[05/16/21 Note: The date on this post shows it was written a few years back before I understood how mobbers use infrastructure to harass. Businesses providing wireless services should, of course, take greater pains to provide security that will protect their customers against many kinds of attacks. But as my most recent posts show, mobbing hacks get around the typical security measures like passwording because they leverage signal and infrastructure. So the problem of security is more fundamental than the use of a default password, extending to public access points and open WiFi networks as well.]

This weekend I’m in Seattle, and today I learned something new. I had realized that the verbal abuse that is the primary component of “surround-sound” real estate mobbing, at least that ordered up by the nasty neighborhood watch of NE Seattle and its speculator friends, takes advantage of speakers at the cashier’s stand. But it didn’t occur to me that the volume of those speakers could be controlled by customers.

Today I was at the local Fred Meyer grocery store, when at the cashier’s stand I heard the usual mobbing prattle. I have rarely said anything to a stranger about it when the mobbers pop up on devices made accessible through provisioning at in a public place. But today I complained about it to the clerk at the checkout stand, telling him that if the sound wasn’t required, it should be turned off because it is vulnerable to malicious use.

The clerk showed me how to mute the volume at my own self-check stand, and it worked. The mobbers then jumped over to some speaker nearby or perhaps, if the equipment is designed so that they must broadcast to all of them, they were audible from another checking stand that was not muted. But in that moment, the volume of their prattle became less audible, and in turn they became less able to affect me.

After I pressed the down-volume control at my individual check stand, my experience of that transaction, in that moment, was changed. But how were the mobbers able to access the check stand speakers? To be sure, you’d have to know how sound is enabled at those self-check stands. Chances are, it involves an unsecured wireless network.

So after years of WiFi-enabled bullying, I learned something again today, and became a bit more able to not only protect myself, but to share a tip with others who might one day be victimized by the prevalence of unsecured wireless networks like the one at Fred Meyer. Grocery stores like Fred Meyer that by their use of unsecure wireless networks and store infrastructure expose their customers to harm at the hands of hacking criminals must begin to lock down their infrastructure, their public address, security and intercom systems, and to lock down their wireless networks.

∅

It’s a truism that real estate mobbing begins at home, but it doesn’t stop at work. One of the the most brutal facets of mobbing, at least as performed by the real estate mobbers of northeast Seattle, is the merciless pursuit of the victim over the networks that overlay the public sphere.

Even when a victim of real estate mobbing realizes that a significant portion of the verbal abuse that is mobbing depends on the prevalence of wireless networks and smart phones, he may not be able to sort out the involvement of network and building infrastructure as he travels through the public square, infrastructure that is not within his control, and stands beyond the awareness of all of us. Yet it is this daisy-chain of mobber-infested WiFi networks, public announce systems and intercoms, these stacks of elevators with their canned muzak and always-on emergency communication systems, these in-store security systems and speaker-enabled access points, that allow the mobbers to stalk in a manner that confounds the victim and that those who should come to his aid refuse to believe.

No one expects to be addressed or ridiculed on a public announce system, no one expects to be berated over the intercom at the gas pump, and no one expects an access point to speak. But when you’re being mobbed, window panes howl, water lines burble, and air-conditioning whispers. When you’re being mobbed, you’re like Alice, and the vulnerabilities of unsecured networks, of an unsecured world of things, put you on the other side of the looking glass. And it is all very queer. After all, this is what the mobbers prepared you for as they familiarized you to the sound of their voices, and to the pattern of their prattle.

Ω

I started working out-of-state contracts about a year after losing my Microsoft contract in the early months of the mobbing. The mobbing opened with a series of hoaxes that were effected based on the mobbers’ transmission of their voices into my home, onto my weekend NPR shows, over the nightly newscasts, through venting and onto the panes of the windows where I would sit and write, and where I write now, while looking at the deep waters of Lake Washington, the pillow of clouds above, the sunset and moon rise, the clattering crows and the night-tide sky. The mobbing house to the south has closer access to the my windows than does the north mobbing house; this is probably why numerous of the hoaxes that were a prominent feature of the mobbing in its earliest months, were effected using sound whose source lay just over the south border of my home.

In one that predated the obvious injection of sound into my house, the brat-pack owner of the south mobbing house stood in his driveway with his franchise family girlfriend, who would later say in court when I failed to move that they would not be able to have children if I continued to reside in the house next door. They spoke in stage whispers with the nasty neighborhood watch lady from across the street about how they were in the final stages of purchasing my rental home out from under me, and about how I would be “more comfortable” if I “moved on.” When their voices began to show up on my cordless phone whenever I attempted to make a call, they giggled about a “party line.” The accidental “party line” trickery was soon enough dropped while the babble and abuse continued in the background of calls from devices corded and cordless, smart and dumb. The phrase “move on” has been a constant theme during these years of real estate mobbing, an insult in a strategy of insults, by posers cum criminals attempting to speak in voices of authority as they forcibly evict a legal resident from a property that real estate speculators want. When I refused to leave, the mobbers upped their game, and to the extent they could, traveled with me. Mobbing is a real estate scam, and in a city of diminishing lots where racketeering appears to be routinized into acceptance, unethical speculators go to great lengths to “acquire” lots on which to build.

