Here everything is a secret ;): August 2013

Wednesday, August 14, 2013

Happy 67th Independence day

“Over the course of my years here, I have begun to wonder whether India will be the country that will grow and grow and never undergo that transformative disruption,” writes Stephanie Nolen in a moving essayreflecting on her 5-year stint at the Globe & Mail’s South Asia bureau chief.

But as I look back at this past year on Independence Day, I realise that this prophecy has already come true. Each explosion of “disruptive transformation,” be it the anti-corruption campaign or the post-Nirbhaya protests, has ended in a whimper. For the past 20 years, India has been growing and growing while remaining exactly the same. The glitz of ‘new’ India has proved skin-deep, and each day brings a newrevelation of the same old ugly face underneath, as Nolen observes:

One week, I covered the launch of the new BlackBerry to a voracious Indian market in the high-tech “millennium city” of Gurgaon, outside Delhi – and the next week, I drove a couple of hours farther down that road and covered a violent siege against Dalits in a village where a dominant-caste woman had eloped with a lower-caste man she had met at business school. It felt like time travel to the Middle Ages.

We don’t need to step out of the house to encounter the Middle Ages. Each morning, the newspapers bring the same news of caste killings, gangrapes, deteriorating water supplies, malnutrition, female foeticide, blah blah. Even what were once considered portents of a 21st century India — creation of SEZ zones or the arrival of that new mall — have acquired an ominous quality. We brace ourselves for stories of the real estate mafia or mining barons or political corruption that will inevitably follow on its heels — along with shrill TV debates and dead-end sessions of Parliament or the state legislature that will be suspended “in uproar.”

Life in India has acquired the hallucinatory repetition of that old Bill Murray movie, Grounds Hog Day. We too are condemned to relive the same day over and over again, except as reimagined by Kafka. Over the past year, over and again, hope has receded in the face of a seemingly unalterable sameness.

On 16 August, 2011, Anna Hazare launched the “second struggle for independence” in protest against the UPA version of the Lokpal Bill. His arrest sparked a spontaneous street uprising, and his fast later in the month in the Ram Lila Grounds attracted unprecedented crowds, as autowalas and middle class housewives, shopkeepers and college students swarmed in to register their support. As thousands others fasted in solidarity across the nation, the media chatterati hyped the coming of an aam aadmi revolution. The great Indian middle class had finally risen from its long slumber to overthrow the tyranny of corruption.

n this photograph taken on December 23, 2012, demonstrators are hit by water cannon during a protest, in front of the India Gate monument in New Delhi. AFP

Or so it seemed until Anna Hazare‘s movement disintegrated in the absence of vision and leadership. Two years later, on this I-day, the news of Robert Vadra‘s land deals evoke barely a raised eyebrow, and Anna Hazare is in New York, ringing the Nasdaq bell— just another celebrity cashing in on his 15 minutes. Arvind Kejriwal has left all talk of the Lokpal behind, and moved on to electricity prices in hopes of securing a handful of seats in the Delhi elections. And for good reason: corruption ranks a distant fifth in the public’s order of priorities.

The outcome of the ballyhooed anti-rape protests is slightly more encouraging. The Delhi police has tried to up its game. “After 16/12 everybody had to think about it, and repeatedly,” deputy commissioner BS Jaiswal told Mint, “Now people are aware of their rights because of the sensitisation. All our efforts are taken to chargesheet assault cases within one month, and all molestation/eve-teasing cases within 15 days.”

However, neither the new laws or modestly elevated national consciousness seem to have stemmed the tide of violence against Indian women. Not much has changed in a post-Nirbhaya India except — ironically, given her media moniker — the increased levels of fear. As Nobel reports, “After the attack on [Nirbhaya], one in three female employees in the capital either reduced her hours or quit her job, according to a survey by the Association of Chambers of Commerce of India.” Others are afraid to venture out after dark, or go out to clubs. Not that home is any safer for the many more women who are victims of the still legal marital rape and domestic violence.

On this 66th independence day, Indian women are more afraid than ever, and less free. But then so are all of us who now know better than to give an incautious sound-byte, tweet the wrong opinion, or post the errant Facebook update. Each year, we can say and do less than in the bad days of state-controlled media — which now is controlled by giant corporations and their vested interests. Did we go from frying pan to fire, or the other way around? It’s getting harder and harder to tell.

