:83:DD:2C:5B:45   "linksys"                      off
16  00:14:BF:79:20:59   "linksys"                      off
17  00:18:39:4D:4C:6F   "linksys"                      off
18  4A:5C:07:B1:D1:D8   "linksys"                      off
19  02:13:CE:02:32:37   "linksys"                      off
20  02:12:F0:00:00:EC   "OurLadyAP"                    off
21  DE:CE:08:91:89:F7   "print server 053797"          off
22  02:8A:D0:30:0E:77   "print server 075462"          off
23  02:8F:69:85:0E:72   "print server 2A6845"          off
24  02:4A:C7:7C:0E:B7   "print server 2D2508"          off
25  00:1D:7E:E7:CC:A1   "Rimmer56"                     off
26  02:1B:77:00:00:D7   "Wireless Network"             off
27  02:12:F0:42:79:88   "Wireless"                     off

So there you have it. The new list of unsecured wireless access points. I seem to have lost a few since my last scan, but overall there was an increase. I think it is safe to throw away the “CaptivePortalTemp”, “Free Public WiFi”, and anything in the form “print server *”. That means that there seems to be roughly 20 access points. I am not sure about the hpsetup entires either. So if we remove them we are left with 17 unsecured wireless access points on campus. Quite a few considering what the policy is. There are a decent number of secured networks as well, but I didn’t see it fit to list those because they are less of a threat to our overall network security.

I also want to point something else out. Notice entry number 1 “<hidden>” this means the access point was hiding its SSID. Lets take a minute to reflect on how useful hiding the SSID is… done? Yup, it’s only useful in tricking silly Windows computers in to thinking nothing is there. However they are just as easy to detect as anything, and with a little trickery someone could easily decipher the SSID.Β  So let that be a lesson kids. Hiding the SSID is NOT the solution to wireless security.

The one entry, currently labeled “x y’s computer” I changed because the person actually named the wireless access point after themselves. I’m not quite sure why they did that, but I guess they are not at all worried about getting caught.

Though I am not posting the data of the secured wireless access points it is worth mention that I scanned a total 53 networks (unsecured and secured, including the printer servers, etc). This means there were 26 “secured” networks. Of those 26 I would say about half of them used WEP (though I didn’t record the exact data). What is the problem with WEP? Well anyone and their grandma can crack WEP encryption these days. It is almost as secure as having no password at all. Finally I would like to point out that one of them is labeled “Come to room 158 for password”. Talk about being obvious, and let me tell you… it was not hard to figure out what building that was coming from.

Overall I find it very interesting how many people don’t take the wireless policy very seriously. I must admit that I was, at one time, one of those people. I have since stopped, and do not plan on continuing. Even though I think the policy is silly I would rather not be “that nerd” who believes themselves above the AUP (acceptable use policy).


College Time Again

August 28, 2008

In case it hasn’t been obvious from previous posts I am back at college and the semester officially started this past Monday. This means I am back to homework, projects, presentations, studying, tests, club meetings and events. In past years this transition from summer time to back-to-school time has not been so difficult. However I have noticed a trend over the years that each year when I come back there is more responsibility for me to take on the second I arrive on campus.

I don’t mind being responsible for things. In fact I view it as a necessary aspect of life. The part that sometimes startles me is going from having very little responsibilty to very much responsibility. I think it would have been better if there was a way for me to have a gradual transition between the summer and the school year. Fortunately this will be the last year this is an issue, at least with respect to college, because I will hopefully graduate at the end of the year πŸ™‚ .

There are lots of great things about being at college. Such as being around the sorts of people that understand exactly what you are saying because they are studying the same things, or just the simple fact that you basically get to live with your friends. Sure, you can live in a neighbourhood close to your friends, but at college most of them are right next door or living with you. This is something I think I might miss once everything is over.

