|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Wifi Security
--- "Patrick W. Gilmore" <[email protected]> wrote: > > On Nov 21, 2005, at 9:42 AM, Ross Hosman wrote: > > > So my question is pretty simple. You have all > these major companies > > such > > as google/earthlink/sprint/etc. building wifi > networks. Lets say I > > want > > to collect peoples information so I setup an AP > with the same ssid as > > google's ap so people connect to it and I log all > of their traffic. > > Most > > people won't check beyond the ssid to look at the > mac address but even > > that could be spoofed. Is there anyway to verify a > certain ap beyond > > mac/ssid, will there be in the future? How do > these companies plan to > > mitigate this threat or are they just going to > hope consumers are > > smart > > enough to figure it out? > > Why would you even need to set up an AP? Why not > just sit and sniff > traffic? Gets you the _exact_ same information. > > And why worry about Google, etc., when Starbucks and > airports have > been doing this for _years_? > > Lastly, most consumers are smart enough to know to > use encryption > (the little pad-lock in their browser). Some > aren't. Changing the > WiFi architecture is not going to save those who > aren't. > > -- > TTFN, > patrick I have to disagree that most consumers are smart enough to use encryption. Most consumers are dumb as a brick when it comes to the internet and especially security. Take a look at the average AOL user and you'll see what I'm saying. Starbucks and t-mobile is a little bit different as these networks aren't concentrated. As we companies start covering entire cities I believe you could start seeing this as becoming a regular problem. __________________________________ Start your day with Yahoo! - Make it your home page! http://www.yahoo.com/r/hs
|