We’re losing in other, invisible but more urgent ways, as well. The quality of ground water declines, air pollution levels rise, electricity shortages grow more chronic, garbage multiplies and spreads dengue in its wake. And while the urban middle class may relish the McTikka perks of liberalisation, it grows poorer in other ways. “When we were growing up, hilsa was a standard treat. Now it’s a rare luxury,” says a Bengali friend.

But we’ve grown accustomed to our reducing circumstances much like sleepy lobsters in a warm pot. The price of onions which raised such hue and cry merely a year ago is now greeted with a weary shrug. We spend less on ‘luxuries’, our maids skimp on vegetables, in other parts of the country, people survive on one pitiful — sometimes fatal — meal a day. India is not growing, or even at a standstill. Rising, shining India is now shrinking, much like the sizes of our wallet, spaces for free speech, places to be safe, and our appetite to fight back.

“Freedom means the power to choose your path, to make your own decisions, to speak your mind, to dream without inhibitions,” reads the little Independence Day banner by daughter brings back from school. I can’t help laugh.

Turn your $60 router into a $600 router

Of all the great DIY projects at this year's Maker Faire, the one project that really caught my eye involved converting a regular old $60 router into a powerful, highly configurable $600 router. The router has aninteresting history, but all you really need to know is that the special sauce lies in embedding Linux in your router. I found this project especially attractive because: 1) It's easy, and 2) it's totally free.

So when I got the chance, I dove into converting my own router. After a relatively simple firmware upgrade, you can boost your wireless signal, prioritize what programs get your precious bandwidth, and do lots of other simple or potentially much more complicated things to improve your computing experience. Today I'm going to walk you through upgrading your router's firmware to the powerful open source DD-WRT firmware.

Photo by puruan.

Update: This is a rather old post at this point, and much has changed in the world of DD-WRT. For one, DD-WRT now supports considerably more devices, and it's much easier than it used to be. Check out our updated guide to supercharging your router with DD-WRT to see how it works. And, for an alternative to to DD-WRT with a simplified interface and fancy charts and graphs, check out our other guide to turning your $60 router into a user-friendly super router with Tomato.

What you'll need:

One of the supported routers. I used a Linksys WRT54GL Wireless router that I picked up from Newegg, and the instructions that follow detail the upgrade process specifically for that router and its close siblings. If you're upgrading one of the other supported routers, you might want to look into instructions specific to your router. These instructions may generally work for other supported routers, but I'm not making any promises.
The generic DD-WRT v23 SP1 mini firmware version located here.*
The generic DD-WRT v23 SP1 standard firmware version located here.*

*You'll be upgrading the firmware twice, first using the mini firmware, then using the standard.

Upgrading your router to the DD-WRT firmware

Check out this gallery for the detailed step-by-step upgrade with screenshots. When you're finished, come back here for some of my favorite tweaks.

Update, October '07: Reader Josh Harris writes in:

All the new WRT54G routers being sold now are v8, and the previous DD-WRT software didn't work on them. However, recent versions added support for the new v8 router— but it's a little more in depth.

Got this to work on the WRT54G v8 (should work on 7 as well, just replace the files with the corresponding 7 version):

First of all, use IE explorer. Firefox didn't work at all on this for me, even after install. Second, go to this page. Read the textfile carefully and follow its instructions. Two edits to the textfile:

1. Make sure you go to command prompt and typeipconfig /all. Record the default gateway, the subnet mask, and the two DNS addresses. When you set the IP address manually on your desktop/laptop to192.168.1.100as per the instructions, you will need to set these 4 numbers as well.

2. Don't forget when you do the tftp that you need to be in the folder that contains the downloadeddd-wrt.v24_micro_wrt54gv8.binfile (for example, if it is in C:/Downloads, type/cd C:/Downloads).

Lastly don't forget you need to be on a wire to the router, and download bothvxworkskillerGv8.binanddd-wrt.v24_micro_wrt54gv8.binbefore you start. Following this procedure will install the micro version on your router.

