What one neighbor can “share,” another can steal. These last weeks I’ve been thinking about exchanges between neighbors—exchanges that are enabled by proximity. Proximity, in this case perhaps not so accidental, is what created the opportunity for the owner of what I’ve come to call “the north mobbing house” to offer to share his WiFi with me soon after he moved in next door. This was the neighbor who informed me that he chose the neighborhood because there was “more room to build,” a curious comment considering that the homes on either side of him were occupied.

The proximity of neighbors creates a privileged relationship that is easily abused when respect is not equally accorded. This is the proximity, or perhaps I should say range, of “neighbor hacking.” For example, the WiFi-hacking Barry Ardolf, a “depraved criminal” who sought to use his illicit access to Matt and Bethany Kostolnik’s wireless network to ruin them by sending email threats to politicians and posting child pornography on a fake MySpace page he created in Matt’s name (“Wi-Fi-Hacking Neighbor From Hell Sentenced to 18 Years,” Wired, https://www.wired.com/2011/07/hacking-neighbor-from-hell/). It is within the proximity of neighbors that hate most easily finds a target. It is the proximity within which men, very often white men, mark their turf by aggressing upon their neighbors, if not their partners. For men like this, women who live without men invite it.

Jennifer McLeggan, a Black woman and single mother terrorized by John McEneaney and Mindy Canarick for three years in Valley Stream, New York has lived something of what I have lived as a woman who found herself next door to haters. The terror she stared down appears not to have included digital harassment; McEneaney and Canarick preferred the full frontal approach of spitting on her property, brandishing BB guns, lighting her house up with a blowtorch, blackface, firing off feces onto her lawn, and, of course, more. There’s always more. And though her complaints appear to have been believed by police, they initially responded with the same useless words that paint women as easy targets. They told her “she needed to be harmed in order for them to proceed with an arrest.” (“A White Couple Allegedly Terrorized Their Black Neighbor for 3 Years,” The Cut, https://www.thecut.com/2020/08/long-island-couple-arrested-for-harassing-black-neighbor.html).

Some three years into this reign of terror, McLeggan began to find dead squirrels in her yard. That was the last straw (“Arrests Made In Case Of Long Island Woman Who Claimed She Was Being Terrorized By Neighbors,” CBS New York, https://newyork.cbslocal.com/2020/08/17/jennifer-mcleggan-black-woman-terrorized-by-neighbors-valley-stream-long-island/).

McLeggan made signs and put them on her front door to tell passersby what was happening. Members of her community were good enough to respond. They were privileged to live in a “safe” neighborhood, but McLeggan had been excluded from the privileges they took for granted. Charges were finally brought against the white couple. “We’re the victims,” McEneaney complained to reporters. “I am not a racist.”

(That’s so white-man.)

Then there’s the recent case of Oregonian John Blackmore, another white man, was so enraged at a 78-year-old Black woman who double-parked to wait for her son in front of his apartment complex, that even after she moved her vehicle to allow him to leave, he charged her in his car multiple times. When she got out of hers in fear, he left his vehicle to confront her, fists raised and flinging slurs from his lips. He was moved to back off only after the woman’s son ran from his apartment and stood between the man and his mother (“Oregon man faces bias charges for trying to hit 78-year-old Black woman with car,” REVOLT, https://www.revolt.tv/2020/8/4/21354438/oregon-man-bias-charge-racial-slurs-black-woman).

One of the remarkable things about bias crimes is that even after we grudgingly admit they are crimes of hate, we fail to acknowledge how the punishment is influenced by gender. This is the specific violence that is misogyny. Hilary Clinton’s presidential run was met with a hardened misogyny that made it impossible to admit Trump’s lack of fitness for the position or to recognize Clinton’s qualifications for office. So much the worse for us. The derision with which Trump treats not only the Democratic vice presidential candidate Kamala Harris, but any woman who neglects to stroke his oddly swollen ego, is openly misogynist. The punishment that white militia in Michigan planned to inflict on Democratic Governor Gretchen Whitmer was undoubtedly the scapegoating of a woman, unapologetic and unafraid, holding a leadership role in a time of crisis. And for this she might have lost her life. When a woman speaks, even among those who share her class or color, her risk is greater than a man’s (“13 charged in plot to kidnap Michigan Gov. Gretchen Whitmer,” CNN Politics, https://www.cnn.com/2020/10/08/politics/fbi-plot-michigan-governor-gretchen-whitmer/index.html).

