My roommate has been watching what I do online- help!
November 27, 2009 7:17 PM   Subscribe

Calm down, you're a bit worked up. Are you sharing computers? As a start, install Stealther plug in for Firefox, there's some other options too, but it's very hard to know exactly what's going on from your description. How do you connect to the internet? to a modem from your computer, or through his? Do you leave your computer, on, unlocked, etc.?

I would suggest that if you want something secret, putting on the internet where anyone can see it is generally not a good idea.
posted by smoke at 7:26 PM on November 27, 2009 [1 favorite]

I don't think the problem is that the roommate found the blog, it's that he's monitoring OP's internet traffic. That is an invasion of privacy.
posted by number9dream at 7:28 PM on November 27, 2009 [8 favorites]

It is very strange that he can tell you which posts came from the house unless there is an ip notation along with the posts (it will look like 68.234.21.10). If not, than he may actually have a legitimate monitor on the server that could see many of the things you do online.

Does the house use the server as part of the internet? Most likely not. You're next step might be for you to post the router model on here for some of the more technical people to tell you what its monitoring capabilities are.

However, most likely, he is just monitoring incoming/outgoing traffic which is usually just a bunch of ip addresses with some actual website names interspersed and your blog just happens to be one of the sites that shows up as an actual address. See http://forums.speedguide.net/showthread.php?t=262213

All in all, you should consider just buying your own wireless router and plugging it into the system to prevent him from this activity because even if you confront him, you don't really have a way to police his potential monitoring. Two wireless routers can exist on the same system if you go about it the right way, but that is another question.
posted by 2legit2quit at 7:31 PM on November 27, 2009

Wireless networks that you share with him are very easy to sniff or log the traffic going through him. He sounds like a suspicious person to be doing that though. You should start using some way of encrypting your traffic though "his" network. If you don't have someone in your life that can help you secure your stuff, please email someone here to try to help you. And, consider moving out, this just sounds bad.
posted by kellyblah at 7:35 PM on November 27, 2009

He can see all traffic; if it's encrypted (e.g., URLs beginning https) he can't read the contents. So he'd know, for instance, that you went to gmail, but wouldn't know your password. On the flip side, if it's not encrypted, he can read it all.

His discovery of your blog may have come from something not overtly invasive like just looking at aggregate stats on his network traffic and seeing an unknown domain high on the list. I'm not defending this, just noting that he may not have been deliberately prying (at least not at first.)

The only way to protect yourself in this situation is to encrypt all your traffic through someplace outside his network, e.g. with a commercial VPN (or find a different way to get online.)

If one were engaged in active infowar with one's roommate, then the roommate's unsupervised access to your computer would be a big problem, too, but I'll consider that outside of the scope of the question.
posted by Zed at 7:36 PM on November 27, 2009 [1 favorite]

He can see every website you go to, that's pretty easy to do.

He probably can't read your email, but it depends on how you are checking your email and what exactly he's doing (he may just be looking at the log of websites you've visited on the router--or he may be packet sniffing, which is another, creepier, ballgame altogether).

If your school has a VPN, and they probably do (talk to the computer helpdesk at your school and they can show you how to get set up with that), your safest option is to sign on to the school VPN while you are working from home, and to not leave your computer at home unsupervised.
posted by phoenixy at 7:40 PM on November 27, 2009 [2 favorites]

In short, he's monitoring your traffic in one of two ways.

1) Passively: if you use unencrypted wifi to connect to your router, he can connect to the same network and see your network traffic.

2) Actively: if he has control over the router (full control -- this has to be one of the handful of routers that can run custom code) then he can log everything that goes through the router and sift through it for personal details. He can also act as a "man in the middle"

He can see all unencrypted traffic going through your network. This means every single site you visit that starts with an "http" is potentially compromised. If you don't use a secure connection to your email ("https" to your webmail, or TLS/SSL for your client) then your email is potentially compromised as well.

