Analyzing the 1000 Most Common Wi-Fi Network Names

Wi-Fi SSID

I recently came across a list of the 1000 most commonly used SSID’s and thought it would be fun take a quick look at it. If you didn’t already know, SSID is the technical term for the name of your wireless network.

Here are some of the most interesting things I gleaned from the list. The percentages below represent how often the SSID shows up in the total list of SSID names survey, not just the top 1000 SSID’s.

  1. No name, or a hidden name, is really popular. Over 2.3% of the SSID’s examined had no name, a hidden name, or something similar.
  2. Routers that come with a predefined network are popular. AT&T’s Uverse routers are a good example and come with a pre-defined wireless network that includes a name like “2WIRE199”.
  3. Netgear also sells routers that come with predefined network names. “NETGEAR00” through “NETGEAR99” are all names that make it into the top 1000.
  4. “default” (0.6%) and “home” (0.3%) are used quite commonly
  5. Hotels, such as “Marriott_Guest” (0.01%), “Hyatt” (0.01%), “hhonors” (0.06%), and “laQuinta” (0.01%) make the top 1000.
  6. Among SSID’s named after people, “Alex”, “David”, “Mike”, and “John” lead the way.
  7. My personal favorites from the top 1000: “pretty fly for a wifi”, “skynet”. “boobs” was not in the top 1000, sadly.

Why You Shouldn’t Be Using a Common SSID

If I can find a list of the 1000 most commonly used network names then I know that the bad guys can too. Most of the time people allow network names to be broadcasted from the router, but a higher-security option is to not broadcast the name and require that users connecting be able to specify the network’s name and key. If you don’t broadcast your SSID then you certainly wouldn’t want to compromise that bit of security by using a frequently used SSID.

Now, let’s talk about Uverse for a second. People know how Uverse routers are setup generally. They know the number of characters in the network key and the character-set. Knowing these details makes it fairly easy to brute-force guess the network key. I believe that Uverse routers use only numeric characters in the network key… how much simpler could it get? If you use Uverse at home then you should immediately change your SSID and network key away from the defaults. It’s not hard to do and will greatly increase your security at home.

Photo Credit: woodleywonderworks via Compfight cc

Looking Under the Hood of Privacy Statements

Privacy Statements

Do you remember how it felt the first time you bought a car? Do you recall the excitement of just looking? Do you remember when you first saw the one you just had to have? You loved the color. You loved the style. You loved the interior. And you especially loved the audio system!

If you are a parent, you probably don’t get that excited any more … about cars that is. The truth is that you almost certainly do feel that same way when you see something new from the field of technology, whether it is the latest in computers, mobile devices, or TVs. We can’t stand the idea of not having the latest-greatest-up-to-datest device or deal, even though it will be virtually obsolete before we get it home. Now do you remember the feeling? Of course you do. It’s just directed at different objects than it was before.

Now that you recall the feeling, do you also recall what your father said to you while you were in your original automobile ecstasy? I remember it as clear as if it were yesterday: “Don’t forget to look under the hood.” Not that I knew what I was looking at, but it sure did scare some salesmen. The practice also kept me from buying cars that I would have been a sucker for otherwise.

If you thought that this article was about internet security, you are right. I’m here to warn you to take heed to your father’s advice – “Don’t forget to look under the hood.”

With the proliferation of mobile devices, smartphones and smart TVs, and “the cloud,” our senses are being flooded with a plethora of things that we think we need because they provide more entertainment experiences, connectivity, and ability to do things like we have never been able to do before. But what do we know about how all this new technology is invading our privacy? Better look under the hood.

Asking a vendor about security, whether you are about to buy a product or a service, will always get you exactly the same thing that every waitress tells you when you ask if the restaurant makes a good hamburger: “It’s awesome!” Unfortunately, the waitress sometimes can’t tell hamburger from humbug. Did you really expect her to say, “Not so good?”