It is as though we struggle so with the fact of hate crime based on color or creed, that the misogyny that affects our lives is denied in this country in which the balance of power rests with men. Black women suffer crimes because they are Black, and because they are women. The hatred and harassment directed toward Black women is expressed in different ways than the hatred and harassment that Black men endure, if in fact they do. When the Black son of a 78-year-old Oregon woman blocked her attacker, the behavior of the white man changed, probably because he feared men—especially Black men—more than Black women. And when a pregnant Jennifer McLeggan moved into a Long Island home that she hoped would be a safe place to raise a child, the harassment dealt her by her hater neighbors—the open attacks on her safety with BB guns and blowtorches, the stalking of McLeggan in her own home—was intended to evoke a feeling of terror within her, as single women are expected to be so easily terrorized by predators when they live without men. We hate color, but how we punish depends on sex.

Ω

WiFi range extenders have great utility within the privileged relationship between neighbors. These short-range devices are ideal for deployment within a configuration of proximity between neighbors. WiFi range extenders “boost” and “extend” signal strength by repeating it. They are intrinsically insecure, the exploits that involve them mounting as the devices become more powerful and the technology increasingly “smart.” For example, in 2019 IBM researcher Grzegorz Wypych found that a flaw in the firmware of a TP-Link Technologies extender was easily compromised by editing an HTTP request to the device, allowing the bad actor to remotely execute shell commands (“A bug in Wi-Fi ‘extenders’ could give a hacker full control over the devices,” cyberscoop, https://www.cyberscoop.com/wi-fi-extenders-remote-code-ibm-xforce/). Nevertheless, with a consumer market clamoring for reliable networks built on a less reliable protocol, WiFi extenders have established themselves as a necessary feature in smart homes and as a requirement of the IoT ecosystem.

WiFi extenders have also commonly been the device of choice for those who want to share WiFi with their neighbors. Sharing WiFi with another household may be illegal in many locales; nevertheless, the use of a WiFi extender to share WiFi is common even though it can degrade signal quality. But it wasn’t until recently that I saw how much sense it made that the same device that is used to give access to a wireless network might be used to take it. The mechanism used to share WiFi may be the same mechanism used to cyberstalk or to cyberharass. This is a primary reason why the deployment of a WiFi extender across the property line of your house or the threshold of your apartment should concern you. Based on my experiences in northeast Seattle, I would suggest that some restrictions should be put into place, whether in the design of extenders or in the local codes governing their use. Security should work both ways, protecting not only the “user” but those the user exposes to the device. As Taylor Armerding asks in the Software Integrity Blog, “Will we have to sue our way to a secure IoT?” (“The cyber-physical convergence is accelerating—and so are the risks,” Synopsys, https://www.synopsys.com/blogs/software-security/cyber-physical-attacks/).

In Stop mobbing crimes with data: Visualize nearby networks with NetSpot, I talked about the importance of understanding the networks that are configured around you when you are being digitally harassed or surveilled. The heat map is an essential tool in revealing the deployment of WiFi extenders and access points that are within range of your network, may be deployed over the property line, and pose a security risk to you. But I didn’t provide any technical detail on how a bad actor might use a WiFi range extender. This kind of information can be difficult to find and there is a persistent lack of interest on the part of security experts in residential exploits. But today I happened across the blog of Gerry D., “How to Extend Your Wireless Range / Boost Neighbors WiFi Signal,” more clearly describing the less conventional uses of wireless range extenders to give or take bandwidth at home. Says Gerry, “I’ll show you what is required to extend the range of your wireless network outside, upstairs, in the basement or how to boost from your neighbor (C:\StickyStatic, https://stickystatic.com/tech/wifi-booster-extender).

The most basic method of boosting WiFi signal from a neighbor relies on line of sight, something I’ve touched on with regard to the use of directional antennas like the Yagi, considered the gateway antenna for WiFi cracking. The Yagi-Uda antenna, now simply a “Yagi,” was invented in 1926 by Shintaro Uda and Hidetsugu Yagi of Tohoku Imperial University in Japan, proliferating with the rise of terrestrial television across the American roof-scape and continuing to dot the skyline like the one no more than twenty feet from me on the roof of the house next to where I’m staying in the Berkeley area tonight (“Yagi-Uda antenna,” Wikipedia, https://en.wikipedia.org/wiki/Yagi%E2%80%93Uda_antenna).

In the case of sharing WiFi signal, Gerry explains the basic method of boosting the signal by using a repeater. The basic options are to use a more sensitive antenna to receive the signal, or to increase the signal strength of the transmitting router by installing a directional antenna and pointing the antenna in the direction of the recipient. These methods rely on line-of-sight propagation of the signal, which means that within the context of mobbing, they are appropriate as short-range methods when the mobbers enjoy proximity to their victim. The second method using a directional antenna from the router is preferable since it increases the strength of the transmitted signal.

