Stolen Identity (Aim + other stuff)
 

My girlfriend thinks she may be a victim of identity theft. She has dial-up at home, so she decided to use someone else's wireless. This morning she found out her password to her school account and aim were changed. She also bought some things over the internet, so she thinks this guy may have her credit card numbers. My guess is that whoever's network this is is the guy who stole her shit. My question is, would it be overly difficult to connect to his network, sniff it, and see if I can recover it using Etehreal or something like that? Are Aim passwords encrypted when sent over the network?

Also, anyway ideas for revenge? :killgrin:

So let me get this straight, she used someone elses wireless and she lost her passwords and shit. Well no shit. What the hell was she using someone elses wireless for, and what was she expecting to happen because of it?

I agree, it's not generally the smartest thing to do, but that doesn't give him the right to compromise her accounts like that. If anything, he needs to encrypt his network. Either way, I'd like to help her get her stuff back. And perhaps change the asshole's router password or something after setting encryption on it so he can't use his own router.

1. I doubt someone with an unencrypted network has the know-how to do something like that. It probably happened somewhere else, such as school.

2. Why does your girlfriend have "credit card numbers"? Aren't you guys 14?

3. A Singapore teenager is facing three years in jail and military service for using a neighbors Wi-Fi network. http://www.theinquirer.net/default.aspx?article=36499

1.) It might be apathy. My network was unencrypted for quite a while, though from what Mantra told me Aim passwords are Md5 encrypted, so I doubt whoever this was he got her password from her Aim account. I guess she uses the same password for aim as she does for other things.

2.) She's 2 and a half years older than me. She's in college. However, I do have a credit card...

3.) That's nice.

I know a person with an open router and a redirect for unauthorized MAC addresses to a page of viruses. Just because someone doesn't secure their network doesn't mean they don't know how. If this person is in a place where they are likely to get a lot of random connections, they very well may have a sniffer and data miner because they derive pleasure from causing others pain. On the other hand, if the network was in the middle of nowhere and there were lots of secure networks in the area, I doubt even the most depraved would go to the trouble.

As far as Singapore goes, there, you can get cained for spitting your gum out on the ground; I wouldn't use them as a judge of sane judiciary process.

Well, that's a little creepy unexpected.

Are you one of those people?

Anyway, linking to the article was a joke.

IMO if someone is using someone elses wireless connection without permission and the owner of the wireless connection does something malicious, the person using the wireless connection without permission deserves it.


It kind of reminds me of the stories you hear about a burglar breaking into someone's house, hurting himself by tripping on something or what have you, and then suing the owners of the house for his injury. Pretty damn stupid.

So if I walk across your lawn I deserve to get shot?

That's a pretty silly analogy.

More like, if you come in my house without permission, whether I've got my door locked or not, you deserve anything that happens to you because of it. It's you're own damn fault for coming in.

If I walk into your house you should be able to mug me for my wallet (identity theft)?

We're still getting prosecuted for shooting burglars in the face. :(

But we can blow giant holes into the rest of their bodies, so it doesn't matter much. :)

Hmm, I'm using my neighbor's wireless connection I believe. It's somebody on my block, that's for sure. I have no idea how I can just connect to it without any problems. It's sweet not paying for internet though.

So this leaves me vulnerable for anything he/she may try to do?

Yes, very.

No, but the internet is slightly different from real life events. They can be compared in some instances, but in that one, no, they aren't the same.

Identity theft is a huge thing online, and using someone elses wireless connection is asking for your shit to be messed with.

A better comparison would be you coming into my house uninvited, giving me your wallet, and then expecting me not to steal your identity.

I don't see how this works. Ok, so if I enter my credit card number online to buy things, this person can find out what it is?

What would happen if someone broke into your house, and put a gun to your head, but you mugged them, and locked them out?

I know its a very childish question, but I'm just wondering.

Well, the site should be using SSL if they handle credit card info, but with enough computing power and free time, sure, why not? More likely, it starts with using an unsecure service like webmail. From there, they can reset your paypal password and find out your bank account number and so forth.

I don't suppose so, but hey that doesn't mean my super sonic atomic pet badger won't. :D I call him muffin.