North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: Wifi Security
- From: Patrick W. Gilmore
- Date: Mon Nov 21 09:48:55 2005
On Nov 21, 2005, at 9:42 AM, Ross Hosman wrote:
So my question is pretty simple. You have all these major companies
Why would you even need to set up an AP? Why not just sit and sniff
traffic? Gets you the _exact_ same information.
as google/earthlink/sprint/etc. building wifi networks. Lets say I
to collect peoples information so I setup an AP with the same ssid as
google's ap so people connect to it and I log all of their traffic.
people won't check beyond the ssid to look at the mac address but even
that could be spoofed. Is there anyway to verify a certain ap beyond
mac/ssid, will there be in the future? How do these companies plan to
mitigate this threat or are they just going to hope consumers are
enough to figure it out?
And why worry about Google, etc., when Starbucks and airports have
been doing this for _years_?
Lastly, most consumers are smart enough to know to use encryption
(the little pad-lock in their browser). Some aren't. Changing the
WiFi architecture is not going to save those who aren't.