How can I take precautionary measures from joining or being joined by a bogus SSID?

6,589

I'm pretty sure its an internet joke - in fact its an old joke from this mashable article from 2011. It is rather obvious a real surveillance van would not have such an SSID. Something like linksys or "TOTALLY ANONYMOUS VAN" would be more suitable.

I guess all three of them just happen to have the same odd sense of humour.

If you have done nothing wrong you have nothing to fear (from people too hamhanded to hide what they are) - I'd just ignore these. Unless you live in a totalitarian state where police presence is obvious and ominous, in which case you know precisely what to be afraid of. In this case we can worry about security as common sense.

I'd never connect to an unsecured access point - with things like firesheep around. I'd assume any wifi network I don't control is insecure and I'd tunnel everything through SSH to a server I control and know is safe on an external network).

On my own network - I'd also maintain a seperate guest network with with a different password using the most recent wifi encryption I can (for example WPA2 PSK), and enforce wireless client isolation. Even if the password is known, information between a client and the router is encrypted, and your wireless clients are kept separated from the main network.

I'd avoid WPS (It can be brute forced), WEP (its crap and can be cracked trivially) and WPA (Why use that when you have WPA2?) on my own router as well.

6,589

Billy McCloskey

Updated on September 18, 2022

Comments

Billy McCloskey over 1 year

I have noticed this same SSID, FBI SURVEILLANCE in three locations in the greater Southern California area (Garden Grove, Santa Ana, and San Juan Capistrano, California, U.S.A.). Is this one heck of a strong Wi-Fi signal, or is their some kind distributed "private" network overlaid on our great southland? Is their a public password so I may join in, or am I already joined in by default, but don't know it? If I cared to "opt out", what security measures could I take, other than pulling the plug to the now required Internet, which is necessary to gain access to public benefits, such as SSA, unemployment, food stamps? Inquiring minds want to know...

I know the above questions were thrown out there with quite a bit of sarcasm, but to maintain at least some legacy to my original post, I'll re-word from about here...

If I walk 200 feet from our humble abode, this is the current Wi-Fi radio traffic:

My real concern is that there is a glaring SSID local to my neighborhood. I believe in neighborhood watch. I watch to make sure that my neighbors are taking measures to protect their security, just as I take measures to protect my own. When I see an SSID, like FBI SURVEILLANCE, having been in the government security industry, it is my responsibility to be able to advice my family, friends, and neighbors as to how to approach the information technology age that is being thrust upon them. Therefore, I would appreciate some constructive advise as to how to handle a SSID such as this one.

I have very dear friend, who is afraid to even touch a computer, and has NO Internet presence - to this day, I cannot send her an e-mail because I cannot convince her to get an e-mail account, anywhere. She recently, for the first time, got a Smart Phone. One day she called me, knowing my background at Boeing, and I could hear the fear in her voice - she was asking what to do about a SSID in her neighborhood, called "FBI VAN."

I told her that it was probably just someone playing a joke.

Fast forward in time. I noticed what I noticed the other night. And, a good friend of mine in San Juan Capistrano, some 40 miles from here, also has the SSID "FBI SURVEILLANCE" in his neighborhood. I visited him last Saturday while looking for a house in his neighborhood, however, I did notice there was, indeed, the same SSID "FBI SURVEILLANCE" in his neighborhood!

Now, being a retired "rocket scientist," who has responsibly handled secret information for a career - I have a simple question: How do I answer questions and act responsibly to protect the information security for my family, friends, and for my neighbors, many of whom are undocumented foreign nationals. This is under the general category, ITAR, and when ITAR is concerned and is connected with the Internet at large in the central barrio of Santa Ana, California, we all should be concerned when we see a SSID in our community that is obviously a fraud, don't you think?