Visit any internet service site and you will see a statement that says that they would like to collect your user information in order to serve you better. You start to wonder if that could be a problem, but the site directs you to their privacy statement, and now you feel comfortable. That’s about as useful as the car salesman offering to throw in a set of floor mats. And, oh, by the way, if you are buying a product or service in person and you ask about the privacy and security of your personal information, what do you think they’re going to tell you? You are talking to a SALES person, not an internet security specialist!

Do you really believe that your information is safe in a cloud that you can’t even see? That is accessible by everyone else on the planet, including some rather nefarious individuals and the NSA? You may even think that GPS is pretty cool. I personally don’t want to have everyplace I go and everything I do, physical or cyber, tracked and saved for future information. Do you really want strangers to know your purchasing habits or viewing choices? Or your children’s? Think of the Security Policy statement as the hood. Lift it up. Examine what it really says, and think about what this latest-greatest thing has the potential to expose about your personal life and your family’s personal life, to anyone with a corrupt mind and a keyboard. Know what you are really getting into. The life and the identity you save may be your own. Or your family’s.

How to Keep Your Children Safe Online

The Internet is an information playground. All we need is a click or two here and there to get any information we need. But it is more than just a source of information.  It is an open source of information.  The information is out there where anyone who wants to can access anything they want to at any time they want to.  That is precisely why the internet can be dangerous, especially for your children. Without proper guidance and supervision, they can be exposed to all forms of online danger.

The Growing Problem of Child Identity Theft

Over the years, there has been a significant increase in the number of children who have fallen prey to online predators. We don’t have to be shown studies; we only need to watch the news. There’s always news about a teen or two committing suicide because of cyber bullies, or children being victimized by sexual predators. What’s just as alarming, however, is the increase in child identity theft.

Identity theft is an issue we usually associate with people who have fat bank accounts and high-paying jobs. Many fail to realize, though, that children are prime targets for identity theft because it is easy to obtain their Social Security numbers without being detected for months (and even years). Children use their iPads, mobile phones and other digital devices so frequently that it makes them easy prey for thieves trying to access and use their personal information. According to a recent report, the incidence of child identity theft is now 51 times higher than that of adults.

The heart of the matter is “What can you, as a parent, do to protect your children?”

Protecting Your Children Online

One of your primary responsibilities is to keep your children out of harm’s way. You would do anything and everything necessary to make sure that your child is safe in all situations. Here are things that you can do to safeguard your child’s safety online.

  • Know what personal information your children have with them. Guide your children until they become familiar with every detail. Then make sure that you keep that personal information in a safe place. The best way to secure personal information is to memorize it. Both you and your children should know their personal information by heart.
  • Constant reminders will help. Continually remind your child about the dangers of giving personal information to strangers. Train your child to give personal information only to people both of you know personally.
  • Social network and download warnings. Warn your children of the dangers of posting personal information (especially their Social Security number, contact information and location) on social networks like Facebook and Twitter. Online file sharing (like music) and downloading of free games can also post dangers because of embedded malware used to grab private information.
  • In school: Be aware of how your child’s personal information is used. Talk to the principal and your children’s teachers. Ask them how, and for what purposes, students’ personal information is used. Who has access to those files?  How does the school maintained and disposed of their files? When you ask these questions, be wise enough not to accept answers like “Only their teacher sees their information.”  Be persistent.  Also, do not attach personal data like Social Security numbers to school forms unless absolutely necessary.
  • Be aware of your child’s online activities. This doesn’t mean you need to spy on your child! Just be sure that you get involved with whatever it is that he or she does online. Ask about online activities or updates about his or her Facebook or Twitter friends. Tell your children about online privacy, the need to have strong usernames and passwords, and the problems with spam, malware and inappropriate content. Encourage your children to be open with you, especially when there are suspicious messages or content in their email or social networking accounts. Illustrate using specific examples to help your children understand better.
  • Implement strict rules. Compose a list of rules that your children have to follow. Set a specific number of hours for online usage. Enumerate sites to which they are allowed to go. You might list examples of suspicious messages and content. You should also consider blocking some websites. Your list of rules should be posted somewhere near the computers your children use.
  • Use software or tools you have installed on your computer. Both PC and Mac computers have built-in tools that can protect your children when they are online. In PCs, you can enable “Family Safety.” Depending on your operating system, go to Control Panel and click Family Safety (Windows 8). For Macs, you can use “Parental Controls” (go to System Preferences and click Accounts).
  • Set an example to follow. Practice what you preach. They are watching you, and they will more likely do what you say, when they know that you do what you say.

