

Unencrypted public wifi should die - there
http://lcamtuf.blogspot.com/2010/12/unencrypted-public-wifi-should-die.html

======
gst
If you are using a public wifi hotspot it's an untrusted network.

Even encryption does not solve this. How do you prevent someone from just
setting up an accesspoint and then sniffing on all routed data?

In addition, for the operator of the wifi hotspot there is no incentive to
setup a complicated encryption scheme: If you care about the security issues
it's likely that you know how to solve them yourself (see below). If you don't
care it's likely that you won't be able to setup a WPA password that is
indicated in the SSID.

The only solutions for this are:

\- Either you establish end-to-end security with each individual server you
want to contact. Unfortunately this doesn't really work with HTTP today.

\- You open a secure channel to a trusted entity (such as a VPN provider you
trust) and then route all data over this channel. Such solutions are available
for less than $10 a month.

If you think that option #2 is too hard for someone without any knowledge
about security you've just identified a new business idea.

------
sbierwagen
I operate a public WAP as part of the seattlewireless project. I do this for
two reasons:

\- Not being able to access the internet seriously sucks. It took a month to
get DSL in my apartment, and every time I wanted to check my mail in that
month, I had to go to a coffee shop, or to work. Nobody in my building had an
open point.

\- It's a legal hack: Since my ISP never sees the MAC addresses of the
machines connected to my router, there's no way to prove what traffic came
from what. This may prove handy if the government drops the hammer on people
who accessed the wikileaks cables.

For these reasons, it would suck if public wifi was killed. A more elegant
solution would be auto-negotiated SSL tunnel to the router, over which all
traffic would be routed. Protection from eavesdropping, without denying access
to users.

~~~
flawawa2
I hope you do not really think that allowing others to use your internet
connection will protect you from any problems arising from bad things being
done with your internet connection. But please do run a Tor exit node.

~~~
andrewcooke
Aren't these two sentences contradictory? Why would someone who is so worried
about liability that they do not open up their wifi run a Tor node?

Alternatively: are you implying that a Tor node is "more deniable" than an
open wifi? If so, why?

------
juiceandjuice
Too bad all of these attacks can be carried out even with encrypted public
wifi hotspots.

~~~
philipn
Can they, though?

I was under the impression that sniffing WPA encrypted traffic was difficult
even if you know the passphrase.

~~~
gst
Unless you're the operator of the access point. Are you really gonna trust
each random access point that you find?

~~~
pmjordan
Corollary: operate a rogue AP in a bag with the same SSID and password as a
public one and get the clients to connect to you instead of the "real" AP.
Getting a stronger signal than it should be easy due to closer proximity. OK,
it's no longer a passive attack and can easily be detected if you're looking
for it, but if you're even aware of the possibility, you'll be using a VPN
anyway. If you're after facebook passwords and the like, this will work well
enough.

~~~
jancona
Isn't part of the problem that the current wifi encryption standards require
client authentication in order to get encryption, but don't normally provide
any authentication of the AP. In other words, in order to get a WPA2 encrypted
connection I have to provide at least a passphrase (which is a barrier in a
public setting), yet I have no assurance that I'm connected to a trusted
access point, as opposed to a rogue AP. Maybe what's needed is something more
like HTTPS, where by default the client doesn't need to authenticate, but the
certificate provides some assurance that you're connected to the correct site.

~~~
pmjordan
WPA(2)-EAP ("WPA enterprise") has supported this for years. It also has other
advantages, such as supporting multiple usernames, each with their own
password. It also works on most existing client devices (iPhones, etc.) I use
it at home; unfortunately, very few APs have a built-in authentication server
for it, so you need to run FreeRADIUS on some always-on Linux/BSD device.

------
rbanffy
And that's what VPNs are for.

When using an open, unencrypted wifi router, you should understand you are
connecting your computer to a potentially hostile network with could be
populated by lots of very bad computers.

~~~
jancona
Of course, most users have never even heard of VPNs. Does anyone offer easy-
to-use VPN services to end users? If not, is that a potential business
opportunity? (Not that I have a clue on how to make money at it. I can't
imagine getting users to pay.)

~~~
rbanffy
Two simple ideas:

\- VPN-as-a-service: a free-to-download client with access to a secure access
point. You download it, install it and pay as you go. It could even stand
guard preventing you from joining unsafe networks.

\- Where-do-you-want-to-pretend-you-are: very useful for geo-restricted
services

~~~
crander
Anyone else remember when Google offered a free public VPN service to solve
this problem a few years back? They shut it down in weeks. Awesome but I
expect they had way too much traffic.

~~~
rbanffy
I suppose that it should cost something. It's not like you can gather metrics
(or that you should be able to) from VPN traffic.

------
motters
I'm no expert on security, but as far as I'm aware encrypted wifi is
completely broken, and can be trivially unencrypted by someone with negligible
knowledge using easily available software within a few minutes.

~~~
ComputerGuru
Depends on the encryption. WEP is just as bad as public (though it'll keep Joe
Somebody out, but that's about it). WPA1 is alright, and WPA2 w/ AES is a
whole different ballgame.

------
sp332
Setting up a rogue AP and sniffing traffic is not a hypothetical attack, it's
fairly easy and people really do it. Here's a nifty one:
<http://www.hak5.org/store/wifi-pineapple-version-2> (It's called the wifi
"pineapple" because it fits into a novelty drink container, see
<http://www.hak5.org/store/wifi-pineapple> )

------
viraptor
For those of us who have some vps / other server out there, there's always a
vpn connection possibility. It will slow everything down, but at least you get
the security in a public place as long as you tunnel everything through it.

------
alexeyklyukin
I don't think killing public wireless is practical. Instead, owners could add
a text note, warning new users against accessing their private data while
connected to the public network.

------
scrod
The gist of the article:

Security on the web is broken in many technical ways.

Therefore, we should strive to change social practices regarding the use of a
technology that is completely independent of the web, instead of actually
fixing the problem itself.

