Brandt Krueger

Freelance Technical Meeting and Event Production, Education, Speaking, and Consulting. Geek Dad, Husband

Consultant, Meeting and Event Technology
Owner, Event Technology Consulting
Instructor, Event Leadership Institute
Cohost, #EventIcons - Where the icons of the event industry meet

Filtering by Category: Networking (Hardware)

Achievement Unlocked - Made it on TWiT

Well, there's one to check off the bucket list. Last week I had the opportunity to be on the TWiT (This Week in Tech) network as part of the "Call for Help" section of their show The New ScreenSavers.

Left: Fr. Robert Ballecer, SJ  Right: Leo Laporte  Center: A strangely orange and typically shiny me

The show was prerecorded in advance of the US Thanksgiving holiday and released on November 28th, 2015. On this episode, host Leo Laporte was joined by Father Robert Ballecer, SJ, a specialist in enterprise technology, and a Jesuit priest. How's that for a combo for ya?

I originally reached out to the network during my recent unsuccessful bid to get elected to the Richfield School Board, hoping to get their insights on technology in our schools. While I had a strong suspicion they'd be in favor of Chromebooks over iPads or Windows laptops, I was curious to get their take, as well as their thoughts on lower income families who might not have access to the Internet at home.

Why it was a big bleeping deal for me...

Being on the show was a complete fanboy experience for me, and I was incredibly nervous. You see, there's a direct connection between my discovering The Screen Savers (hosted by Leo Laporte, and featuring the original "Call for Help" segment) on the short-lived cable television network TechTV circa 2002, and my life today. At the time, the programming was just interesting to me- geeks talking about geek stuff, a little bit of hacking, and a lot of basic computer repair. Stuff that's proven extremely valuable to me in my life as a technology guy ever since. Not long after I discovered the network, it began to disintegrate. There just wasn't enough mainstream demand for such focused, geeky content.

Fast forward about 5 years or so: I'm married and have a beautiful daughter. One day while surfing the net I discover that Leo's been making a new show called This Week in Tech- but it wasn't on TV, it was something called a "podcast", and you could download it and listen (or watch it) through iTunes. My world opened up in a way I wouldn't have thought possible

Being a new parent, there wasn't a lot of time to sit around watching TV, much less reading a book. Through podcasting, I could keep up on all the technology news I could handle, all the while bouncing a baby, mowing the lawn, shoveling the walk, doing the dishes... Through the podcast world I learned of Audible, and started listening to audiobooks. I don't think I'd read more than a couple books for leisure in the previous 10 years, now I was devouring them at a rate of one a month. We had another daughter, and I began blogging about my experiences as a GeekDad. Some of the articles still survive at the very beginning of this blog.

Listening to podcasts, I discovered Twitter. Within weeks of being on Twitter I started to meet event industry folks that remain my friends to this day. I started going to conferences and meetups, and eventually started speaking publicly. From there I began recording classes at the Event Leadership Institute, which in turn led me to doing more public speaking at conferences, as well as my all day intensive classes on technical production. I met even more meeting and event people, and the next thing I knew I was a co-hosting a podcast myself. Lindsey Rosenthal, Tahira Endean, and I produced a year of weekly industry podcasts called The Event Alley Show. When that came to a halt, I was approached by BizBash to host a new podcast, GatherGeeks.

I've often said that my biggest professional regret was not getting involved in the industry earlier. Basically I lived in my own little company bubble for 15 years. When I started to get out and meet all the fantastic meeting and event people from all over the world, my universe began to change. I went from liking what I do, to loving what I do, and I started my own company.

And if I hadn't stumbled upon Leo Laporte, The Screen Savers, and TWiT, none of that would have happened.