Keeping your child safe online requires a lot of resolve and persistence. This shouldn’t be a problem for any caring parent. Prevent your children’s futures from going down the drain. Start protecting them now.

Safe Online Shopping for the 2013 Holiday Season

Safe Online Shopping

With Thanksgiving, Black Friday and Cyber Monday just around the corner, it is safe to say that the holiday shopping craze is about to begin. While thousands will be rushing to line up outside stores in the wee hours of the morning, millions more will choose to stay at home and do their shopping online.

Online holiday shopping is definitely a more convenient option, because you won’t be crushed by mobs of shoppers at the mall. It does, however, pose some risks of its own, especially in terms of online safety. Scammers and online predators prepare for the holidays by devising schemes intended to drain your pockets – sometimes, for life. It is important for you to know how to protect yourself from these online predators.

Keeping Safe While Shopping Online

How do online predators attack cyber-shoppers? Basically, scam artists steal or hijack your personal information by “phishing.” When they succeed, they are able to access your log in information. Potentially, all of your online accounts could be compromised. They may also send spam messages to your email inbox, enticing you to click on links that connect you to an alluring, but bogus, website. Any personal information that you provide on that site will be used to empty your back account, or max out your credit cards in an instant.

To ensure you are not a victim of online scams, always follow these important guidelines:

  • Protect your computer or mobile device by installing anti-virus software, anti-spyware and/ or a spam filter. Make sure that your firewall is activated and secured.
  • Don’t click anything sent to you by email unless you expected that message. Do not click on links that come from unfamiliar sources and that lead to unknown websites.
  • Look for misspelled words in emails or website addresses. Take note of the website address and see if it has a proper URL extension. For instance, phishers can lure you to click www.paypa1.com instead of www.paypal.com. See the difference between the two URLs? The first one is not legit because it’s misspelled. It has a “1” instead of an “l.”
  • Do not click on the link.  Type the address into your browser manually to make sure that it is not a compromised site
  • Go to websites with an https padlock; not those with an http. An https on the address means that the site is encrypted, protected and safe to visit. Also, a website should have a validation from a Certificate Authority. If your computer or device has a first-class anti-virus software, it will detect websites that are not validated. The browser usually turns green if the site is secure.
  • Shop only on websites that you trust. Contact the Better Business Bureau (BBB) to check on the reliability and safety of online shopping sites. Trusted sites have the BBB Trustmark seal. Make sure that the seal is updated and valid by clicking on it. Additionally, you should also take time to read the privacy policy of every website you enter. Go for online shopping sites that have been trusted for years, like Amazon or eBay, and websites of your favorite brick-and-mortar stores.
  • Do not allow yourself to fall prey to offers that are “too good to be true.”  If you find designer clothes or brand new iPads offered way lower than the retail price (like 80% off), do not immediately jump on the deal. Chances are this is a scam. This is one of the many ways spammers spread their “disease” online. Use common sense.  The only free lunch is a turkey sandwich in which you are the turkey.
  • Do not use one password for all your online accounts, including your emails and social networks. Choose a different password when registering with an online retailer – not the one that you use for your email or, especially, your bank account.
  • Use a credit card or a prepaid card. Online purchases with a credit card are protected by the Fair Credit Billing Act. You’ll get protection in case of stolen personal information and unverified use of your card. Credit card providers are also vigilant in terms of detecting suspicious activities. Likewise, prepaid cards offer a similar level of anti-fraud protection. Aside from helping you stick to your personal budget, you’ll also get protection from identity thieves and scammers.
  • Get to know your rights as an online buyer. There are laws regarding maximum shipping time, cancellation of orders and refunds.