The first order of business is to change all your passwords. He can see every single password sent over an unsecure connection, and if you're like most people and reuse the same password, he's probably got access to most of your accounts online.

Next, you'll want to encrypt your traffic somehow. The easiest way to do this is to send all your traffic through a VPN service. There's a pretty good description of how this works here: http://www.personalvpn.org/

You'll be paying a few bucks a month, but it's worth it for the peace of mind. Some popular VPN providers are BananaVPN and BlackLogic.

Also, tell your roommate that he's a jackass for invading your privacy.
posted by zain at 7:40 PM on November 27, 2009

Aww now see I'd be trashing someone's network if they did that to me, they'd come home to all sorts of carnage.

Real possibilities here are that:
-he's running your traffic through a for-reals server and thus seeing everything you do
-he's keylogging your system
-he's got a router with a logging function
-or he's got a custom DNS

Really if your level of technical expertise isn't so grand, I wouldn't advise taking him on if he's got that leg up on you. I WOULD advise you learn about SSH and possibly find a friend/relative who might let you tunnel through to their system/network to make your updates. You could try secure booting to a linux live disc/usb for blog work, if he's using a keylogger then it won't function outside of your normal OS.

Weird though that he refers to posts you make from home, I'm assuming the blog is the same for all posts, weird that he wouldn't just read it all.

Theoretically if we knew how he was doing the monitoring there could be a method of attack based on that method---but I'm gonna doubt that's really possible for you.
posted by TomMelee at 7:42 PM on November 27, 2009

Also, in case it hasn't already been made clear: This is a big deal.
posted by 2legit2quit at 7:53 PM on November 27, 2009 [2 favorites]

-he's running your traffic through a for-reals server and thus seeing everything you do

The post says: "As far as what kind of network we have, all I know is that it's wireless and he has his own server."
posted by salvia at 8:07 PM on November 27, 2009

Salvia,

The poster also admits not knowing anything about computers. The roomate could just have his own webserver or something similar that has nothing to do with the current issue.
posted by 2legit2quit at 8:10 PM on November 27, 2009

All other things considered, I hope you have a lock on your door and he doesn't have a key. It doesn't matter how you secure your traffic if he has physical access to the actual computer itself.
posted by fairytale of los angeles at 8:12 PM on November 27, 2009

1) nthing the advice to act very deliberately on this one. What he's doing is reprehensible, but is trivially easy to do on a home network, and may or may not be illegal. He probably runs a packet sniffer on his machine, logs everything going across the network, and is enough of a creep to be interested in what you're reading. Having a packet sniffer running on the network is a potentially legitimate security practice - if I were living with somebody who wasn't very computer savvy, I might set one up to let me know if their machine was infected with something that was going to get my IP blacklisted by sending out buckets of spam. Where he crosses the line into creepdom is that he's looking at that traffic himself instead of just using an automatic monitor. He's likely not going very far out of his way to spy on you (based on what you said, I don't think he's using a keylogger or has broken into your personal machine) but he is spying on you, and that's a bigger deal than he thinks it is.

2) What he can see, without messing with your computer, is all of your unencrypted network traffic. To oversimplify things a bit, everything that goes in or out that doesn't go to an https:// address is visible to him. That may include your email, depending on how you're accessing it, but it may not. I'm guessing you're a student, so it's unlikely that you're logging into a corporate network, but anything you send over a VPN connection would be secure. If you're using GMail or another online email service, access those via their https:// web address and you should be fine as soon as you change all your passwords. If you're downloading your email, many or most places now offer SSL-encrypted access. Look in your mail provider's online help for information about how to set that up.

3) He may have a lot of your account names and passwords that have passed through the network in clear text (i.e. not through an https:// address). Change all of them, from a known-safe computer that's not at your apartment, and don't log in to any sites that don't use SSL encryption from your home. I know this sucks, but your roommate is an asshole with some network admin knowledge that he's using for evil.

