North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Wifi Security

  • From: Ross Hosman
  • Date: Mon Nov 21 11:13:01 2005
  • Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=s1024;; h=Message-ID:Received:Date:From:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=EqXGFYsxx6GID5g9rMRNGG1QLfkPz1o43leN0kReaSd43tw5m+8utATtEwdGJyeDSIbdPCSOTNUydY2g/tytQ5j8M4fZZq0g8A/k9TrHld5Lb5C9Zt+uycXJRdk2CuqPrhc/AQseJguL7oEIFli1w16f3AfhmoAjeMhz8WaoNU0= ;

--- "Christopher L. Morrow"
<[email protected]> wrote:

> yes, there are stupid people everywhere... Perhaps
> asking the question in
> another way is in order:
> "Given a large and widely available wireless network
> solution for
> 'consumers', how would you propose to raise the
> 'security' for users of
> that network?'
> Would you force WEP?
> Would you force WPA/WPA-2?
> Would you force ipsec?
> Would you skip transport level encryption in favor
> of application level
> security?
> Would you do widespread and widescale education
> efforts for the users?
> -chris

Google has come out with their secure access product
which helps but reminding someone's grandma to use
that product when she is using a wifi network is going
to be near impossible. For one she doesn't know what
wifi is, she just knows how to connect her computer to
the internet and click that email icon on her desktop.

Education will also be nearly impossible as many can
hardly grasp simple concepts.

With wireless encryption you could setup your "fake"
AP to use it between the user and the AP then just
sniff the traffic on the end.

Yahoo! Mail - PC Magazine Editors' Choice 2005