[liberationtech] HTTPS by default campaign launch today
Mehdi Yahyanejad
yahyanejad at gmail.com
Tue Nov 9 12:09:18 PST 2010
On Tue, Nov 9, 2010 at 12:48 PM, Jacob Appelbaum <jacob at appelbaum.net>wrote:
>
> Access Point Isolation does not help a passive sniffing attacker unless
> it is used in combination with WPA2 or some other reasonable encryption
> mode. Attackers simply need their wireless cards to be in monitor mode
> (eg: using Kismet) and they win.
>
>
Yes. WPA2 needs to be enabled. A simple password can be given out to the
public users
such as "free".
> Also, if someone "hacks into your network" - I'm fairly sure that
> session cookies and passwords are the least of your problem. Surely
> they're still a problem though. Owning the upstream router or network
> almost certainly beats Access Point Isolation; the packets are
> reassembled and sent to the internet through that very same router that
> is probably now compromised...
>
>
This is not a protection against an advanced hacker. This is about
protecting
people against someone running Firesheep/Wireshark on the laptop and
monitoring traffic.
These precautions are to make it more difficult for average users to steal
information.
-mehdi
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20101109/8822bd50/attachment.html>
More information about the liberationtech
mailing list