Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Take some electrical cord.

Cut the end that goes to the device.

Strip the wires to expose the copper inside.

Pull the 2 wires apart at least 3 feet, so that they cant touch accidentally.

Plug in the cord.

Touch one wire to a metal part of his computer's case.

Touch the other wire to another metal part of his computer.

Problem solved.


Musta been a power surge dude.

You may ask, why so harsh? Well if someone I lived with was being a complete A$$ and saying "im l33t im gonna hack yer piece of crap mac" he deserves to feel the wrath. this is childish, and deserves a child like approach. All this talk of encryption and passwords wont stop him from being a l33t hacker. Take away his tools, he cant hack. If thats really what he does. LoL.
 
I can't comment on any of the mac security issues. The root cause of your problem is that you should not be living with this person. You either have to leave or get them to, otherwise nothing will really change.
 
-Digidesign

Here's a very different suggestion, and serious.

Dare him to do it. And have him prove it.

I would be immensely surprised if he succeeds if he gets anything readable, let alone, useful.

But, if, by some small chance he does, when he proves it to you by showing you, shrug, and say "Wow! I'm impressed! You should publish your results to Apple and the Blogosphere." Then have him delete what he grabbed, and as you walk away, stop, then threaten bodily harm if he does it again.

No need to worry about a hot-air braggart.
 
i say try to get him to do, and try to get some evidence that he had done it and compromised your security. then goto the cops and VOILA! your creepy housemate will be taking a one way ticket to the big house ;)
 
logandzwan:

"the ROOM MATE IS ON THE SAME WIRELESS NETWORK"

Where did he say it was the same wireless network - I missed that?


The OP stated --

More info:
- I own the router, and only I have access into the router setup.

It's apparent that there's only one router/AP in the house.
 
wpa wont make a difference, the ROOM MATE IS ON THE SAME WIRELESS NETWORK, he has access to the wireless keys!

Good catch. I realized this immediately when I read the OP's post.

For the wireless;
Basicly, sniffing wireles is more complex then sniffing ethernet data over a hub, but really hard either. Things like im passwords are encripted, however the actual conversations are not. As far web browsing, he'll beable to see where any https connections are going, but any of the actual data, it'll all be encripted. E-mail can use SSL or tls, but thats upto your provider to support, and you to set-up for each account.

I disagree on several of your above points. Sniffing wireless is easier than you think it is. It is more difficult to do but also easy, as wireless isn't limited by cabling. Layering the security is key here. He can spoof a MAC addy if he wants. He can also perform man-in-the-middle attacks, hijacking connections. Also, I'm going to assume that while the roommate may not have the password to the WAP, he can still gain physical access to the router. All it takes is placing a hub in front of the router and any wireless traffic leaving the LAN can be observed. The same can be done right after the router but before the rest of the network. Additionally, not all IM traffic is encrypted, as I'm able to sniff my own AOL traffic when I sniff traffic right outside my router (the sniff is one-sided [can't see IM replies] but I see enough that its a bit scary). Typical e-mail can also be sniffed if the ISP doesn't support and enforce encryption protocols...I was also able to sniff my e-mail leaving my LAN in the clear...passwords and all (and I was shocked).

For the desktops;
The linksys has a switch in it, not a hub, which means it the when you desktop talks to something on the internet none of the other devices on the network see any of those packets. No worries about his sniffing packets there.

I'm able to sniff traffic before and after my Linksys switch, thereby intercepting traffic before it is sent to the destined host. This requires physical access to the network. If the Linksys is located in a common area, its entirely possible for him to sniff data. All data coming from wireless or wired devices (with the acception of adhoc wireless connections) can be intercepted with a simple hub and a pair of CAT5 cables.


Now, since the "creep" has physical access to your machines there are various levels of attacks. With Macs OF passwords are great for prevent unauthorized use of your machine. However they do not prevent him physicaly removing your harddisks and mounting them. Something like File Vault or a spare image will prevent access your files in that case.

If he's bright, he could get the data he needs without physically touching the boxes themselves, but anyone with roommates they don't trust should be locking down their machines and rooms.

Ofcourse that still leaves network bases attacks. I think the other posters were in the correct direction here, except I would not put your machine into steath mode. It'll be like issuing a challenge to him. Just make sure the sharing is off and the firewire is on.

Oh ya, and lock your machine when your not infront of it. honeslty, if I was him and wanted your stuff, I'd enable sharing or make me account or somethign the 30 secounds you were outta the room to pee or something...

I agree here, but I'd be much more worried about keyloggers or simple yet powerful unix-based programs such as netcat (which he could use to establish backdoors). Enabling shares or making accounts is a bit obvious.

