Cable was my first option before ADSL, but as I said there is no cable where I'm going to live. I cannot get cable.
My recommendation is 'do not use wireless network'. So use wired network(ADSL,Cable etc).
I'm not techy enough to understand half of what you said...
I wiil explain easly.
forget it, because the communication company provides you only User verification with encryption.
Your coummunication will not be protected.
Don't too much trust Wikipedia stuffs.
It's very different from Real world. They only put articles from other place.
And the only show theories, definitions.
I can say A book is better than all of Wikipedia.
You mean someone finding out my location? Dunno, I don't know who would be interested on that, and I'll be using this at home on my desktop, I don't even have a portable computer.
Now this sounds worrying. You mean tapping the communication between computer and modem, or is this also possible by just listening to the encrypted blocks that are the only thing actually being broadcast from my physical location? It's not, right?
Actually the only stuff whose secrecy is really important for me (banking, trade, or even email) is already encrypted locally with SSL. Could it be decrypted only because the encrypted data is transmitted through an insecure network that can be listened? I'm not sure I know what I'm talking about, but one thing is tapping a signal, and another one is decrypting it?
Would be TrustConnect able to solve whatever security issues?
There is an attack tehcnique.
In the Cryptology, the attacker can read, insert, modifiy any messages
between victim and server.
When an attacker attacks with this, two of victims(client and server) can't
recognize what's going on.
Let's see following process.
1.You conntect the server who provides online banking, and you receive a
server certification digitally signed by a trusted provider.
2.You pc will analyze the certification is trusted or not,if the certification
is trusted by trusted provider, and then the public key will be extracted.
3.Now your PC sends ramdomly generated message with encryption to the server
for the purpose of 'session key'.
4.The server decrypts the session key as server's own secrete key.
The server will use the key with a form of 'sysmtric key', and then communicate
with your PC.
What do you call above process?
Yes we call it 'HTTPS protocol'.
Many people think it looks like safe including you right?
But there is something you missed.
Web browsers rely on basically user's confirmation when there is a confirmation for
Yes...this will be very important vulnerrability.
Let's see how to attack.
1.the attacker makes his IP address as the server with DNS Spoofing.
(DNS Spoofing:the hacker changes your DNS server ip to his IP, so your PC thinks
the attacker's IP is real DNS server.)
2.you can't recognize it's real one or not.
3.the attacker starts to relay packets from you.(this technique what we call 'packet relay')
4.you still think there is no problem with communication.
yes...nothing is happened in front of you.
5.when you log in to the server, the attacker takes the certification from the server
and saves into attacker's pc.
How is it possible? you pc already attacked by DNS Spoofing.
6.now the attacker sends a fake cetification to you.
7.you will receive and confirm attacker's fake certification.
8.your pc will decrypt the fake certification.
9.the attacker can find your real login ID and password from real certification.
How is it possible? he already took your key and server's certification.
the attacker's pc is now the server and you.So the attacker can extract key from
the certification. the attacker pretends you and server.
When there is fake certification, your web browser shows you
warning message. But many people don't think about the warning message
from their web browser then just click 'ok' instead of 'cancel'.
If you click 'cancel', you will not have any problem.
So are you still safe if you click 'cancel'?
There is another attack technique to bypass that.
Next time I'm gonna explain about another technique.
There is one more thing you should know.
In the real world, SSL is not always safe.
If SSL is always safe, there is no OTP,Security card, key stroking encryption etc.
So you can think why OTP,Security card, key stroking encryption etc exist.
But I think one of moderator will delete or edit my post.
Because, something was happened a few days ago.
So, I can't post all about those hacking technique here.
If I want to make people understand the process,
I should introduce ,for example,attack tools and how to use them.
But as you know, I can't do it here.
I think I should better post those stuffs on other place instead of here.
If I do that, I'll let you know.
I don't teach hacking and cracking.
I just want to show why people should know about it.
And then they can defend themselves.
am I wrong?
You should read following my posts.
I posted it before.
It will show you the real world...https://forums.comodo.com/general_discussion_off_topic_anything_and_everything/criminal_minds_case1-t37250.0.htmlhttps://forums.comodo.com/general_discussion_off_topic_anything_and_everything/criminal_minds_case12-t37306.0.htmlhttps://forums.comodo.com/general_discussion_off_topic_anything_and_everything/criminal_minds_case1final-t37355.0.html