Ω

One of my first contracts when I began working out of state as the victim of a Seattle real estate mobbing, was with a Bay Area endpoint security company. “Dev-sec-ops,” as this convergence of code with security and operations is termed, is a fascinating field and a never-ending battle of closing security holes while “probing” for intrusions and the “artifacts” they leave behind. The folks in dev-sec-ops come from multiple backgrounds, ranging from government service, even the FBI, to network administrator, to programmer and technical sales. Some companies build risk management into their service set, modeling the cost of the intrusions and data losses that companies may incur if the companies do not purchase the recommended security platform.

There is great irony in being stalked by real estate speculators while working in a network security company. And it was a shock when the voices of the mobbers began to crop up on nearby smart phones, conference room phones and over the speaker-enabled access points that dotted the building public address system. If I had understood mobbing then as I do now, as a deployment of the cyber-bullying (“mobbing”) of the virtual world to the physical landscape, perhaps I wouldn’t have expected to so easily escape.

Device management was a “rat hole,” one of the technical support guys flatly said, when I asked how smartphones factored into network security. When I asked about wireless access points, I learned that they, too, were often not taken into consideration in a company’s security strategy, and were instead considered building infrastructure. I learned that while they could be included in the contract as leased appliances or fixtures, they are often left within the control of building management. One wonders what the likelihood is of building management accustomed to viewing security on the monitor of a closed circuit camera successfully competing with the exploits of hackers inside a brick-and-mortar structure whose antediluvian tangle of conduit and Cat 5 failed to anticipate the wireless network packet, much less the flood.

Along with lacking control over the building infrastructure that allows phone phreakers, hackers and other network intruders access to the corporate body, many companies offer wireless “guest” networks. These may be maintained separate from the network that hosts the servers and computers that guard intellectual property and corporate data, but a guest network is sourced from within the physical confines of an office and, as such, allows a way into the corporate sphere. Even if corporate WiFi that spills over the physical floor space does not allow probing for other points of vulnerability or access to resources such as wireless access points or security cameras—assets that could be used for corporate espionage—the personal devices of employees and guests can be mined for information used target them for social engineering attacks whose goal is the corporation. In mobbing, where real estate mobbers attempt to effect a “white glove” eviction by frightening their targets out of their homes and by making them think that their landlords, bosses and even their families have turned against them, the mobbers require some convincing detail that made it plausible that, as they claimed early on, they had “all the email [I’d] ever” written, or at least enough to mine it for names of past lovers and employers.

As I mentioned in a much earlier blog, there was a point in the opening hoaxes in the mobbing when one of the mobbers claimed to be someone I’d known more than 25 years back. Impersonation is a constant theme of cyber-bullying, another reason why the comparison of real estate mobbing with cyber-bullying is apt (“The Effects and Causes of Impersonation, https://nobullying.com/impersonation/). And also another reason why it would make sense if the same people who would mob for speculators and nasty neighborhood watches have mercilessly bullied victims over the Internet. This is why it’s important not to let even one case of mobbing go, not when mobbers move in around their victims and bully out of houses next door to them, not when this crime is committed in broad daylight, day-in and day-out for years, and with the apparent knowledge and involvement of real estate agents and builders, not when the so-called “neighbors” of the mobbing victim whose domiciles are used in the commission of felony crimes believe themselves to be so above the law that they attempt to convince the police and the courts, like Kellyanne Conway, that the victim’s reports are nothing more than “delusion.”

What’s a business to do? Don’t let the data, and the lives, of your customers and your employees be free for the taking. Secure wireless networks, or get rid of them. Let’s face it, most unsecured networks are provided for the sake of convenience. When businesses first started offering WiFi, you’d have to get a password from the cashier. Now many businesses just post a sign with the SSID and password and tell you to use it at your own risk. It doesn’t have to be that way. It can be argued that an ethical business that is looking out for the interests of its customers shouldn’t even offer WiFi. The collection of access point and IMSI information undermines not only personal security but the security of the next node, that woman or man standing next to you. When information about one person reveals the entirety of a social or business network, the information of every person must be guarded. Companies that provision unsecured guest networks for their employees to use onsite, aren’t doing anyone any favors. If cyber-bullies routinely harass one victim by using the open nodes around him, it’s not just the victim whose welfare is compromised.

Should the user be responsible for avoiding risks that he does not even understand? And what are the chances of a class action lawsuit against those who’ve equipped us with communications systems that make us sitting ducks for organized crime?

The least businesses that offer wireless networks should do, is to add an IoT firewall. Access points can be integrated into a network security plan by adding them to an IoT firewall such as Cujo, RATtrap, Dojo or F-Secure SENSE. Wireless speakers, too, are part of the network and must be secured. Finally, IoT devices should also monitor not only traffic to and from the network, but traffic within the network, for potentially malicious activity. Black hats, mobbers and other criminals who use publicly accessible wireless networks to gain access to their victims should be forced to accept a certificate that enables suspicious activity to be traced and drops suspicious connections.

I have been living in a condition of being cyber-bullied inside my home and out, for more than three years now. One of the key factors that made this possible was the lack of care for personal security that has gone into network provisioning and device design. No one should be forced to go through what I have survived as a legal resident of a northeast neighborhood of Seattle run amok with speculators and speculation encouraged by a neighborhood watch that has lost whatever moral compass it might ever have had. Let’s expose these scumbags and ruin their scam. Let’s fix it now.