4) nthing the personal VPN idea from zain, but that will work only as long as he doesn't decide to compromise your computer in other ways (that are less passive and decidedly illegal). Locking your door may or may not help - locks can be picked, and this person doesn't sound like he has a good concept of personal space.

5) This is a really good lesson to learn about computer security: assume that everything you post on the Internet that's not encrypted and/or posted through a cutout is visible to everybody in the entire world, including your mother, and will eventually be linked to your real name and current address. Public blog postings are public; obscurity isn't anonymity.

6) Your roommate is being intrusive, controlling, and a creep. The fact that he's monitoring the logs to see what you're doing is very very not cool. I would move out as soon as it's easy for you to do so because the guy obviously has some ethical issues and there's no telling where that ends. I don't think I'd do an emergency move because of this, but I would get this person out of my life as quickly and completely as I could without provoking him or messing up my life. The lack of ethics on display makes me a bit concerned about provoking him - he obviously doesn't think what he's done is a big deal, probably because it was so easy, but he might resort to other things like keylogging or compromising your computer if he decides his need to spy exceeds your basic right to privacy and security of your property.

This is a really ugly situation for somebody who's not computer-savvy to be in; you have my sympathies, and I hope you can get out of this mostly intact.
posted by hackwolf at 8:26 PM on November 27, 2009 [10 favorites]

I see a lot of technical jargon here. The OP admits they don't know much about computers. I don't see how the technical details are of much use here. The bottom line is that this roommate seriously crossed the line by spying on the OP's web traffic. OP, if I were you I would worry less about trying to out-tech roommate in order to block the attempts to spy on you, and more about making it clear just how far the line was crossed in spying on you. This would easily be grounds for getting out of a rental agreement I would imagine, or grounds for getting roommate kicked out for that matter.
posted by GleepGlop at 8:33 PM on November 27, 2009 [1 favorite]

I just hate the idea that someone can completely spy on me like this.

You are posting things on the internet, which is a public place. If I found out someone had a blog, I would not consider reading it an invasion of their privacy. I would assume that if the entries were private, I would not be able to see them (most blogging sites allow you to make certain entries your-eyes-only).

I repeat: you are making your private thoughts publicly accessible by posting them to the internet.
posted by hermitosis at 8:47 PM on November 27, 2009 [6 favorites]

There's another possibility: the roomate just saidbth thing about the network to seem like MacGuyver, when really he just went on your computer and used it and checked your bookmarks or the most recently visted pages. Either way, Tech security jargon aside you should let him know that it was a pretty uncool way to bring up the blog and that it freaked you out.
posted by Potomac Avenue at 9:18 PM on November 27, 2009

Your roommate monitoring your traffic is a huge transgression. It's the cyberspace equivalent of hiding a video camera in your room.

Others have mentioned the most practical technical solution (a VPN: this is what they're for!), but I'm going to emphasize that your biggest problem here is social in nature, not technical. This guy sniffs your traffic and then mentions it casually like it's no big deal? Seriously uncool.
posted by qxntpqbbbqxl at 9:30 PM on November 27, 2009 [1 favorite]

OK, I'm not going to speculate on the methods he's using, whether he's dumping all traffic or looking at stats, whether he can read email, or whatever. If he's surreptitiously mining her history from her own computer, that's bad too. By whatever methods, he's doing it, he's proved it to you (local vs. remote posts), and he's told you. This is a complete breach of trust and is totally nerd-uncool.

You can start browsing via HTTPS, but that's not going to work for everything. SSH, VPNs and the like are more complicated for the non-technical and also will not work for every purpose. Besides moving out, as a person not well-versed in computers and networks the simplest way to deal with this is to get your own internet connection. This guy cannot be trusted.
posted by rhizome at 9:39 PM on November 27, 2009

Go to a friends house and change all your passwords using his/her computer. That would prevent him using a keylogger (software that stores everything you type in your computer) or directly monitoring the traffic.
posted by clearlydemon at 10:32 PM on November 27, 2009 [1 favorite]

Get a new roommate!
posted by lsemel at 10:41 PM on November 27, 2009 [1 favorite]

A distillation of what's most important here:

a) Non-technical people can't really have anonymous blogs.

b) Non-technical people who live with technical people need to be able to trust those technical people with their private stuff.