It still seems like a long year ahead of me, and I hope that I am just as ready and able to deal with the challenges of academia as ever. However, for the past 3 years I have noticed a steady increase in workload from year to year. I love a good challenge and I readily admit that I learn the most when I am being challenged. I also think that too much challenge simply creates stress, which then hinders the learning process. The balance between being properly challenged, and not getting overly stressed is quite difficult to maintain. Mostly because once you take on a certain level of responsibly it is easy to see how people depend upon you for certain things and it is hard to tell some one, or some organization that you will no longer be able to help.

I have always felt very strongly about honoring my commitments, and I hope to still be able to keep up with all of them this year. This is shaping up to be one of my toughest semesters of college yet. It is also my last year here, and I don’t want to lose touch with friends and family because of being overburdened with work. I think I am going to have to make a serious effort to cut down on the amount of work that I currently have by next semester. I don’t want my last semester of college to be a time where my schedule is so filled with work that I can’t take the time to hang out with friends or communicate with friends who have already graduated.

This entry is a bit different than my normal computer themed ones, but I haven’t been all too inspired to write about computers as of late. Mostly because I haven’t really been using them for things other than doing homework assignments and checking e-mail. I hope to write the next segment of my college wireless network situation soon. So stay posted to see the outcome of that. I may have other projects on the horizon as well because the fans in my computer PSU seem to be on their way out…

That’s all for now πŸ™‚ .


College Wireless Policy (Part 1)

August 23, 2008

Well, I am back on campus and I have had a bit of time to goof around before classes start. I came here early for marching band camp, which is why I have not had any posts in a little bit even though I have had some free time.

Our college has a very strict wireless policy, which is that you aren’t allowed to have your own wireless access point. Period. So, as a curious computer science student, I wondered how many people actually listened to this policy. I wrote myself a little perl script, which allowed me to simply walk around and it would poll (using iwlist scan) for wireless networks and then record them until I told it to stop. So once I had this all working and tested I spent about 15 minutes walking around picking up wireless signals. The results I found were more surprising than I had anticipated.

Here is a table of the unencrypted wireless networks I found:

#      Network Name                   Encryption
================================================
1      "04Z409107113"                 off
2      "alicia"                       off
3      "B2B"                          off
4      "B2B"                          off
5      "belkin54g"                    off
6      "CaptivePortalTemp"            off
7      "CaptivePortalTemp"            off
8      "CaptivePortalTemp"            off
9      "CaptivePortalTemp"            off
10     "CaptivePortalTemp"            off
11     "CaptivePortalTemp"            off
12     "hpsetup"                      off
13     "hpsetup"                      off
14     "linksys"                      off
15     "linksys"                      off
16     "linksys"                      off
17     "linksys"                      off
18     "<College_Name>"               off
19     "print server 053797"          off
20     "print server 075462"          off
21     "Rosa/Vazquez"                 off
22     "Wireless Network"             off
23     "Wireless"                     off

I know this table could look a little prettier, but its not for heavy anaylsis. For all of the networks that say “linksys” I made sure they were unique by using the MAC Address that turns up in the results of an ‘iwlist scan’ So it’s not just the same linksys network that was picked up 4 times πŸ˜‰ .

I am going to guess that the “CaptivePortalTemp” entries are not related to students at my college. Other than that the one entry I changed to say “<College_Name>” was where the person actually named their wireless network to the name of the college, which couldn’t make it any more obvious that they go to the college. The campus is located close to a residential area, but a lot of these networks I picked up way too far away to be from non-college residences. Another point of interest is the unsecured print servers… I’m sure it would be quite easy for anyone to connect to those and, at the very least, waste someone’s paper. However, it might even be possible to get access to someone’s computer (assuming the printer allows more than one computer to connect at once) through the printer. I would hope the software the printer is running wouldn’t allow that, but who knows.

I would argue that there are probably at least 10 wireless networks that students from my college have setup that are unencrypted networks. This is, I believe, exactly what the college was trying to avoid by putting the wireless network policy in place. I can’t say there is really an easy solution to this problem, but I think if the college was willing to allow a wireless network after they educated the student on how to lock it down we would have less of a security problem on our hands than we do now. The best thing might be if the college just put wireless in all of the residences, but that costs money which they may or may not have to spend.