Keeping yourself protected while doing online holiday shopping is easier, if you are well-informed. Read online safety blogs and visit tech websites. Use common sense and stay alert. Happy Holidays!

 

New Ghost Path VPN Client Version Just Released

Ghost Path VPN Client

The latest version of the Ghost Path VPN client has just been released. We recommend all Ghosts download and install the new version as soon as possible.

Here are just a few of the changes / enhancements in this latest release:

  • Improved handing of OpenVPN connection time-outs
  • Leak protection can now be disabled without requiring a program restart
  • Fixed issue that caused active previous instances of OpenVPN to go undetected
  • Improved OpenVPN logging in-client
  • Fixed bug that caused issues when using ‘Launch at startup’ feature with ‘Connect at startup’ feature.
  • Mac OS X: Fixed bug that prevented ‘Launch at startup’ feature from working.
  • Windows: Resolved an issue that caused problems with TAP drivers
  • Fixed bug that caused some authentication failures to go undetected.
  • Enforce OpenVPN 64 remote address limit when building a VPN session’s IP list.

As always, contact support if you run into any problems at all.

How to Avoid Identity Theft Scams Arising from Obamacare

Obamacare Identity Theft

If you’re preparing to sign up for Obamacare then chances are you are having doubts about how your private information is being handled on the website. There are several scams that have cropped up targeting the general public switching to the new mandatory healthcare plan. Today we’re talking about some of the new scams and how you can avoid falling victim to them.

Obamacare, AKA the Affordable Care Act, is a plan to get all Americans covered by a healthcare insurance plan of their choice by January 2014. Signing up requires you to access healthcare.gov in order to give vital information such as your name, social security number and location so that you get access to the plans available for you.

The website’s Terms and Conditions page has an assurance regarding the safety of information that you submit. However, there is a disclaimer that isn’t included in this page which states that

“You have no reasonable expectation of privacy regarding any communication or data transiting or stored on this information system.”

This effectively protects and absolves the government of any responsibility in case your information lands in the hands of bad guys such as identity thieves.

Let’s look at some of the ways in which you can have your identity and personal information compromised:

Phishing Scams

Phishing scams are used by identity thieves who take advantage of misspellings and less than careful people wanting to access the healthcare.gov website to sign up for Obamacare. Let’s say you forgot the letter ‘l’ in healthcare. You’re probably still going to access a website; however, chances are that the site you’ll land on will be a scammer site that will look as legitimate as the original healthcare.gov site. Once you enter your information in this kind of site, it gets sent to identity thieves who will then use your information to access your credit cards, bank accounts and income reports.

Calls, Home Visits and Emails about a Healthcare Insurance Card

There are no insurance cards when it comes to Obamacare. However, most people don’t know this. Insurance cards were common under the previous Medicare plan. You might receive a call, email or a house visit from someone asking you to provide your social security number so you can get your insurance card. Please ignore or report such individuals and do not give them any personal information.

Scammers Posing as Advisers

There’s a general feeling of confusion when it comes to Obamacare; most people have no idea where they are going to get more information regarding the plan. As a result, there are lots of nonprofits stationed around malls and community lots to educate the public. However, not all of these groups are legit; some of them are posing as advisers simply because they want to manipulate you into giving them your bank account information, tax details or social security number for malicious purposes.

The general rule of thumb is to not speak to anyone regarding your choice of insurance package, and to be doubtful and suspicious of anyone who seems too eager to help you out when it comes to picking your Obamacare package.

Staying Safe While Signing Up

Here are a few tips that might help you avoid identity theft when signing up for Obamacare:

1. The main website has an “s’” at the end of the http prefix. This is something that you should ensure always exists for you safety. There’s also a padlock sign at the beginning of the address signaling that the website’s security has been verified by appropriate web security firms.

2. If someone threatens you with a fine if you refuse to give information or don’t sign up for a particular plan, run the other way. This is because these fines will be assessed and applied according to your tax returns next year; they’re not instant fines.