Links:

The New Screen Savers Episode 30

GatherGeeks- A Podcast by BizBash

The Event Alley Show

Serious Vulnerability Discovered in Popular Hotel/Venue WiFi Router

It doesn't have a sexy name like HeartBleed, RowHammer, or even POODLE, but security company Cylance announced last week that it had discovered an incredibly serious vulnerability in the ANTLabs InnGate Internet gateway device. If you’re a frequent traveler, as many event professionals are, chances are you’ve been connected to one of these devices. They’re popular with hotels, convention centers, and other places where temporary internet access is offered, chiefly because they offer the ability to tie the billing for that access to a specific room number or account. Some of the other features of the device includes express checkout and viewing of guest folio charges.

 Photo: ANTLabs

Photo: ANTLabs

The vulnerability, which offers a “complete compromise of the vulnerable system” is apparently trivial to exploit, allowing relatively unsophisticated attackers to gather any and all plain text communication sent through the device, including unencrypted websites (no locky-lock on the web address, no https), and virtually all email sent through email applications such as Outlook. More advanced attackers would have “seemingly no limit to what they could do” including potentially intercepting even HTTPS encrypted web pages (like banks or Gmail), stealing usernames and passwords, adding malware to software downloads, or much, much worse.

Put simply, when we’re connected to a hotel or venue WiFi, literally every bit of information we send and receive is going through their infrastructure. What happens when that infrastructure can be compromised at it’s very basic levels? Anything an attacker wants.

More than just sniffing your Internet

This particular exploit isn’t just limited to hotel guests Internet browsing, however. One of the selling points of the InnGate is that it can connect to a location’s PMS (Property Management System). A PMS can contain a tremendous amount of data including guest bookings and information, on-property sales, sales and marketing information- even HR and payroll, depending on the system. What’s even scarier, is that a PMS can in turn connect to other systems, such as “central reservation systems and revenue or yield management systems, front office, back office, point of sale, door-locking, housekeeping optimization, pay-TV, energy management, payment card authorization and channel management systems.” (Source:Wikipedia) Likewise, according to Cylance, if that PMS controls multiple locations, the attackers “could potentially leverage that access to infect the other branches of an organization.”

Scared the bejeebers out of you? It probably should. This one was pretty bad. Over 270 instances of this particular device were publicly accessible, and exploitable, via the Internet. The hotels and venues involved ran the gamut, and were not restricted to any brand, star rating, or price, and were spread out all over the world. They also ranged from “places we’ve never heard of to places that cost more per night than most apartments cost to rent for a month”, according to Cylance.

One can’t read about this exploit and not think back to a few months ago when Kaspersky revealed that high-end business travelers had been targeted for years by a group that it dubbed DarkHotel. There was plenty of evidence that the group had state-level tools at their disposal, but this new exploit has some wondering if perhaps it’s been much easier to target and attack hotel guests than anyone previously thought.

The good news is that ANTLabs immediately leapt into action as soon as the vulnerability was reported to them, getting a patch ready and releasing it in just over a month. Cylance noted that it’s “not often that vulnerability reporting goes smoothly and ultimately resulted in a timely patch from the vendor.” Cylance is also working to notify the hotels and venues that it identified as being vulnerable.

So what do we do?

I’ve been telling people for some time now that the vast majority of hotel WiFi networks are not secured properly, referring to the fact that the network itself doesn’t have a password. Sadly, I had no idea that this level of attack was even possible. When you can infiltrate a gateway device this deeply, it’s pretty scary. There are a few things we can all do to help make the bad guy’s jobs more difficult, though:

Hotels and Venues:

  • Make sure your network devices are checked regularly to see if there are any updates available, and if you use ANTLabs InnGates, FOR THE LOVE OF GOD GO MAKE SURE THEY GET UPDATED RIGHT FLIPPING NOW.
  • Secure your WiFi routers with a password. Yes it wouldn’t have helped in this case, but that doesn’t mean you shouldn’t do it. And you should.
  • Of course, you could also make WiFI free, in which case a lot of this integration with PMSs would no longer be necessary, and things would be, more or less, just as secure as our personal and business WiFi routers. Or at least less of a target. Just sayin'.

