Why has my 4G LTE 890L jetpack started using so much data?
RichardLA
Newbie

I have been experiencing Data Overage on my 890L but have not changed the way I have been using my computer. I am also only pulling 2 bars now on 4G. I have talked to Verizon and they are telling me that there is nothing wrong on Verizons end and that I am just using the data. I have seen where some people have changed the Sims card and it has helped but Verizon have told me that this would not solve any of my problems. Any suggestions. I am getting nowhere with Verizon. Thanks Richard

Labels (1)
0 Likes
Reply
1 Solution
John_Getzke
Champion - Level 1

All of this is a little overkill. 

I think as long as you change your WiFi password from the default provided on the back of the Jetpack that you are sufficiently protected from a hacker or unwanted guest.  True hacks are not likely going to brute force your password anyways.  Its much more feasible to find a backdoor to a device and connect without or expose the WiFi password than it is to force it down.  If you are creating a 63 random character pw then you are seriously missing out on one of the advantages of using WPA2 security in the first place.

Normal strong password criteria should be sufficient for WiFi:

http://windows.microsoft.com/en-us/windows-vista/tips-for-creating-a-strong-password

Jetpacks are also not designed to be left online 24/7.  You should be powering it on/off as needed through the day to ensure it has a fresh connection to the local towers and avoids hardware defects.  In regards to security, you cannot break into something that is powered off.

View solution in original post

0 Likes
Reply
28 Replies
7e18n1
Specialist - Level 3

In this day and age password management is a fundamental requirement for any computer and network enthusiast. If you think password management is inconvenient perhaps one of the products referenced by the above link can help.

I posted a link to Steve Gibson’s site for passwords that can be used as is for any WPA2 pre-shared key (what Verizon likes to call Wi-Fi Password) and no benchmark is needed. You seem confused—I do not intentionally recommend or support any philosophy that encourages low entropy, less security or false security (false sense of security).

0 Likes
Reply
John_Getzke
Champion - Level 1

I visited Steve's site when you first linked it.  Now I'll take a second look.

Only a few areas popped out to me related to this conversation:

"The use of these maximum-entropy passwords minimizes (essentially zeroes) the likelihood of successful "dictionary attacks" since these passwords won't appear in any dictionary. So you should always try to use passwords like these.   When these passwords are used to generate pre-shared keys for protecting WPA WiFi and VPN networks, the only known attack is the use of "brute force" — trying every possible password combination."

here:

"Since the passwords used to generate pre-shared keys are configured into the network only once, and do not need to be entered by their users every time, the best practice is to use the longest possible password and never worry about your password security again."

and here:

"Note that while this "the longer the better" rule of thumb is always true, long passwords won't protect.... "

The conclusions I pull from this website are as follows:

1. Entropy is only effective against dictionary and brute force attacks

2. Entropy inconvenience is reduced if you only have to enter a password a few times

3. Longer is better is a rule of thumb, not a specific character length requirement

Therefore if you believe you are being brute force or dictionary attacked then an acceptable defense is a higher entropy WiFi password.  The rule of thumb is "the longer the better" but nowhere does it mention anything about "the maximum entropy is the only viable solution".  Steve still leaves it up to the user to decide what is acceptable risk in regards to balancing the inconvenience of a high entropy password.  If my password takes 5000 years to crack then I think that is fine, I don't plan on being around that long and I'm sure the hacker has better things to do.

Lets consider some other facts.  VZW Jetpacks have a small wireless range.  You need to be in close proximity to use the device meaning any malicious user is probably sitting next to you.  Jetpacks connect to multiple devices other than PCs.  Have fun typing or explaining over the phone a max entropy password on a device that doesn't allow you to copy or auto install the credentials.  Jetpacks perform better when power cycled frequently, which means a Jetpack should only be exposed while a user is actually online and using the device and then powered down.  Jetpacks have a 1 year warranty and exist on a 2 year contract, most will upgrade or terminate at that point.  If the physical device is replaced before a WiFi password is cracked via brute force then I am OK with that. 