3. Keep an eye on your bank account, credit card spending and other information if you suspect that your identity has been stolen. This will help you identify any suspicious activity and take immediate action to stop these identity thieves from stealing or misusing your funds.

4. If you’ve been a victim of identity theft, call the relevant credit bureaus such as Equifax, Experian and TransUnion and immediately let them know so they can take action.

5. You can also call the Federal Trade Commission hotline on 877-438-4338 to file a complaint as soon as possible if your identity has been stolen.

Stay safe out there Ghosts. New initiatives like this are rich breeding grounds for scammers.

 

The NSA Has Allegedly Tapped Into Yahoo and Google Datacenters

Google Cloud Exploitation

Public Service Announcement

Information regarding the extent of the US government’s internet spying programs continues to come in. Today the Washington Post reported that information received from Edward Snowden and other sources reveals more troubling news… that the NSA has been able to breach the security of Yahoo and Google’s datacenters around the globe, giving them unfettered access to user data from hundreds of millions of user accounts.

VPN’s cannot protect you against these types of intrusions, so we urge all VPN customers to weigh their options when it comes to choosing email providers and search engines. Large companies like Google and Yahoo absolutely cannot be trusted to keep your data private, regardless of their intent.

Bypass NBA League Pass Blackouts with Ghost Path

NBA League Pass

Here at Ghost Path we love the NBA – and we love the convenience of NBA League Pass, but we don’t like regional blackouts.

NBA League Pass lets you watch up to 40 NBA games online each week, with the notable exception of nationally televised games. League Pass is a great product, just as its counterparts from the other major sports are. However, the notion of regional blackouts can limit how legitimate, paying customers are able to utilize the service. Blackout restrictions will keep you from being able to watch your local team’s games on League Pass… unless you’re using a VPN like Ghost Path.

VPN is short for virtual private network, which is what we do at Ghost Path. A VPN allows you to bypass various online restrictions, including geographic restrictions. By masking your true location it’s easy to bypass the basic geolocation techniques that League Pass uses.

We offer a 7-day money back guarantee here at Ghost Path, so it’s risk free to try out our service. VPN accounts start at just $10/month.

NBA and NBA League Pass are trademarks of the National Basketball Association.

 

New VPN Gateway in Boston

New VPN Gateway in Boston

We have released a new VPN gateway in Boston, MA over the last few days. Ghost Path users in the northeast US now have another option for connecting. The new location should be ultra-fast for users in an around Boston.

Ghost Path Gateways

Ghost Path is now operating over 112 servers in 38 different countries, and we’re not planning on slowing down anytime soon. There are 45 VPN gateways in the United States alone.

10 Simple Ways To Protect Your Identity Online

10 Ways to Protect Your Identity Online

Identity theft is one of the fastest growing crimes in the world; due, in large part, to the dramatic increase in online shopping and sharing over the last 10 years. Today’s online world requires you to be proactive in ensuring that your identity online remains safe at all times. In this post, we’ll give you 10 easy and practical ways that can help you stay safe in an online world and protect your identity online.

1. Double-check Your Social Media Account and Privacy Settings

Most of us use Facebook, Twitter or other social media sites at least once a day. Social media can be a great way of keeping in touch with people who are close to you without having to remember their email addresses or writing long-winded messages to them. However, with this convenience comes the danger of having your login details or name stolen by bad guys.

Facebook accounts come with preset privacy and account (and ever-changing) settings. You should regularly assess these settings and change them to lock down your posts and photo albums, as well as change your password at least once a month. This will ensure that you’re able to keep tabs on who can see your posts, personal info, etc. and who can comment on your statuses and photos, effectively keeping away malicious identity thieves. Also, be sure to not accept friend requests from people you don’t know.

2. Have a Primary and Secondary Email

Most people don’t think twice when it comes to signing up for various offers using their emails. The problem with this is that some of these offers may come from websites or addresses that are part of phishing scams that target people’s email inboxes.

One countermeasure is to have a secondary email that you can use to sign up for various offers without handing over your primary email address. It’s a good idea to use fake names for your secondary email addresses, to increase privacy even further.