Individual guests:

  • Don’t do anything on public/hotel/venue WiFi that you wouldn’t want the ENTIRE WORLD to know. While HTTPS connections to banks, Gmail, and other encrypted sites should be safe, this exploit shows that might not necessarily be the case. While we all have to use these networks from time to time, try to restrict your traffic to as few sites as possible, and to avoid anything relating to financial data, company secrets, or other, er… sites… that you might not… er… want folks to find out you visit.
  • If at all possible, when on these networks, use a VPN. A VPN is a Virtual Private Network, and it acts like a secure, encrypted tunnel for your Internet access. The reason this type of vulnerability works is because it’s intercepting your traffic right there in the hotel as you surf around the net. With a VPN, your data goes through the encrypted data tunnel to your office, or other location, before it goes out onto the Internet- so all the venue WiFi sees is noise.

Stay safe out there people…

References:
Cylance - http://blog.cylance.com/spear-team-cve-2015-0932
DarkHotel - http://www.wired.com/2014/11/darkhotel-malware/
WikiPedia PMS - http://en.wikipedia.org/wiki/Property_management_system
ANTLabs InnGate - http://www.antlabs.com/index.php?option=com_content&view=article&id=69&Itemid=88
ANTLabs InnGate Patch - http://www.antlabs.com/index.php?option=com_content&view=article&id=195:rsync-remote-file-system-access-vulnerability-cve-2015-0932&catid=54:advisories&Itemid=133

Special thanks to Steve Gibson for reporting on this on his Security Now netcast:
http://twit.tv/show/security-now/501

The Marriott WiFi Kerfuffle: A Deep Dive

Marriott International has been in the news a lot in the last few months, specifically in regards to whether or not it has the right to block personal Wi-Fi devices on its properties.  Many think the matter has been resolved, with Marriott “caving in” to consumer backlash and criticism from the likes of Microsoft and Google.  But this story is far from over if you go a little deeper, and isn’t nearly as cut and dry as some sensationalist headlines and Tweets may have led you to believe.

Read More

WiFi Security Alert- "WiFi Protected Setup" Security Flaw

The Dlink DIR 601 Wireless Router: One of the millions of routers with WiFi Protected Setup This is a legitimate and serious security alert regarding WiFi access.  Apartment-dwellers, businesses in strip malls, hotels, and convention centers all should be advised.  Basically if your WiFi signal reaches to a point where someone could park for a while (less than 24 hours), you are likely vulnerable to having someone hack into your WiFi network, even if it is secured.  This could be, for example, an apartment next door, a lounge in your building, a nearby parking lot, or a car parked on the street if your signal reaches that far.

As usual, making things simple makes them less secure. There is a convenient "feature" of almost all WiFi access points built in the last few years that allows you to connect a device to your network (such as a Windows 7 computer, a cell phone, a printer, etc.) by pressing a button or clicking a dialog box and then entering a short 8 digit pin stamped on a label on the WiFi device.  This is known as "WiFi Protected Setup".

It turns out that the pin can be cracked and give a hacker access to your network in less than 24 hours (sometimes only a couple of hours) of brute force attacking because of a really stupid way that the password is sent/received between the two devices.  Once unencrypted access to your network is gained, the attacker can (at best) use your internet connection and (at worst) sit quietly and watch all of your internet traffic.

If you're comfortable configuring your wireless router, poke around in the settings and look for something called "WiFi protected setup".

THIS IS ENABLED BY DEFAULT.  If you uncheck this "feature" you should be protected from this type of attack until your manufacturer can push out an update.  Check your WiFi router's manufacturer's website frequently over the next couple months to look for an update for your device.

If you want to learn about this in great detail, I highly recommend this podcast, Security Now! with Steve Gibson and Leo Laporte:

http://twit.tv/show/security-now/335

For more general info, just search for "wifi protected setup flaw" on your search engine of choice.

Please feel free to pass this on to anyone you may know with WiFi access points in their home or office.