After this, switch your laptop/desktop back to receiving your IP address via DHCP rather than the manual configuration you set as per the instructions. You will be able to access the DD-WRt micro install via192.168.1.1with the login usernamerootand the passwordadmin. From here, you still need to install the DD-WRT standard.

Unfortunately, you cannot go any farther than this with WRT54G v7 and v8 because Linksys downgraded the physical memory in these recent models. However, micro is still an improvement over the original Linksys firmware.

Boost your wireless signal

The first thing I did after I finished the firmware upgrade was give my wireless signal a much needed boost ("needed" in the sense any signal boosting that can be done needs to be done, right?). Doing so is trivial.

Go to the Wireless tab, then to Advanced Settings. Find the entry labeled Xmit Power, which is set by default at a paltry 28mW, and can be set up to 251mW. To be honest, I don't know much about the science of the whole process, but I do know that 251 is WAY bigger than 28. However, you probably don't want to pump it up to 251mW right away.

The DD-WRT manual suggests that a "safe increase of up to 70 would be suitable for most users." Anything too much above that and you'd be flirting with overheating your router and damaging the life of your router (though I've heard that many people have pushed it up to 100 or above). So go ahead and change your Xmit Power to 70 and click the Save Settings button at the bottom of the page.

I can't measure for sure how the signal boost has improved things for me since I've just moved into this apartment, but I can say that the signal is full bars pretty much anywhere I go. How's that for scientific?

Throttling your bandwidth by program

While most routers treat one request for bandwidth the same as any other, your new $600 router is a step above. By setting up QoS (Quality of Service) rules, you can give priority to your interactive traffic (like VoIP, web browsing, or gaming) while throttling traffic that doesn't require a steady rate of bandwidth to function (like P2P programs).

Doing so will ensure that even if your network gets clogged with lots of file sharing, you'll still have enough bandwidth left over to make all of your free SkypeOut phone calls. If you've got roommates who tend to sponge up a lot of bandwidth, you can evenprioritize by IP address.

What to do if you brick your router

If, god forbid, while flashing your firmware you end up "bricking" your router, don't worry - all is not lost. The DD-WRT wiki (a great resource of all things DD-WRT) can help you recover from a bad flash.

Of course, your router will handle securing your network, port forwarding, and all the other things your regular old router does.

Obviously I've just scratched the surface here, so if you decide to try this out, there's a lot of potential for other things you can do. Any readers tricked out a router with DD-WRT or one of the other open source distros? Tell us what tweaks have worked for you in the comments or at tips at lifehacker.com.

Adam Pash is an associate editor for Lifehacker who loves a good signal boost. His special feature Hack Attack appears every Tuesday on Lifehacker. Subscribe to the Hack Attack RSS feed to get new installments in your newsreader.

How to Crack a Wi-Fi Network's WPA Password with Reaver

Here's the bad news: A new, free, open-source tool called Reaver exploits a security hole in wireless routers and can crack most routers' current passwords with relative ease. Here's how to crack a WPA or WPA2 password, step by step, with Reaver—and how to protect your network against Reaver attacks.Your Wi-Fi network is your conveniently wireless gateway to the internet, and since you're not keen on sharing your connection with any old hooligan who happens to be walking past your home, you secure your network with a password, right? Knowing, as you might, how easy it is to crack a WEP password, you probably secure your network using the more bulletproof WPA security protocol.

In the first section of this post, I'll walk through the steps required to crack a WPA password using Reaver. You can follow along with either the video or the text below. After that, I'll explain how Reaver works, and what you can do to protect your network against Reaver attacks.

First, a quick note: As we remind often remind readers when we discuss topics that appear potentially malicious: Knowledge is power, but power doesn't mean you should be a jerk, or do anything illegal. Knowing how to pick a lock doesn't make you a thief. Consider this post educational, or a proof-of-concept intellectual exercise. The more you know, the better you can protect yourself.

