If you are browsing on a wifi, is it possible for someone from the Wi-Fi side to have access to what you are browsing?

8-)

New Member
Joined
Oct 24, 2019
Messages
3
So without your phone or phone number, can they see what is being searched using their wifi if they wanted to? How much effort would it require?
 

Deadmanza

Honorary Master
Joined
Sep 13, 2013
Messages
11,333
Who controls the WiFi.
Is it your own WiFi or public?
Because if it is your own home WiFi, chances are slim.
If it is someone else's or public then it is extremely easy to do.
 

SauRoNZA

Honorary Master
Joined
Jul 6, 2010
Messages
34,927
Yes it’s very simple for someone on the same network to do a man in the middle intercept of your data.

Even more so if you are on someone else’s controlled network.
 

Nod

Executive Member
Joined
Jul 22, 2005
Messages
8,837
If it is you own wifi and you have client isolation enabled, then it is almost impossible.
If all wifi clients can see each other, then it would be simple to sniff the network.

Connecting to someone else's wifi always carries risk and you should be using a VPN to minimize any potential spying/information gathering.
 

argh

Active Member
Joined
Sep 17, 2019
Messages
44
Including information copied from this thread: https://mybroadband.co.za/forum/threads/ddos-my-router-was-hacked-i-am-a-afrihost-client.1053589/#post-24346581:

I am not a technical person, I just read up on the internet how to secure a router, which is very important to prevent people accessing any of your wireless communications, or using your data, even if they are at home. Some of the websites I found useful are: Norton;
https://www.consumer.ftc.gov/articles/0013-securing-your-wireless-network;
https://www.lifewire.com/wireless-router-security-features-you-should-turn-on-right-now-2487665.

From what I understand, the most important first 3 steps to do are:
(1). Change the default password you get with the router to a strong random password about 12 characters long (if you need to, do an internet search for random passwords to get some suggestions). (2) Change the SSID (router) name that came with the router, to a random name that does not identify you and does not identify any address where you live or work. (3) Your router should ecncrypt traffic through it, which will prevent anyone understanding the information. Check what data encryption your router offers, choose the strongest, and ensure it is turned on (WPA-2 or the latest is WPA-3). On top of WAP-2, the router should have AES or PSK or both. If your router only has WPA or WEP as security options, buy a new router.

There are additional steps, eg VPN, turn off permissions for remote access, turn off guest access when not needed, activate the firewall if the router has one, etc.
 

Swa

Honorary Master
Joined
May 4, 2012
Messages
22,273
Alternatively have the worst security possible. Then you can just claim outside party. Or just don't download that kiddie porn.
 

genetic

Honorary Master
Joined
Apr 26, 2008
Messages
29,315
Some public wifi sites may log activity, but your home wifi - unless specifically set to do so - won't.
 

oober

Expert Member
Joined
Apr 3, 2005
Messages
3,071
If you visit secure sites (https) your chances of being spied on decreases significantly because all traffic will be encrypted. But even SSL has it's vulnerabilities.
 

Swa

Honorary Master
Joined
May 4, 2012
Messages
22,273
If you visit secure sites (https) your chances of being spied on decreases significantly because all traffic will be encrypted. But even SSL has it's vulnerabilities.
Not all traffic. There's still plenty of information that can be gleaned from headers.

If you're concerned over sensitive information then yes but if you want to hide your browsing habits then https won't help you.
 

argh

Active Member
Joined
Sep 17, 2019
Messages
44
All wireless devices (eg. routers/modems, computers, smartphones, IP Cameras, smart TVs smart appliances), are vulnerable to having the information sent over them misused, because they send signals through the air for several hundred feet. The devices, your info, & Gb, can be accessed by wireless devices in range (neighbours, criminals), & can be used to commit crime. Here's another useful website, which mentions smartphones & public wifi, not only routers:
https://www.fcc.gov/consumers/guides/how-protect-yourself-online
 

Geoff.D

Honorary Master
Joined
Aug 4, 2005
Messages
10,915
I have a "new" wireless router, supplied by Telkom, as part of its blackmail to get us all off copper on to fibre, supplied by D-Link, with virtually NO useful information about how to configure the blasted thing!
Both Telkom and their useless supplier, D-Link, try and dodge the issue when you approach them for a decent user manual. It is absolutely pathetic, so much so, that I have decided to abandon that "new" router in favour of my old one for one simple reason, and that is because I am able to properly configure the older one!
 
  • Like
Reactions: OCP

clickingbuttons

Well-Known Member
Joined
Mar 18, 2018
Messages
291
I have a "new" wireless router, supplied by Telkom, as part of its blackmail to get us all off copper on to fibre, supplied by D-Link, with virtually NO useful information about how to configure the blasted thing!
Both Telkom and their useless supplier, D-Link, try and dodge the issue when you approach them for a decent user manual. It is absolutely pathetic, so much so, that I have decided to abandon that "new" router in favour of my old one for one simple reason, and that is because I am able to properly configure the older one!
Dial-A-Nerd will be able to assist.
 

oober

Expert Member
Joined
Apr 3, 2005
Messages
3,071
Not all traffic. There's still plenty of information that can be gleaned from headers.

If you're concerned over sensitive information then yes but if you want to hide your browsing habits then https won't help you.

Because HTTPS piggybacks HTTP entirely on top of TLS, the entirety of the underlying HTTP protocol can be encrypted. This includes the request URL (which particular web page was requested), query parameters, headers, and cookies (which often contain identity information about the user). However, because host (website) addresses and port numbers are necessarily part of the underlying TCP/IP protocols, HTTPS cannot protect their disclosure. In practice this means that even on a correctly configured web server, eavesdroppers can infer the IP address and port number of the web server (sometimes even the domain name e.g. www.example.org, but not the rest of the URL) that one is communicating with, as well as the amount (data transferred) and duration (length of session) of the communication, though not the content of the communication.[4]

 
Last edited:

Darynv

Well-Known Member
Joined
Jan 15, 2010
Messages
168
I have a "new" wireless router, supplied by Telkom, as part of its blackmail to get us all off copper on to fibre, supplied by D-Link, with virtually NO useful information about how to configure the blasted thing!
Both Telkom and their useless supplier, D-Link, try and dodge the issue when you approach them for a decent user manual. It is absolutely pathetic, so much so, that I have decided to abandon that "new" router in favour of my old one for one simple reason, and that is because I am able to properly configure the older one!
Can't you connect the old one to the new one and still connect via the old one setup?
 

Geoff.D

Honorary Master
Joined
Aug 4, 2005
Messages
10,915
Can't you connect the old one to the new one and still connect via the old one setup?
Yes, I have the "new" one connected to a laptop and will keep "fiddling until I understand its configuration. BUT, it is currently not connected to the Internet or my local LAN. My point is, security is totally dependent on configuration, and it is the service providers AND their suppliers that are ultimately responsible for security failures, and, mostly, that is because they all work on the LCD principle, keeping consumers in the dark and feeding them BS.
 
Top