Lots of whining upthread about the violation of your privacy, etc. But it's worth noting that you didn't catch your roommate red-handed; he told you what he's doing of his own volition. So he wants you to know. Yes, he's being a jerk, but he has an agenda, which is probably to impress you with how smart he is.

So here's an idea: turn the situation on its head. Go to your roommate and tell him how impressed you are that he found your blog, etc. and that poor ignorant you needs his help to protect you from the big bad world. It's probably what he wants to do, anyway. He just wanted you to appreciate it first.
posted by bingo at 10:49 PM on November 27, 2009 [1 favorite]

Is he prone to exaggeration? He may have found your blog from the list of IP address connections that any old wireless router keeps. I've run into a list of IP addresses my wife has connected to just in poking around in my router's interface to see what's what. (I didn't bother looking any of them up to see what they were, though)

If he saw you hit one particular one frequently, he may have checked to see what it was out of curiosity, and somehow made the connection that it was yours.

How do you update your blog, with Blogger, or something like that, or the old-fashioned way, with FTP or SSH? That would stand out in a router log, especially if you aren't a computer nerd and he knows it.

I guess what I'm saying is, he could have accidentally found your blog and be exaggerating for dramatic effect. If you're using his wireless network, though, don't assume that anything you send across it is private, unless it's encrypted, and even then he can see what servers you use.
posted by ctmf at 11:05 PM on November 27, 2009

By any chance by "server" did you mean "router?" I'm of no help, but it might be helpful to the tech-savvy here.
posted by ishotjr at 11:52 PM on November 27, 2009

If you use gmail make sure to turn on the option to "always use https". Change your passwords. In particular, if you share any passwords between "secure sites" (banks, etc) and insecure sites (metafilter) stop doing that. Have at least 2-3 different passwords at a time, for different levels of security. And don't have firefox remember the secure ones.
posted by alexei at 12:24 AM on November 28, 2009

It's probably not a legal transgression if we treat the roommate as ISP here. I'd be willing to bet that he just gave the OP the network info to "use the Internet" via his router, and the OP has been happily doing that ever since. Logging or even analyzing one's own router traffic isn't much of a transgression. And if he controls the router (he called it "my network") or even just the DNS server, it's ridiculously easy to view all requests, even if he can't see the actual content transferred without making a bigger effort.

But the requests is enough. I say he saw a connection from the network to x.x.x.x or blogname.domain.com, went to see what that was, and recognized the writing style or one of the topics as coming from the OP. Likewise, posts from the network would be easy to catch by matching timestamps.

It's rude of this guy to do this, but probably legal if he's "providing" the internet in this relationship.

And no computer-beginner will be able to outsmart this without changing to use their own router, computer, and ISP, as if there was no roommate at all.

Shared anything dooms you, here.
posted by rokusan at 2:09 AM on November 28, 2009

Weird, but totally legit. In my eyes, the onus is on the user to keep private things private. The blog? I know that you swear that there are no identifying details, but I bet one of us could find it if we knew your name/school/job/email. All things your roommate would have. Maybe he just likes to Google people. Again, creepy, but in no way illegal.
posted by InsanePenguin at 4:27 AM on November 28, 2009

follow-up from the OP

Thank you everyone. Your answers have been *extremely* informative and helpful. I'm in the computer lab changing all my passwords right now, and I'm going to ask whether the school has a VPN I can use. I have one follow up question: In case he has put a keylogger on my computer in addition to spying on me through the network, is there any way that I could find it and remove it? Or, if I have my hard drive reformatted, would that get rid of it? I just also want to say that I wasn't mad because he was reading my blog- I agree that you shouldn't publish anything on the internet that you expect to be a secret. I was mad because he was spying on my traffic on the network. In other words I was bothered by the means, not the ends. And also worried about him watching what other sites I go to and reading my email. Also, just a few answers to questions that were asked:

We don't usually share computers, he has a few of his own and I just have one. I've never used his; he has used mine occasionally. He has passwords on all of his, I didn't have one on mine (that has now changed).