There were some networks that appeared to be run by college students that were encrypted, which is at least better than the unencrypted ones, but it still violates the college policy on wireless networks. I would love to have a wireless network myself because it would be nice for my laptop and for my Wii, but alas I will have to hold back on that. Seeing so many networks makes me wonder if the college actually checks for them because really all you would need is any old laptop that can scan for wireless networks.

People always ask me how easy it would be to scan for wireless networks on campus, and I guess the answer is all you need is ~30 minutes to write a perl script and the time it takes to walk around campus. I will walk around again after everyone has moved in and see if the situation changes at all. It should be interesting to see how many addtional networks I can find. Hopefully I have not given enough data for my college to use this to go after the people with these wireless networks because that was not the point of me doing this. I feel the college has every right to track them down, but they can do this on their own, if they are truly serious about their stance on student run wireless networks πŸ™‚ .


Spheriosity and Ant Build Files

August 18, 2008

While I was on vacation a few weeks ago I decided that I wanted all of the code in Spheriosity to look pretty inside an 80 character emacs buffer. I started out coding it in Eclipse (reluctantly) because it was the only way I could get the Java3D stuff to compile and I didn’t have time to play around with getting it to work command line. I planned to still use Eclipse even after the 80 character conversion, but alas the code does not like right in Eclipse anymore. So I decided to bite the bullet and start coding in emacs again.

This meant that I had to have a way to build the code from the command line so, naturally, I turned to ant since that seems to be the ‘Java way’ to compile projects larger than Hello World. I have very mixed feelings about Ant which is most of the reason for my post. The XML configuration does not do much for me. I don’t like the way XML config files (especially the way Ant does it) look. They all seem to be too syntax heavy for what they are trying to do. Prior to using Ant I had used make, which now that I have used Ant, I like even more than I did before. The simplicity of make is enough in itself to make (no pun intended) me want to use it. I want this project to be open source, and easy to build so I needed to use Ant. After messing around with things I was able to get Ant to do what I want well enough, but it seemed a lot harder than it needed to be. Maybe it is just because I am not used to it *shrugs*

Another thing about Ant which upset me is how long it takes to simply start running a target. I have had it take up to a second or two just to run a target that deletes the built source code. I could have typed in the remove command in that amount of time (with the aid of tab completion). This may sound like a trivial matter… a few second here or there, what’s the big deal? Well, when I am testing either the build script itself or parts of the code those few seconds for each recompile or clean or whatever start to take up a substantial amount of time.

Maybe I am judging it prematurely. Only time will tell. I will continue to use it and perhaps it will grow on me πŸ™‚ .


The Wikipedia Game

August 15, 2008

Yesterday I was spending some time with my friends and one of them mentioned “The Wikipedia Game”. I had never heard of this before but found it quite interesting. I will try to explain the game, but bare with me.

  1. One person needs to think of a topic. Typically one that is less common.
  2. Everyone playing must go to that page and take a quick look at it.
  3. Now everyone needs to click the random page button
  4. The first person who finds their way back to the topic wins! You are only allowed to use links within the articles themselves in order to do this πŸ™‚ .

That is the entire game, but for some reason it is insanely addicting. The great thing is that all you need is a computer with a web browser, and 2 or more people to play. There is also a variation on this game where you try to get back to the original article using the least amount of links possible.

There is one downfall I might point out about this game. Once someone has an idea how to get to a really broad article on a topic it can become to easy. For instance, say you are finding an article for a video game. It is just about given that from any article you can get to a country. From there you can get to a list of countries. After that you can goto Japan, and then video games. Then from video games you can easily find your way to any video game related topic.

I think one way to make it more challenging would be to disallow the use of any “List of x” entires. You might want to only start playing it this way once you feel playing with the original rule set is to simple. I am rather glad I know about this game, and I hope I get the chance to play from time to time πŸ™‚ .