We are instructed to be vigilant when it is concerned with being watchful for terrorists - if someone is casing the neighborhood, if someone is taking pictures of entry and exit points, etc. Now when there is a glaring SSID that should not be in my neighborhood, I must ask questions to protect the information of myself, my family, and my friends and neighbors. This questions as originally stated could be construed as off-topic because of the sarcasm employed. I hope I've clarified the intent of the question so it will be relevant to the viewers of this forum.
- 100rabh about 10 years
  
  somebody playing a prank
- Billy McCloskey about 10 years
  
  It exists in 3 far-separated locations - I can give zip codes, and if I cared to, which I don't, could plot signal-strengths on a map, and triangulate the position(s) of the "prankster(s)", but have better things to do with my time. But 3 distributed pranksters? Are they in cahoots?
- Ramhound about 10 years
  
  Why on the world would you connected to an unencrypted wireless connection?
- Ramhound about 10 years
  
  @BillMcCloskey - Just because its your own personal network does not mean its secure not to have a password. Google has paid a large sum of money after capturing random data from networks just like yours.
- Billy McCloskey about 10 years
  
  Security is always on topic. How do I prevent joining a network, or be joined by someone trying to access my sensitive data? Good enough. Here is a case in point... "FBI SURVEILLANCE" - Just because it has that name, should I be concerned of a hacker in my neighborhood?
- Billy McCloskey about 10 years
  
  @Ramhound: I now understand your question - forgot my laptop had once been connected to TWCWiFi at my Dr.'s office - when I went out to see how far my newly acquired ASUS 802.11ac modem's signal stretched and caught a glimpse of our local Wi-Fi radio signal SSID, my laptop connected to TWCWiFi and not my new base station's SSID, ASUS1, which wasn't even showing! - that entry (TWCWiFi) has been subsequently deleted from my known connections. It was not obvious how to do that while standing on the curb in the evening, and I didn't understand your question, at first, but now I do.
- Ramhound about 10 years
  
  @BillMcCloskey - Why are you returning perfectly secure access points. If anything the ASUS hardware had the ability to run open source firmware which made it even more secure. Which is the key after the revolation that the standard OEM router firmware still has a hidden backdoor in it.
- Billy McCloskey about 10 years
  
  @Ramhound:- For one, the Open Source software of which you speak, and which I do love - I'm reading through it as time permits - it corrupted a perfectly good Seagate drive's 2.5TB partition attached to its USB 3.0 port. The distributed BT software it uses, but I plan on replacing, is very unstable. I like its Dynamic DNS through asuscomm.com. Yada yada. Yes, that ASUS product is great in concept, but its signal doesn't cover nearly the range the current AirPort Extreme does, and the open source software of which you speak, the very same software which suffered from Heartbleed, is BETA!
- Billy McCloskey about 10 years
  
  @Ramhound:- One last thought if you are using the Open Source distributed with the ASUS product. Edit out its FTP service, and replace it with a fully functional SFTP of FTPS server. The included FTP server cannot use a SSL no matter what you try! Not good.
- Billy McCloskey about 10 years
  
  @Ramhound:- I must be a gluten for punishment, but I kept that ASUS router around for 4 crashes and disk corruptions, thinking it was the immaturity of its bit torrent engine. Not the case, the 4th disk corruption was catastrophic, whereas the first 3 were only a nuisance, and the 4th catastrophic disk corruption was subsequent to inactivating the so called, "Download Master" (bit torrent). Go figure.... (Since this is off topic, anyway, I've got time...) ;-)
- Ramhound about 10 years
  
  @BillMcCloskey - We are going way off course. I only wanted to point out something I saw.
- Billy McCloskey about 10 years
  
  @Ramhound:- Of course we're off course, and we can delete this whole diatribe, but the message was flagged as "on hold" and therefore, "if false implies anything", so we can chat for the time, while the original topic is being considered as either on topic, or not. Take care. I'm considering deleting the whole question, unless more people vote to re-open the original. No worries. Take care. Taking my new solution, my drobo 5b, along with me. NOW, there is no security issue. It is all done with physical security. Cannot beat that. While we are off topic. :-)
Billy McCloskey about 10 years

I'm counting this as a joke, because my friend who told me about it in Garden Grove said it was some other "SSID", but close, and like yourself, if I were them, I'd obscure my SSID. However, there is always the age old philosophy of "hiding in plain sight." Putting this to bed, but still don't like it.
Billy McCloskey about 10 years

This is a valid question. What if I were to join or be joined by a "prankster" who gains access to information that could be ITAR? Security is ALWAYS on topic. The question has been reworded to reduce sarcasm and get to the point. Thank you for keeping me on topic.