As far as how I connect to the internet, what modem he uses, what it's connected to, I know I sound unbelievably ignorant, but I really don't know. I turn my computer on, I am notified that my computer has connected to his wireless network, and that's that.

I do not know whether he uses his server as part of the internet. I just know that he has one, because he talked about it a lot when he got it and showed it to me.

I know that he's not checking my bookmarks, because I don't save bookmarks or browsing history. Is there another way that he could have been mining my history, as rhizome said, directly from my computer? (Other than having installed a keylogger).

(By the way, I'm certain he has been spying on me through the network, I just think he might ALSO have been poking around my computer itself.)

By the way, I really don't mind the technical jargon. Obviously, I don't understand a lot of it right away, but it's still extremely helpful to me. If I don't understand it, I look it up, and I learn things.

posted by jessamyn at 7:36 AM on November 28, 2009

I don't know. I think you're freaking out a little. I check out the web traffic on my network out of curiosity, it's not difficult. He may just be curious, he's into computers. You said you guys were friends and you were having an argument, he probably just wanted to throw you a little. I doubt he's, you know, stalking you. Does he act creepy about other stuff? Open your mail, delete phone messages, etc?

It's good that you're changing passwords and double-checking stuff, but keyloggers? Not paranoid, but close. I would just let him know it creeps you out a little and ask him if he would stop, he probably didn't mean any harm by it. I would try not to let this ruin a friendship/roommate relationship, though.
posted by InsanePenguin at 9:09 AM on November 28, 2009

Also, I would quit calling it spying. From what you've said here, the only evidence you have is that he knew about your blog. Again, yes creepy, doubtful harmful intent.
posted by InsanePenguin at 9:10 AM on November 28, 2009

Oh, meant to add, keyloggers can be software or hardware. Formatting the HDD would get rid of a software one, but it's worth taking a look in the back of the computer where the keyboard pugs in. If there's anything plugged in between the keyboard and the computer, take it out.
posted by InsanePenguin at 9:19 AM on November 28, 2009

Some people have suggested that that enabling https and password protecting your computer will help. Those things will NOT help if he really wants to look at what you're doing, although it would make it more difficult.

1) He can force your network traffic to go through his computer unencrypted, and only encrypt from his computer to the https server. You would notice this if you went to a site that was suppose to have an https:// prefix, but only saw http://.

2) If he has any physical access to the computer, no amount of passwords will help you. Unless you use something like TrueCrypt to encrypt your entire drive, consider that he can see anything you do, including key-logging all your passwords.

A virus/malware/spyware scanner may detect a keylogger, then at least you would know if he has been monitoring what you type. Reinstalling even the entire OS would only be a temporary solution, because the next time you're not there, he can install anything on your computer.
posted by Sonic_Molson at 10:34 AM on November 28, 2009

Alternatively, if you have good cell reception, you could see about getting mobile broadband - you'd need an adapter for your computer and it runs about $60/mo, with caps on data, but it could be an easy way to bypass his network altogether.
posted by clerestory at 2:55 PM on November 28, 2009

NERDALERT:
I have, while at work and responsible for the performance of the network, installed both a local DNS caching server and a local website cache to mitigate a sudden and unforeseen increase in the number of people using the internet until we could upgrade our connection. What thee caches do is save commonly visited websites on a machine on the local network, so that were you to be the second person to visit nytimes.com in a reasonably short period of time, you would not download the website over the internet connection, but instead from a computer siting in the closet, so that the internet connection would be less congested. It did provide a rather marked improvement, particularly because I could block the ads, and commonly visited websites, files, and the like were almost completely cached. Unfortunately, when installing and troubleshooting these caching services, the websites visited by my officemates were exposed. (literally in the first 10 lines of the logfile) Some of what was exposed was not tremendously, um, work appropriate. However, I didn't dig deeper, even though it was work, and in theory possible to find out who was surfing porn, I didn't.