That’s all for now. I might not have time to write anything in the next few days as I will be moving back to college. This also means I won’t really be coding, which is where I get a lot of the ideas for my entires.


Pidgin’s Plaintext Passwords

August 11, 2008

This has actually bothered me for quite some time now (even back when pidgin was called GAIM). That is the simple fact that when you want to have pidgin save your login password it is saved: in an easy to access location, and in an unencrypted fashion. Here is the excerpt from my ~/.purple/accounts.xml file:

<account>
     <protocol>prpl-aim</protocol>
		<name>fake_account</name>
		<password>secret_password</password>

So I ask you, is this a good idea? Well I sure don’t think so. Yeah, you could argue that under the perfect scenario a person wouldn’t be able to view that file without the login information for the computer. However, how many times have you walked away from the computer and forgotten to lock the screen? It still happens to me from time to time, and I’m willing to bet it could happen to anyone. So, in less than a minute someone could have easily found that password in the config file.

The moral of the story here is that perhaps you shouldn’t have pidgin save your passwords. At least until they implement some level of encryption. Don’t get me wrong though, I love pidgin, and it is a great IM client πŸ™‚ .


Cleaning Dust From my Laptop

August 10, 2008

About a week ago I noticed that my laptop was running hotter than normal. I don’t go out of my way to monitor this, but I do run gkrellm which constantly shows me the temperature. I have a Dell Inspiron 600m it’s an older laptop, but it suits my needs very well. When I first got the laptop I had problems with it overheating. It would easily get to ~70C at full load and especially when playing a game such as WoW and WarCraft III. It has a Pentium M and according to Intel the maximum temperature for the Pentium M is 100C, but the BIOS throttled back the CPU at 70C as a protective measure. Believe it or not… this was not conducive to playing games or compiling your operating system (yay Gentoo πŸ™‚ ).

My short term solution to the problem was that I purchased a laptop cooling pad. This is basically a base that you place the laptop on which uses a USB port to run some fans under the laptop. This cooled it down well enough that I could compile and play WoW without many troubles. However, I didn’t want to carry that dang thing around with me wherever I went! So eventually I opened it up and wet sanded the heatsink. This smoothed out the surface and allowed for better heat transfer. I also applied some Arctic Silver V which is, IMO, the best thermal paste there is. This dramatically helped it to cool and it no longer goes above 60C with ambient air temperatures of ~21C (at full load).

So I was starting to see ~65C temps and I figured something was up. When I took off the heatsink this is what I saw:

Dusty heatsink

dusty heatsink

Dusty main fan

dusty main fan

This is what I believe to be the number run reasons laptops start to overheat after time. This level of dust is actually quite small compared to some computers I have taken appart in the past, but even that small amount of dust was able to raise the temperature by 5C.

The moral of the story here is that fans like to be clean and dust free. They will run much more effectively without dust, and so if it is possible to clean them out it is in your interest to do so. I took apart my laptop more to illustrate a point than anything. It would have been just about as effective if I shot some compressed air in the ventilation ports. The only potential issue with that is that you can push dust further into the laptop. This can potentially be bad for two reasons:

  1. The dust will just end up being pulled right back into the fan.
  2. The dust will land on other parts, such as the potentially the hard drive. This could act as an insulator to the heat and allow the hard drive or other components to run hotter than they normally would be. However, this would probably only happen after a long period of time, or under extreme conditions.

In case I wasn’t clear, I just used compressed air to blow the dust off. I happen to have access to an air compressor, but the compressed air you buy in cans is easily as effective. If you are going to take everything apart make sure you are comfortable with what you are doing and find a good set of instructions BEFORE you take it apart! Things like taking off the heatsink, can be bad if you let dust get on the thermal paste without reapplying it.


Is C++ an Elitist Language?

