May have made a stupid mistake .... phone charge forstranger

The place to post if you need help or advice

Moderators: ChrisThornett, LXF moderators

May have made a stupid mistake .... phone charge forstranger

Postby Outerspace1978 » Thu Nov 14, 2013 3:39 pm

Doh ......... im running xbuntu and was ask by someone who was desperate to make a call on a dead phone if he could charge from my laptop with the usb (was in London Kings cross station)

At the time I was logged onto work (citrix) I think I may have ended up using his data connection (was on my wifi with phone) / have I done the most stupidest thing ?

Now worried some of my Firefox stored passwords may have been taken / whats the worst he could have done e.g could he access any of my data etc etc ???

He had a iphone

No evidence yet of any problems (only an hour or so ago) / do I need to worry / re-install xbuntu ?

Andy
Newbie
Outerspace1978
 
Posts: 2
Joined: Thu Nov 14, 2013 3:20 pm

Postby lok1950 » Thu Nov 14, 2013 6:14 pm

I would not worry to much your passwords are also stored by those web sites where you have an account,what's their security like :wink: to on the safe side you might check if when you are online whether any URL's have been accessed that you do not know,if so check them out with Google for any malicious intent.

Enjoy the Choice :)
User avatar
lok1950
LXF regular
 
Posts: 1030
Joined: Tue May 31, 2005 5:31 am
Location: Ottawa

Postby nelz » Thu Nov 14, 2013 7:23 pm

The web sites should store passwords in a way that can't be read, but that's irrelevant. One security risk does not justify another.

It is unlikely that your stored passwords have been compromised, but it is a few minutes work to change them, which you should do from time to time anyway. Why fret about what could happen when you can make sure it doesn't?
"Insanity: doing the same thing over and over again and expecting different results." (Albert Einstein)
User avatar
nelz
Site admin
 
Posts: 8467
Joined: Mon Apr 04, 2005 11:52 am
Location: Warrington, UK

Postby Outerspace1978 » Thu Nov 14, 2013 8:19 pm

Yes will re-set the passwords (done a check of history so know what sites I have visited since reloading xbuntu in November on this laptop)

Will reload xbuntu too anyway (not many files on this machine) - theoretically would it be possible for him to download any of the files from my machine onto his Iphone ?

I know any software install would ask for my password so not too worried about malware.

Think agreed because im knackered, momentary loss of judgment !

I work in windows ... and before you groan the original windows e.g the things that fill holes in walls on buildings, been working some late nights early starts for a few months now (cutbacks) worrying over architects scheduling etc fortunately being a worrier makes for a good project manager (as find all the mistakes made in the schedules) but its not great for peace of mind !
Outerspace1978
 
Posts: 2
Joined: Thu Nov 14, 2013 3:20 pm

Postby nelz » Thu Nov 14, 2013 8:40 pm

Outerspace1978 wrote:theoretically would it be possible for him to download any of the files from my machine onto his Iphone ?

I know any software install would ask for my password so not too worried about malware


Theoretically, anything is possible, but I've not heard of a way of doing this from a USB client.

Your password is needed to install software into system directories, not into your home directory, so that's no protection.
"Insanity: doing the same thing over and over again and expecting different results." (Albert Einstein)
User avatar
nelz
Site admin
 
Posts: 8467
Joined: Mon Apr 04, 2005 11:52 am
Location: Warrington, UK

Postby Nuke » Fri Nov 15, 2013 2:13 pm

nelz wrote:It is unlikely that your stored passwords have been compromised, but it is a few minutes work to change them


A few minutes?! I am currently copying all my passwords from an encryped ASCII file into a secure database system called KeePassX http://www.keepassx.org/. It has taken me two evenings so far, a significant project.

That is without even changing them on the hosts on which they are used!
Unsolved mysteries of the Universe, No 13 :-
How many remakes of Anna Karenina does the World need?
User avatar
Nuke
LXF regular
 
Posts: 217
Joined: Wed Feb 09, 2011 12:11 pm
Location: Chepstow, UK

Re: May have made a stupid mistake .... phone charge forstra

Postby guy » Fri Nov 15, 2013 8:58 pm

Outerspace1978 wrote:Doh ......... im running xbuntu and was ask by someone who was desperate to make a call on a dead phone if he could charge from my laptop with the usb (was in London Kings cross station)

At the time I was logged onto work (citrix) I think I may have ended up using his data connection (was on my wifi with phone) / have I done the most stupidest thing ?


My understanding of the way these devices work is that if wifi was available, your laptop is unlikely to have connected via the phone network: the telcos prefer to offload onto the Internet, not the other way round. More likely, his phone's data connection piggybacked on your wifi.

Of course he could have been a deeply techy hacker and installed some toys of his own - but then I'll bet his exploit was not tailored to xubuntu!

Or, do you have some reason to think it went the wrong way?
Cheers,
Guy
The eternal help vampire
User avatar
guy
LXF regular
 
Posts: 1071
Joined: Thu Apr 07, 2005 12:07 pm
Location: Worcestershire

Postby nelz » Fri Nov 15, 2013 9:24 pm

KeePassX has options to import files. It sounds like it would have been faster to convert your ASCII file into one of the supported format and then imported it.

But it still only takes a few minutes to change the important passwords, the ones of sites that hold credit card or bank details. There's no urgency to changng passwords for sites like this one, unless the person with the phone was fat and had a Wigan accent...
"Insanity: doing the same thing over and over again and expecting different results." (Albert Einstein)
User avatar
nelz
Site admin
 
Posts: 8467
Joined: Mon Apr 04, 2005 11:52 am
Location: Warrington, UK

Postby Ram » Fri Nov 15, 2013 9:40 pm

nelz wrote:KeePassX has options to import files. It sounds like it would have been faster to convert your ASCII file into one of the supported format and then imported it.

But it still only takes a few minutes to change the important passwords, the ones of sites that hold credit card or bank details. There's no urgency to changng passwords for sites like this one, unless the person with the phone was fat and had a Wigan accent...


How do you know he's fat?

lubuntu LXDE 13.10 running on AMD Phenom II*4; ASUS Crosshair III Formula MB; 4 GB Ram.....
User avatar
Ram
LXF regular
 
Posts: 1674
Joined: Thu Apr 07, 2005 9:44 pm
Location: Guisborough

Postby nelz » Fri Nov 15, 2013 11:13 pm

Blubber is slippery :)
"Insanity: doing the same thing over and over again and expecting different results." (Albert Einstein)
User avatar
nelz
Site admin
 
Posts: 8467
Joined: Mon Apr 04, 2005 11:52 am
Location: Warrington, UK


Return to Help!

Who is online

Users browsing this forum: No registered users and 1 guest