Lastly, while you're locking down your systems, don't forget to be hiding things like your checkbook and/or credit cards. I've had roommates rummage through my things when I wasn't around. I also had a roommate get into my locked closet by removing the doors from its hinges. If you're worried about him sniffing your data, you need to worry about more than identity theft, especially if he's sharing your home.
 
i would speak with him about this hacking bs. then i would cut off his mac addressing. it doesn't sound like you care for him so who cares if he gets ticked about the no access.

if that doesn't work, i'd kick his a&& b/c messing with ppl's privacy is not a joking matter these days. ppl can seriously mess up your life so protect yourself accordingly.

and good luck.
cheers,
keebler
 
Ideas presented so far that appear good but won't work are; open firmware password (easy to circumvent - google), different wireless encryption (same network), and MAC address blocking (easily spoofed, especially in his position). That said, I'd do them all anyway because not everyone knows about them, and it's essentially closing 3 doors to outsiders, not just your housemate.

1) Firstly I'd severe your machine from the network, and secure it up. There's no point 'securing it' if he already has access. Consider having two networks, and yours being physical (cable) only, unplug the network cable whenever you're not using the internet.
2) Find all your personal files which you are worried about, such as your "personal finances etc." and put them in one folder. Use Disk Utility to create an encrypted image large enough to hold them, and use the password assistant to create a good strength password that only yourself know. Then, even if he gained physical access to your machine, guessed your FileVault protected account password and had free access to all your files, he still can't access your banking details etc.
2) Backup your home directory and put it somewhere else, like a parents house or car. Consider enabling FileVault (many arguments for and against).
3) Follow the 'Use Lock Screen' instructions to enable the menu padlock;
http://www.cmu.edu/computing/documentation/secure_mac/secure_mac.html
4) Lock your room.

Finally download and read the [a href="http://www.nsa.gov/snac/downloads_macX.cfm"]NSA Guide to securing OS X[/a].

He sounds like a jerk, if you can't be bothered to do all this hit him with his keyboard. They hurt like hell.

AppleMatt
 
Forget the security...... you shouldn't be afraid in your own home, especially when it's because they guy is a fracking jerk. Don't give him the satisfaction. Besides, that'll just look like a challenge to him, since he knows you're trying to step up security. I wouldn't cut off his net access (nerds hate that).

My first thought was for you to call the cops. Seriously, have a police officer come and have a talk with your housemate about what he's doing. Don't even mention it to him before or after this happens. ;)



However, I hate when people mess with my stuff because they're trying to impress me or something, so this is what I suggest: Guns and violence is the answer.

From now on, gangsta rap is the only music you listen to, and ganja smoke will flow from the crack in your door every time you open it. Start swearing at him a lot in normal conversation. Rather than saying "Hi", call out "Hey b****!". Ever own a gun? I'm not asking you to use it or load it, but just have it. Walk to the toilet with it strapped to your pants. When you're at home, you're going to wear the white beater with red blood stain on the front. If he asks you about it, tell him you just spilt some red wine. He'll nod his head, but he'll know what it really is.
 
Forget the security...... you shouldn't be afraid in your own home, especially when it's because they guy is a fracking jerk. Don't give him the satisfaction. Besides, that'll just look like a challenge to him, since he knows you're trying to step up security. I wouldn't cut off his net access (nerds hate that).

My first thought was for you to call the cops. Seriously, have a police officer come and have a talk with your housemate about what he's doing. Don't even mention it to him before or after this happens. ;)



However, I hate when people mess with my stuff because they're trying to impress me or something, so this is what I suggest: Guns and violence is the answer.

From now on, gangsta rap is the only music you listen to, and ganja smoke will flow from the crack in your door every time you open it. Start swearing at him a lot in normal conversation. Rather than saying "Hi", call out "Hey b****!". Ever own a gun? I'm not asking you to use it or load it, but just have it. Walk to the toilet with it strapped to your pants. When you're at home, you're going to wear the white beater with red blood stain on the front. If he asks you about it, tell him you just spilt some red wine. He'll nod his head, but he'll know what it really is.



i see some irony in this post....



first it is just call the cops and suddenly it turns to guns and voilence, lol
 
why not make him just get his own line-in and isp account. lock everyone out but your 2 mac addresses. you can have your airport as stealth.
then you have no more to worry about than a next door neighbor. just the physical proximity to your system where he isn't likely to breach.
 
Rename your wireless SSID to some sort of profanity, acknowledging his presence. just kidding.

Like others said, WPA2 with AES Algorithm (better than TKIP). If you dont have the AES option, try flashing your linksys router with DD-WRT, an open source firmware for almost any kind of router as long as it can run linux. DD-WRT has much much more customization options that the original Linksys firmware. MAC blocking doesnt really do much now days.

Be warned, the flashing firmware with a third party is not for the faint of heart, but it is as easy as just copying and pasting commands into the terminal from the proper website. Just make sure you follow the directions very carefully. I've bricked one router i had lying around trying to do it. I was successful on my second try.
 
Try and catch him doing something that he really wouldn't want anyone else seeing.

Like, for example, if he danced like a bally dancer in his room, film him and then show him what you have on tape and say you'll post it on the internet (give link here too please) and send to his mates if he ever attempts attacking your computer.

Blackmail works quite well.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.