August 9, 2008

Recently I made a post about some things in Java that I find to be a bit of an issue. The artcle was reposted on Javalobby and it started an interesting discussion in the comments section. Among other things, one comment in particular struck me as disconcerting:

When you use a language you should ask yourself what is the feeling of it. C++ is an elitist language with strong roots in the procedural C (that should compile in C++), and a big focus on performance. JavaΒ  is a full Object Oriented langage inspired mainly by C++ and smalltalk, which was for a long time pretty slow, and focus on writing big maintainable programs via simplicity and strong typing. ( A comment by Raphael_Lemaire @ http://java.dzone.com/articles/sometimes-java-makes-me-sad )

Specifically the part about C++ being elitist. Now, I love C++, so of course I am biased. However, I never thought of it as being elitist. The funny thing is that the syntax of C++ is very close to that of Java, does that mean Java is elitist? As far as I see it the real difference is that Java: offers you loads of libraries, memory management, and it allows the coder to not have to think about pointers. Lets look at each of these issues.

The first issue, of libraries, I don’t really consider much of an issue. Especially if you use open source libraries there are hundreds of libraries which are readily available. Certainly the Java libraries are nice, and most, if not all, are guaranteed to be cross platform. However, many of the C++ ones are as well so I also consider that argument to be a moot point. The fact that you have to compile them for eachΒ  different platform can be a problem at times, but I consider it a minor problem especially given the speed of modern computers.

The second issue of memory management is something that goes to Java’s favor. I think, however, that it is a minor issue in the scheme of things. Once you understand the basic idea of memory management, and as long as you use a good programming style which favors allocating and freeing memory in the same place, this isn’t as big of a deal. I have written that you can leak memory in Java too, so Java is not free of this nuisance either! Therefore Java coders who think that are impervious to problems with memory are just kidding themselves.

Third is the fact that in Java you don’t deal with pointers. Or, rather, you don’t have to think about them even though you deal with them all the time. This is more personal opinion than anything, but I never found pointers to be that difficult of a thing to deal with. Once you get an understanding of them it’s really a trivial matter. I know that some people make a fuss because you have to always be thinking ‘is this a pointer to an object, or the object’, but that consideration has never slowed me down. You make note of it once and then it stays the same throughout.

So what is it about C++ that makes it elitist? Is it the people that write code so convoluted that only an experienced pro can read it? I think this could be a big part of it. No matter what language you use people can always write unnecessarily confusing code. Languages like Java try to help prevent this, but I’m sure it can still be done. Having access to pointers can lead to code that is difficult to read, but I think the problem there has more to do with the coders than the language. Programmers should be wise enough to write readable code, and not blame the language.

Do you blame English when you can’t spell a word? I mean… silent letters, what is up with that? No, you probably blame yourself for not having put in enough time to learn the proper spelling. So why should we blame C++ for people that write obfuscated code? At the end of the day it all comes down to the coder, and whether they want to write good code or not.

The bottom line is that I don’t consider C++ an elitist language,Β  but rather a language that with some extra consideration can be just as easy to code in as Java.


General Update

August 9, 2008

Well, I am back from vacation and hopefully I will be updating more regularly than normal. I had a good time on vacation and have a few different topics to write about. Hopefully I was get to those sometime later today :).

That’s it for now!


How I Shortened the ‘iwlist scan’ Output

August 4, 2008

Edit [03-04-2012]: I had a request (see comments) to include the channel and frequency. I added them, but unfortunately, I didn’t see a way toΒ  make the script output be 80 characters wide like the original. So, here are the two versions:

Additionally, now that I have looked at the code for the first time in a while, I must apologize for how poorly it is written :). After seeing what a mess I made the first time, I think I’d like to take a stab at cleaning it up and improving it a bit. So, hopefully, I’ll be able to write a more refined version in the coming months.

Edit [09-09-2012]: Updated link to script.

Edit [02-11-2009]: Updated the script to fix a small parsing bug.