I would update my recommendation as follows:

- If you plan to keep your Jetpack forever and never change the password then use high entropy

- If you are constantly exposed to others who you feel are brute force attacking you then use high entropy

- If you only have one or a few devices that can receive or auto install credentials then use high entropy

Otherwise I still feel the normal best practice criteria for strong passwords will still be my recommendation with a twist.  Microsoft's minimum strong password recommendation (8 char, upper, lower, num, symbol) appears to be broken in a few hours or days according to howsecureismypassword.  "Longer is better" is a good rule of thumb and whatever you do it should take at least a few years to crack.

0 Likes
Reply
7e18n1
Specialist - Level 3

Good job! You’ve obviously given the matter some thought. I linked to his site for high entropy random passwords. I did not link to it for his opinions. I read it again and to be honest I don’t think it’s been updated in years. Brute force and dictionary attacks are not the only threats. For the last coupe of years password database attacks have been growing in popularity and the number and size of easily obtained databases. The recent security breech at Target could eventually add a potential, what was it 40 million accounts involved, to the pool. A password database attack may pose a greater threat after the default is changed because of the tendency to use the same passwords over and over.

0 Likes
Reply
lookinforanswer
Contributor - Level 2

Wouldn't just instruct the user on how to change their password end this disagreement and long drawn out detail on default passwords? 

Geez guys come on.

0 Likes
Reply
7e18n1
Specialist - Level 3

(removed)

I’ve been using Wi-Fi since it was invented. High entropy wireless security effectively provides a method as close to using the security of an Ethernet cable as you get, without the cable. If you think high entropy is a burden and unnecessary that is unfortunate.

In my experience with Wi-Fi, the burden you speak of is based (removed) the lack of a thorough understanding of the equipment involved and the procedures necessary to implement the required changes across the board. It’s easier to leave it alone. It’s easier to push the button. It’s easier to remember something cute and type it. Strengthening network security is always useful.

I follow the first service rule, “Listen to the complaint!” A clue to the problem is often in the complaint. Diagnostics happen when the complaint does not yield useful clues. When a useful clue is present in the complaint, follow it. With few exceptions, anyone with Wi-Fi should strengthen wireless security beyond the manufacture’s default. This unwillingness to tighten wireless security has been going on for 14 years. It didn’t just start when Verizon Mifi came along. (removed)

As soon as I saw the 8 character lower case hexadecimal password on a Verizon Mifi device, I knew instinctively it was a problem. I don’t need a document to tell me this. (removed)


Comment edited as required by the Terms of Service.

Message was edited by: Admin Moderator

0 Likes
Reply
vzw_customer_support
Customer Service Rep

Hello RPinFL,

I am glad that you have reached out to me today. I want to help you out. This way you don't have to keep calling in and being on hold and keep on getting different answers. Let's review your account together. I am going to follow you, if you could accept that request and then request to follow me back. Once I get that request I will accept. Then once we are following each other please send me a Direct Message. Here is a link that will give you the step by step direction to send a DM: http://vz.to/1fbIKzK  Hope to hear from you soon.

KevinR_VZW

Please follow us on Twitter @VZWSupport

0 Likes
Reply
CW72421
Newbie

We have gone over 3 GB in just a few days on the Mifi only, not including phones!!  No music, no movies, etc.  My bill is overdue so it wont let me change the plan and up the data!!  That'll be another $45.  Great........

0 Likes
Reply
vzw_customer_support
Customer Service Rep

Yipes, CW72421! I'm alarmed by the pending overages, but also puzzled by your statement that a past due balance prevents you from changing your plan. I hope to clear something up. Unless your past due balance has caused your account to be suspended, you can change your plan to increase your allowance (assuming you don't already have a plan with the maximum offered allowance). If your service is not suspended, I recommend contacting VZW Customer Care about this concern at 800-922-0204 as soon as possible!


DionM_VZW
Follow us on Twitter www.twitter.com/vzwsupport

0 Likes
Reply