What You'll Need

You don't have to be a networking wizard to use Reaver, the command-line tool that does the heavy lifting, and if you've got a blank DVD, a computer with compatible Wi-Fi, and a few hours on your hands, you've got basically all you'll need. There are a number of ways you could set up Reaver, but here are the specific requirements for this guide:

The BackTrack 5 Live DVD. BackTrack is a bootable Linux distribution that's filled to the brim with network testing tools, and while it's not strictly required to use Reaver, it's the easiest approach for most users. Download the Live DVD from BackTrack's download page and burn it to a DVD. You can alternately download a virtual machine image if you're using VMware, but if you don't know what VMware is, just stick with the Live DVD. As of this writing, that means you should select BackTrack 5 R1 from the Release drop-down, select Gnome, 32- or 64-bit depending on your CPU (if you don't know which you have, 32 is a safe bet), ISO for image, and then download the ISO.
A computer with Wi-Fi and a DVD drive. BackTrack will work with the wireless card on most laptops, so chances are your laptop will work fine. However, BackTrack doesn't have a full compatibility list, so no guarantees. You'll also need a DVD drive, since that's how you'll boot into BackTrack. I used a six-year-old MacBook Pro.
A nearby WPA-secured Wi-Fi network. Technically, it will need to be a network using WPA security with the WPS feature enabled. I'll explain in more detail in the "How Reaver Works" section how WPS creates the security hole that makes WPA cracking possible.
A little patience. This is a 4-step process, and while it's not terribly difficult to crack a WPA password with Reaver, it's a brute-force attack, which means your computer will be testing a number of different combinations of cracks on your router before it finds the right one. When I tested it, Reaver took roughly 2.5 hours to successfully crack my password. The Reaver home page suggests it can take anywhere from 4-10 hours. Your mileage may vary.

Let's Get Crackin'

At this point you should have BackTrack burned to a DVD, and you should have your laptop handy.

Step 1: Boot into BackTrack

To boot into BackTrack, just put the DVD in your drive and boot your machine from the disc. (Google around if you don't know anything about live CDs/DVDs and need help with this part.) During the boot process, BackTrack will prompt you to to choose the boot mode. Select "BackTrack Text - Default Boot Text Mode" and press Enter.

Eventually BackTrack will boot to a command line prompt. When you've reached the prompt, typestartxand press Enter. BackTrack will boot into its graphical interface.

Step 2: Install Reaver

Reaver has been added to the bleeding edge version of BackTrack, but it's not yet incorporated with the live DVD, so as of this writing, you need to install Reaver before proceeding. (Eventually, Reaver will simply be incorporated with BackTrack by default.) To install Reaver, you'll first need to connect to a Wi-Fi network that you have the password to.

Click Applications > Internet > Wicd Network Manager
Select your network and click Connect, enter your password if necessary, click OK, and then click Connect a second time.

Now that you're online, let's install Reaver. Click the Terminal button in the menu bar (or click Applications > Accessories > Terminal). At the prompt, type:

apt-get update

And then, after the update completes:

apt-get install reaver

If all went well, Reaver should now be installed. It may seem a little lame that you need to connect to a network to do this, but it will remain installed until you reboot your computer. At this point, go ahead and disconnect from the network by opening Wicd Network Manager again and clicking Disconnect. (You may not strictly need to do this. I did just because it felt like I was somehow cheating if I were already connected to a network.)

Step 3: Gather Your Device Information, Prep Your Crackin'

In order to use Reaver, you need to get your wireless card's interface name, the BSSID of the router you're attempting to crack (the BSSID is a unique series of letters and numbers that identifies a router), and you need to make sure your wireless card is in monitor mode. So let's do all that.

Find your wireless card: Inside Terminal, type:

iwconfig

Press Enter. You should see a wireless device in the subsequent list. Most likely, it'll be namedwlan0, but if you have more than one wireless card, or a more unusual networking setup, it may be named something different.

Put your wireless card into monitor mode: Assuming your wireless card's interface nameiswlan0, execute the following command to put your wireless card into monitor mode:

airmon-ng start wlan0

This command will output the name of monitor mode interface, which you'll also want to make note of. Most likely, it'll bemon0, like in the screenshot below. Make note of that.

Find the BSSID of the router you want to crack: Lastly, you need to get the unique identifier of the router you're attempting to crack so that you can point Reaver in the right direction. To do this, execute the following command:

airodump-ng wlan0

(Note: Ifairodump-ng wlan0doesn't work for you, you may want to try the monitor interface instead—e.g.,airodump-ng mon0.)