For those lacking line of sight, Gerry provides three more methods to increase WiFi performance by improving signal strength in your home or “through [the] walls of a neighbor.” The most common of these is simply the purchase of a better wireless router. This suggestion addresses the speed of the protocol that the router supports, with 802.11ac being the latest and greatest when it comes to the efficiency and speed of MIMO (an antenna array providing multiple input, multiple output). To use this option, you need control over the Internet connection. From the standpoint of mobbing, you probably need a dual-band WiFi repeater that supports 2.4GHz as well as 5GHz since 2.4GHz signal, however slower, supports most devices commonly used in the IoT ecosystem and can more effectively penetrate the exterior walls of the victim residence. River Stone Net provides a 2020 rating of the best wireless routers for penetrating concrete and brick walls (“5 Best Wireless Routers For Penetrating Walls (Concrete & Brick Walls) 2020,” River Stone Net, https://www.riverstonenet.com/best-wireless-router-for-penetrating-walls/).

For quality performance, however, the best choice is a mesh topology. Wireless mesh networking originated with tactical radio networks in the military. Installed as a network, the Eero WiFi extender uses a mesh topography. Says Gerry, “There is no better option than [mesh] on the market. It is the newest home business class mesh for homes up to 4,000 square feet or more. The way to go if you control the connection and have the funds.” I suppose my mobbing neighbors do. One of the benefits of using a tactical wireless network in property war might be the fact that a mesh network is “self-healing,” potentially standing a new node (router) when the victim tries to opt out of the mobbing harassment by shutting her router down. Not to mention the opacity of mesh network addressing which could help to hide malicious traffic between rogue devices and those of the victim. The Eero integration with the Sonos wireless sound system also comes in handy when Sonos is the cornerstone of a mobbing platform.

The last of the best home options for WiFi extension is a simple wireless range extender, a common solution for sharing WiFi. Gerry and other experts are quick to point out, however, that when you “recast” a signal, you cut the speed in half, at best. Says Gerry, “If you want to recast the signal without reducing the speeds in half, the wireless mesh option is the only way to do this.”

There it is. More mobbers prefer mesh. This means that if you’re being mobbed with extenders, you may see mesh-capable devices like the Eero in network surveys and Wireshark or Airtool frame captures. What’s more complicated, is understanding how the broadcast transmissions of a rogue extension reach your devices. I’m no expert and am forced to present my theories in this blog because of the ignorance of the City of Seattle and the Seattle Police Department, among other agencies. I want to be freed of the crime of mobbing and to help to prevent it from happening to others. But the information I provide likely includes technical errors. Network security expertise is required to fully clarify the workings of the exploit and to give mobbing the attention that is required to stop it.

For purposes of mobbing, a primary goal of the signal boost is access to the victim network to broadcast harassment without directly addressing the victim network or any victim device. This of course would be easiest if your unwitting victim agreed to “share” a WiFi network with you. But then again, it might be better not to let your victim know. Gerry points out that to extend your neighbor’s WiFi into your apartment, you need to have access. Unless, of course, the network is “open,” that is, unless the network has not been secured and requires no password. But by now, with the increased use of biometrics in security and browsers that offer to create and remember secure passwords for us, even the least savvy among us knows that, don’t we?

But the proximity inherent in the privileged relationship between neighbors allows for a physical attack that can undermine the use of a network password. A physical attack can render a firewall irrelevant. According to network expert Michael Meyers, “the best network software security measures can be rendered useless if you fail to physically protect your systems” (“Physical access,” Wikipedia, https://en.wikipedia.org/wiki/Physical_access). Extending a neighboring network is essentially a physical attack, a signal hack by means of a WiFi-extending device. “One could also use a rogue device to access a poorly secured wireless network; if the signal were sufficiently strong, one might not even need to breach the perimeter.”

In the residential arena, you could argue that all wireless networks are poorly secured, by virtue of the unsecure infrastructure extended us by providers like Comcast and AT&T. When the source of household harassment on your devices is rogue wireless signal, it’s bad enough that you have no choice besides a wireless gateway that is used to bring signal to your home, regardless of whether you prefer to connect to your router over Ethernet. What’s worse is the provisioning of an open Xfinity WiFi Home Hotspot on the equipment you lease. “Your Xfinity Wireless Gateway broadcasts an additional ‘xfinitywifi’ network signal, creating an extension of the Xfinity WiFi network right in your home [emphasis mine]” (“How to Turn Xfinity WiFi Home Hotspot On or Off Using My Account,” Xfinity, https://www.xfinity.com/support/articles/disable-xfinity-wifi-home-hotspot). In addition to providing step-by-step to tell customers how to enable or disable the Xfinity WiFi Home Hotspot feature in their account, Xfinity notes that the public hotspot is enabled by default.

