Win / Conspiracies
Conspiracies
Sign In
DEFAULT COMMUNITIES All General AskWin Funny Technology Animals Sports Gaming DIY Health Positive Privacy
Reason: None provided.

You can be sure that if you're working from home on a company laptop that the same thing is happening.

While you can't prohibit the devices from eaves dropping when in use you can prohibit their spying when they're not in use.

If the device has a rj45 jack, hard wire it to your network. Connect and disconnect as needed. Problem solved. Also, most corporate laptops are configured not to sleep when connected to power. Disconnecting them from power will force them into sleep mod. It won't prevent them from periodically waking up, however. My last company's laptop would wake up about ever couple of hours even when unplugged. No idea what it was doing, probably trying to phone home.

If the device only connects wirelessly then you'll need to add MAC address filtering to your router and "permit" only the devices in the MAC address list. Add the device's wifi MAC address to the list. We want to use a permissible MAC filter list instead of a deny list because devices are capable of using randomly generated MAC addresses. There's a convenient setting in Windows 10 just for random MAC address generation. This will mean that every device in your home that is wireless will require you to add it to the list. It's a pain in the ass, but it reasonably ensures the devices don't avoid the next step.

Next we need to configure your router's access control list. Many routers have this feature. It allows you to configure the days and times devices are permitted or denied access to the internet. This list can be configured to deny or permit access using either MAC addresses or IP addresses. I suggest you use MAC address here which is why we configured the MAC filter above.

Another method is to purchase another wifi router specifically for untrusted devices. There's additional benefit here. It will isolate these devices from mapping your home network and you better believe that these devices are mapping your home networks. Some routers also have isolation settings which will prevent connected devices from communicating with other devices on your network. It's a pain in the ass if you have a network printer, but sacrifices. You can turn on/off the router when not needed more or less guaranteeing your untrusted devices don't have internet access.

Now, all of this comes with caveats.

  1. All devices are possibly capable of self configuring to MAC addresses that have unrestricted access on your network. They are capable of sniffing your wifi environment and discovering unrestricted devices. Whether the functionality is there is another question. It's all a matter of if they're configured to do so. It is completely possible and therefore probable that they can and will, but unless you're conducting security analysis of your environment you'll never know. I don't even know. I just assume they probably are, but I still take the precautions I've stated above.

  2. All devices are capable of accessing 3rd party wireless access points circumventing your wifi security altogether. Again, whether they're doing this takes detailed analysis to discover, moreso that I'm willing to do since I just assume untrusted devices will be configured to do so. Remember when your ISP upgraded your cable modem to include their own access point that you don't have complete control over? Well, why do you think they did that? Could it be to give access to the internet to the internet of things (IoT), all those internet enabled devices like your TV and your smartphone and your IoT toaster, fridge and cloths washer? Maybe and probably. Data is valuable. If you're serious about your home wifi security you'll buy your own cable modem that doesn't have a wireless access point built in. It probably doesn't matter though since your smartphone could be configured to self-configure as a wireless access point without you ever knowing allowing all those IoT devices in your home to phone home their data. Again, only a detailed analysis of your wireless networking environment will allow you to discover such activity. Just assume it happens because it is possible and as cheap as it is to add this functionality to devices it's also probable.

Don't let these caveats make you throw up your hands and not even trying to implement proper security on your own wifi networks, however. I just upgraded my cable television box and I made damn sure I couldn't detect another wifi access point in it before keeping it in my household. I will not tolerate a rogue wireless access point in my household if I can help it. Interestingly enough corporations spend a fair amount of money to make sure no rogue WAPs are on their properties even while trying to fill yours with them. You should probably think about that.

3 years ago
1 score
Reason: Original

You can be sure that if you're working from home on a company laptop that the same thing is happening.

While you can't prohibit the devices from eaves dropping when in use you can prohibit their spying when they're not in use.

If the device has a rj45 jack, hard wire to your network. Connected and disconnect as needed.

If the device only connects wirelessly then you'll need to add MAC address filtering and "permit" only the devices in the MAC address list. Add the device's wifi MAC address to the list. We want to use a permissible MAC filter list instead of a deny list because devices are capable of using randomly generated MAC addresses. There's a convenient setting in Windows 10 just for random MAC address generation. This will mean that every device in your home that is wireless will require you to add it to the list. It's a pain in the ass, but it ensures the devices don't avoid the next step.

Next we need to configure your router's access control list. Many routers have this feature. It allows you to configure the days and times devices are permitted or denied access to the internet. This list can be configured to deny or permit access using either MAC addresses or IP addresses. I suggest you use MAC address here which is why we configured the MAC filter above.

Another method is to purchase another wifi router specifically for untrusted devices. There's additional benefit here. It will isolate these devices from mapping your home network and you better believe that these devices are mapping your home networks. Some routers also have isolation settings which will prevent connected devices from communicating with other devices on your network. It's a pain in the ass if you have a network printer, but sacrifices. You can turn on/off the router when not needed guaranteeing your untrusted devices don't have internet access.

Now, all of these comes with caveats.

  1. All devices are possibly capable of self configuring to MAC addresses that have unrestricted access on your network. They are capable of sniffing your wifi environment and discovering unrestricted devices. Whether the functionality is there is another question. It's all a matter of if they're configured to do so. It is completely possible and therefore probable that they can and will, but unless you're conducting security analysis of your environment you'll never know. I don't even know. I just assume they probably are, but I still take the precautions I've stated above.

  2. All devices are capable of accessing 3rd party wireless access points circumventing your wifi security altogether. Again, whether they're doing this takes detailed analysis to discover, moreso that I'm willing to do since I just assume untrusted devices will be configured to do so. Remember when your ISP upgraded your cable modem to include their own access point that you don't have complete control over? Well, why do you think they did that? Could it be to give access to the internet to the internet of things (IoT), all those internet enabled devices like your TV and your smartphone and your IoT toaster, fridge and cloths washer? Maybe and probably. Data is valuable. If you're serious about your home wifi security you'll buy your own cable modem that doesn't have a wireless access point built in. It probably doesn't matter though since your smartphone could be configured to self-configure as a wireless access point without you ever knowing allowing all those IoT devices in your home to phone home their data. Again, only a detailed analysis of your wireless networking environment will allow you to discover such activity. Just assume it happens because it is possible and as cheap as it is to add this functionality to devices it's also probable.

Don't let these caveats stop you from throwing up your hands and not even trying to prevent you from implementing proper security on your own wifi networks, however. I just upgraded my cable television box and I made damn sure I couldn't detect another wifi access point in it before keeping it in my household. I will not tolerate a rogue wireless access point in my household. Interestingly enough corporations spend a fair amount of money to make sure no rogue WAPs are on their properties even while trying to fill yours with them. You should probably think about that.

3 years ago
1 score