You'll see a list of the wireless networks in range—it'll look something like the screenshot below:

When you see the network you want, press Ctrl+C to stop the list from refreshing, then copy that network's BSSID (it's the series of letters, numbers, and colons on the far left). The network should have WPA or WPA2 listed under the ENC column. (If it's WEP, use our previous guide to cracking WEP passwords.)

Now, with the BSSID and monitor interface name in hand, you've got everything you need to start up Reaver.

Step 4: Crack a Network's WPA Password with Reaver

Now execute the following command in the Terminal, replacingbssidandmoninterfacewith the BSSID and monitor interface and you copied down above:

reaver -i moninterface -b bssid -vv

For example, if your monitor interface wasmon0like mine, and your BSSID was8D:AE:9D:65:1F:B2(a BSSID I just made up), your command would look like:

reaver -i mon0 -b 8D:AE:9D:65:1F:B2 -vv

Press Enter, sit back, and let Reaver work its disturbing magic. Reaver will now try a series of PINs on the router in a brute force attack, one after another. This will take a while. In my successful test, Reaver took 2 hours and 30 minutes to crack the network and deliver me with the correct password. As mentioned above, the Reaver documentation says it can take between 4 and 10 hours, so it could take more or less time than I experienced, depending. When Reaver's cracking has completed, it'll look like this:

A few important factors to consider:Reaver worked exactly as advertised in my test, but it won't necessarily work on all routers (see more below). Also, the router you're cracking needs to have a relatively strong signal, so if you're hardly in range of a router, you'll likely experience problems, and Reaver may not work. Throughout the process, Reaver would sometimes experience a timeout, sometimes get locked in a loop trying the same PIN repeatedly, and so on. I just let it keep on running, and kept it close to the router, and eventually it worked its way through.

Also of note, you can also pause your progress at any time by pressing Ctrl+C while Reaver is running. This will quit the process, but Reaver will save any progress so that next time you run the command, you can pick up where you left off-as long as you don't shut down your computer (which, if you're running off a live DVD, will reset everything).

How Reaver Works

Now that you've seen how to use Reaver, let's take a quick overview of how Reaver works. The tool takes advantage of a vulnerability in something called Wi-Fi Protected Setup, or WPS. It's a feature that exists on many routers, intended to provide an easy setup process, and it's tied to a PIN that's hard-coded into the device. Reaver exploits a flaw in these PINs; the result is that, with enough time, it can reveal your WPA or WPA2 password.

Read more details about the vulnerability at Sean Gallagher's excellent post on Ars Technica.

How to Protect Yourself Against Reaver Attacks

Since the vulnerability lies in the implementation of WPS, your network should be safe if you can simply turn off WPS (or, even better, if your router doesn't support it in the first place). Unfortunately, as Gallagher points out as Ars, even with WPS manually turned off through his router's settings, Reaver was still able to crack his password.

In a phone conversation, Craig Heffner said that the inability to shut this vulnerability down is widespread. He and others have found it to occur with every Linksys and Cisco Valet wireless access point they've tested. "On all of the Linksys routers, you cannot manually disable WPS," he said. While the Web interface has a radio button that allegedly turns off WPS configuration, "it's still on and still vulnerable.

So that's kind of a bummer. You may still want to try disabling WPS on your router if you can, and test it against Reaver to see if it helps.

You could also set up MAC address filtering on your router (which only allows specifically whitelisted devices to connect to your network), but a sufficiently savvy hacker could detect the MAC address of a whitelisted device and use MAC address spoofing to imitate that computer.

Double bummer. So what will work?

I have the open-source router firmware DD-WRT installed on my router and I was unable to use Reaver to crack its password. As it turns out, DD-WRT does not support WPS, so there's yet another reason to love the free router-booster. If that's got you interested in DD-WRT, check their supported devices list to see if your router's supported. It's a good security upgrade, and DD-WRT can also do cool things like monitor your internet usage, set up a network hard drive, act as a whole-house ad blocker, boost the range of your Wi-Fi network, and more. It essentially turns your $60 router into a $600 router.

SOURCE: lifehacker.com