In the past few years I have noticed that Linux has come a LONG way in support for wireless cards. I no longer read long stories about how 5 hours and 2 kernel patches later someone finally got their wireless card working.

In fact, I distinctly remember my first experience trying to get my wireless card to connect to a WPA network. It was my freshman year at college, and I spent almost an entire weekend digging through documentation, forum posts, config files, and google search results trying to get my laptop on the campus network through wireless. When all was said and done all I had was a script which was a simple bash script that ran all the commands I needed to connect. It had to be run as root (didn’t know about sudo) and it was a real hack. 3 and 1/2 years later and I simply boot up my laptop and it connects to any network I have predefined in my wpa_supplicant.conf file. I can walk around and it will automatically connect to new network, restores lost connections, etc.

One thing has always been a bit of a bother to me however. That is that the output of ‘iwlist scan‘ is quite lengthy. I can’t ever fit more than 2 wireless networks on a screen (unless I make my terminal super long)! Here is some sample output (MAC Address and actual network name hidden):

Cell 01 - Address: 00:00:00:00:00:00
   ESSID:"sample-network"
   Protocol:IEEE 802.11bg
   Mode:Master
   Frequency:2.462 GHz (Channel 11)
   Encryption key:on
   Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 6 Mb/s; 9 Mb/s
             11 Mb/s; 12 Mb/s; 18 Mb/s; 24 Mb/s; 36 Mb/s
            48 Mb/s; 54 Mb/s
   Quality=33/100  Signal level=-80 dBm
   IE: WPA Version 1
        Group Cipher : CCMP
        Pairwise Ciphers (1) : CCMP
        Authentication Suites (1) : PSK
      Extra: Last beacon: 36ms ago

I am not trying to start a flame war with the writers of iwlist. I think they have a very great tool, but sometimes I just want to know what networks are available in a simple form of output. So, since I had a bit of free time I decided to write a simple little perl script to grab the output of ‘iwlist’ and contort it until I got following output:

+ --- + ---------------------- + ------- + -------- + --- + ------ + --------- +
| #   | Name                   | Quality | Sig Lvl  | Enc | Enc T. | Auth T.   |
+ --- + ---------------------- + ------- + -------- + --- + ------ + --------- +
| 1   | "network 1"            | 39/100  | -77 dBm  | off | WEP    | N/A       |
+ --- + ---------------------- + ------- + -------- + --- + ------ + --------- +
| 2   | "network 2"            | 100/100 + -30 dBm  | on  | WPA v1 | PSK       |
+ --- + ---------------------- + ------- + -------- + --- + ------ + --------- +
.
.
.
etc

So simply running my script will produce that nice, little, easy to read, fits-inside-an-80-character-terminal output. I am not entirely proud of all the perl code I used to write the script, but it works for what it does. I’m sure a true perl expert (which I am anything but) could have written it in under 10 lines, but hey, no one is perfect ;).

I often find myself torn when writing a short little utility script like this. I want to write good code, but I don’t want to spend all day writing a simple little script. I already took shortcuts in the form of using global variables, but I use function calls that only have one line of code in them. In retrospect I think it would have been smarter to just not worry about the functions, but it would take time to go convert it back to be functionless :-P. I will just have to live with the code for now, and be happy that it does what it does.

As another feature of the script it will give you the full output of a single network from the full ‘iwlist scan‘ output if you just specify the number of the network as a command line argument :).

Here is a link to the script, if you are interested: wiscan.pl I had to post it as a .html file because apparently my school does not allow you to have perl files accessible from their apache server. No worries though. Some day I will have my own little web setup which I will manage and then I won’t have to worry about things like this πŸ™‚

Anyway, hopefully this perl script will come in handy for one or two people or, at the very least, give the perl guru’s something to make fun of :). That’s all for now!

Sidenote: Since it’s so short I didn’t bother to put it under the GPL, but come on… it’s a small perl script for an open source utility. Obviously for this script to work you must have iwlist on your system, and perl installed πŸ™‚