The default setting that enables these public hotspots on privately leased equipment by default is antithetical to current security practices that advocate the principle of need-based or minimum access. I’m writing this blog from the Berkeley area home of an elderly relative who trusted Comcast to provide a service she could secure with a password. Most of us don’t care to spend hours, days and weeks of their lives configuring devices; yet, the attitude of infrastructure, device and software providers is to blame customers upon whom they cannot offload the chore of securing services that are produced with unknown vulnerabilities, whose interactions will result in unknown vulnerabilities, and which will inhabit IoT and other ecosystems exposing them to more vulnerabilities. I don’t have access to my relative’s Comcast account to correct the low security setting or to disable the public hotspot, nor did I consider administering the default settings of the Comcast router I used for Internet access when mobbing babble cropped up on my every device, including terrestrial television, at the outset of the mobbing.

Comcast customers may not even understand the distinction between secure Xfinity hotspots that are named “XFINITY” and marked with a lock system, versus unsecure Xfinity hotspots that provide a lower level of encryption and are named “xfinitywifi.”

You can’t steal your neighbor’s WiFi, says Gerry. “There is no magical device you can buy that is going to bypass their password.” The only solution is to obtain the password or to find an open and unsecured wireless network. Says Gerry, “The repeater will attach to the open network if that is what you are looking for.” Given this information, perhaps it is possible for bad actors to connect WiFi extenders or mesh nodes to unsecured public networks or to use WiFi extenders and mesh nodes to feed malicious data to wireless gateways, perhaps even AT&T’s “unadvertised SSIDs” or Xfinity’s public wireless hotspots within or within range of the wireless gateway or router of the mobbing victim, and to thereby gain access to their victim’s network and devices or to share a malicious network node.

As one of the mobbers hinted, “You’re on our network, or maybe we’re on yours.”

The vulnerability of the wireless gateway might explain why, at my home in Seattle using AT&T Fiber, I must unplug the ONT as well as the router to have any hope of quieting the mobbing harassment during the night.

My Cujo firewall makes no difference, which is probably characteristic for this type of exploit where the maliciousness of the signal is not recognized.

WiFi extensions like the Eero may enable the victim home that is positioned between and in close proximity to two mobbing houses to be defined as a room within the Sonos management application and to thereby be subject to wireless broadcast transmissions affecting compatible devices. Given the proliferation of low-power television transmitters like the Roku, boxing in the victim house with WiFi extensions may allow bad actors to contain the mobbing victim in an always-on low-power television station—all abuse, all the time.

Just like SmartTVs, smart homes and IoT create security vulnerabilities, both for those who use them and those who may not know the technologies are being used on them, to put them under surveillance, to keep them in check, to trigger clandestine harassment and harassing machines. My situation shows that haters and criminal speculators are well aware of these vulnerabilities and how they can be exploited.

The other day the search string “electronic infrasound” came up in the On being mobbed statistics. I’m not sure of the extent to which the infrasound-based harassment comes in over the router or whether it is distributed around the house in another manner. At least some over-the-wire distribution might make sense based on the fact that the speakers on this laptop are no longer usable and other equipment of mine may also be damaged. However, there are other options that this writing does not address. A mesh topology shared between hostile mobbing houses flanking the victim residence on either side might further expose the victim or allow for the victim network to be taken under management by the rogue network. This is something that seems possible based on what I have experienced as the victim of mobbing by apparent speculators and a neighborhood watch but, again, any conclusions would require greater network security expertise than I can offer.

We’re learning that democracy requires security. Infrastructure that is not secure is an invitation. No wonder personal computers are conscripted into botnets and subject to ransomware. No wonder individuals are subject to personal crimes in which pornography is downloaded onto their hard drives by petty criminals with Internet access. Given the risks, both personal and national, perhaps we should take down the network of unsecured hot spots and public WiFi established based on the ideal of equal access when hot spots infiltrated by malicious agents become honey pots for hackers and the equal opportunity they provide is to be taken as a victim. There’s no reason to offer criminals access to our homes when botnets are built from our personal computers and when public networks make it easy to use our infrastructure to spread conspiracy theories and lies. There’s no reason to leave the door open when the intellectual property of our employers is increasingly exposed as more and more of us work from home. In these days when foreign agents and other bad actors infiltrate social media and seek to propagandize our citizenry and spread disinformation in an attempt to undermine the legitimacy of our elections, there is no excuse to maintain an infrastructure so insecure that criminals, haters and racketeers make it their criminal platform. Property war is fought one house at a time. Domestic security must also be.