That said, when my internet at home gets all crappy, which it does far more often than I would like, I think about doing something similar at home, however, even a rudimentary examination of the logs, such as one needed to ensure proper functioning of the system, would expose the websites that I and my roommates visit.

I both have not installed such a system (mostly because for four people, it wouldn't help that much), nor do I really care what websites my roommates visit. However, the lesson here is important: the internet is emphatically not private. Most of the data you send over the internet passes through several computers, all capable of logging your activity, most of which are neither run by the people you pay for internet, nor the websites you are intending to visit.

All of the above notwithstanding, your roommate shouldn't be snooping your internet connection. If he doesn't know this, and doesn't regret his actions, then there is something wrong with your roommate. Given the benefit of the doubt, the disclosure of your web habits may have been accidental, however, accidentally finding out someone's secrets is one thing, using them for your own advantage is a wholly other, reprehensible, thing.

(non-nerd analogy: imagine finding your roommate's private journal in the bookshelf, next to some of your books and your roommates books, you don't know it's their private journal, or even that it belongs to your roommate. You read the first few lines just to see who this book on the bookshelf belongs to, and you learn some secret about your roommate. Are you at fault for finding and discovering this information? Not particularly, at least I wouldn't find fault with you should it be my information. Should you keep this information, and moreover, your knowledge of this secret? Probably unless life and limb are at stake. Using it to gain points in an argument is, at least in my calculus, immoral and wrong.)
posted by Freen at 10:30 PM on November 28, 2009

I think you have to use your judgment of your roommate as a person here - it totally creeped me out the first time someone found my address online just because that felt like information that should be harder to get without asking me. But it's not. So you have to ask yourself two questions:

1. What's your roomate like? Is he being malicious here, or just geeky and curious and not thinking about how creepy that can be? Can you ask him how to secure your blog / etc and trust that he will do it to the best of his knowledge? If he's just one of those damn nosy people who can't resist the sweet, sweet smell of information that's already at his fingertips, then that's totally different from being someone who would install a keylogger on your system.

2. What is "normal" monitoring of internet traffic? If your roommate installed a packet sniffer, that's really creepy, change your passwords, etc. - but there are probably good reasons to have one of those too and your reaction should be tempered by that if he has one such. If he installed a keylogger then there are basic issues of boundaries that he is missing here (like, I don't care if you "would never access my bank account", you don't get to make that choice). Presumably this is part of why you're asking other tech folks for advice - as you can see, many of the responses say things like "all unencrypted traffic is easily accessible" and "everyone knows what sites you go to!"

But even when you end up logging all website traffic for legitimate reasons (question 2) it's still not okay to post signs at the office saying "to the individual visiting (weird porn site) 10x/day, get back to work". So you have to ask what your roommate's motivations were for revealing the information (question 1).
posted by Lady Li at 11:08 PM on November 28, 2009

As a networking professional I call bullshit on "this is normal" for any technical reason. If it was, you would have heard them ask something like "are you seeing slowness/ weirdness on your system?" You can monitor traffic and ports without learning the specific URL's or going to those URLs and reading their content.

Even if I bought that this was done accidentally, the fact that this person threw the fact at you during an argument proves they are unethical and untrustworthy. If they were my employee I would fire them for such a lapse.

Lastly I'll call bullshit on the people that downplay this. Unauthorized interception of your electronic communications is a Federal crime.
http://ilt.eff.org/index.php/Privacy:_Wiretap_Act
posted by anti social order at 7:01 AM on November 30, 2009 [1 favorite]

Can he read every email I send? Can he see every website that I go to?

Oh, yes he can. it's trivial to become the default gateway on a network and monitor every packet - even with SSL.
posted by anti social order at 6:30 AM on December 1, 2009

This thread is closed to new comments.