3. Set Strong Passwords

Identity thieves are good at both guessing passwords and cracking passwords. If you don’t give a second thought when it comes to the complexity of your passwords you may fall victim to identity theft.

It’s almost instinctual for people to choose passwords that are easy to remember, like birthdays, the names of children, siblings, significant others, or numerical figures that are sequential. These are far too weak now. It’s not 1995 anymore.

The best practice is to use a combination of letters and numbers, with some capitalization and special characters thrown in.

4. Clear Your Browser Cookies

Cookies are small files that get embedded in your browser which may track your movement online for marketing purposes. Many websites now ask for your permission to store cookies in your browser.

However, some websites don’t alert you, making it possible for your computer to send information back to identity thieves or other malicious parties. You might also fall victim to irritating popup ads and unsolicited emails as a result of these cookies being embedded in your browser.

Cookies are not inherently evil, and they definitely have their legitimate uses, but clearing them regularly is recommended.

5. Do Not Reveal Personal Information to Acquaintances

The internet has made it convenient and easier for us to connect with each other for either personal or business purposes. As a result, many people let their guard down and aren’t careful enough when it comes to giving out their contact information.

One great example would be people using dating sites to meet other people. Even after chatting with someone for extended periods of time, you might want to hold off giving them your telephone number. If you’ve planned to meet this person, make sure that you do it in a public place and make sure to tell at least two friends where you’re going so you can have an easy exit in case things don’t go exactly as you planned.

A great way to safeguard your identity in this instance would be to use a disposable email address while communicating with someone on a long-term basis online.

6. Use a Top Tier VPN Service Like Ghost Path

A VPN is a virtual private network that helps you protect your identity online by passing your data through an encrypted tunnel, ensuring that all of your information is kept away from prying eyes.

A VPN is also crucial when signing up for new services and using online banking services. If you login to online banking while using the free WiFi at your local cafe then you’re putting your bank account at risk. You never know when someone is on that same network using software to intercept your information as you send it.

With a quality VPN, like Ghost Path, you get the assurance that your data is encrypted. Nearly all devices that connect to the internet can use a VPN, so you should be able to effectively shield your information at all times. You can signup for a 7 day free trial for Ghost Path.

7. Don’t Reply to Spammers

We all get emails or messages via social media that look legit. These messages are usually sent by spammers that simply want your information for malicious reasons. One way of identifying a suspicious message is by keeping a note of where the email came from and the details it contains.

Protip: Unfortunately, there aren’t that many attractive girls looking to connect with you. Twitter and Facebook messages from accounts with “hot girl” profile pics are always a dead giveaway.

Delete spam emails immediately without opening them as they may contain scripts or viruses that may track your keystrokes in the hopes of stealing your passwords and other sensitive information.

8. Use Robust Antivirus Software

Never go online without having modern, up-to-date antivirus software. You’ll be exposing your computer and your documents to viruses that may make it possible for people to control your computer or device remotely, giving them access to everything on the device.

9. Check Websites for Seals, Certificates and Policies

Secure websites come with SSL certificates that you can verify by clicking on the space before the web address. These certificates are usually published by a trusted service and are valid for years at a time. Take time to inspect these certificates to ensure that they are valid and up-to-date.

At the same time, you can ensure that you are accessing the website securely by looking for an ‘s’ after the ‘http’ prefix. Lastly, secure websites have a padlock before the address or a green address bard, depending on the browser. These are cues signifying that your data and connection with the website are safe.

10. Offline Tip – Shred Important Documents

Whether you’re at home or work, it’s vitally important to shred documents. Credit card offers, bills, personal letters, etc. should all be shredded when you’re done using them. Pulling personal information out of the garbage is still one of the most common ways for your identity to be stolen.

Conclusion

Several of these tips may seem like common sense, but that’s not the case for everyone. It’s important for everyone to go back to basics with security from time to time, just to make sure that you’re doing everything you can to protect your identity.

What online security tips do you have? How do you stay safe online and protect your identity online?