Was just informed of this cafe's free WiFi. Checked it and it's unencrypted. No thank you, I like my stuff not to be flying around bare
What do you lot think? Once I get a few replies, I'll explain my thinking around why it's unencrypted.
Was just informed of this cafe's free WiFi. Checked it and it's unencrypted. No thank you, I like my stuff not to be flying around bare
![]() ![]() ![]() |
|
Please support Geekzone by subscribing, or using one of our referral links: Samsung | AliExpress | Wise | Sharesies | Hatch | GoodSync | Backblaze backup
mattwnz: Not a fan of free wifi myself, and the free provider could be potentially liable for anything that anyone does on it. eg Illegal hacking from that connection. I have found from personal experience that people do abuse free wifi networks by hiding behind them if they want to do something bad. These days people should just get their own 3G connection if they want to use the internet in a public environment.
gareth41: I run a wifi hotspot service providing captive portals for cafe's, motels etc... all of the login pages use ssl, the ap's have ap isolation enabled by default, save password cookies are encrypted, php sessions are also checked and regenerated. But at the end of the day theres only so much that can be done, nothing is 100% secure in my opinion. If someone really wanted to start sniffing i've just made things a whole lot harder for them.
Please support Geekzone by subscribing, or using one of our referral links: Samsung | AliExpress | Wise | Sharesies | Hatch | GoodSync | Backblaze backup
Kyanar:gareth41: I run a wifi hotspot service providing captive portals for cafe's, motels etc... all of the login pages use ssl, the ap's have ap isolation enabled by default, save password cookies are encrypted, php sessions are also checked and regenerated. But at the end of the day theres only so much that can be done, nothing is 100% secure in my opinion. If someone really wanted to start sniffing i've just made things a whole lot harder for them.
No you haven't. If the Wifi network itself is unencrypted, then intercepting another user's traffic and obtaining access to confidential information is super easy - encrypted captive portal or not. Especially what with the SSL renegotiation exploit and so on.
Ultimately, you just shouldn't do anything super confidential on public access points. That includes banking, possibly even checking email. If you intend to, then establish a VPN connection back to a trusted network to do so.
sbiddle: Clearly the person who tweeted that has no concept of a WiFi deployment or security.
With AP isolation enabled unsecured WiFi security is fundamentally no different to a secured network (and just using WPA/WPA2 doesn't mean broadcast/L2 exploits can't occur). There are hotspots out there without AP isolation enabled and they should be avoided like the plague unless you're using a VPN, with with AP isolation enabled the vast majority of security risks are eliminated.
On the other hand you can't eliminate all risks, so if you're really security conscious you would always use a VPN on a foreign network.
boby55: TBH if data usage isn't an issue I would find having to enter a network password more of an inconvenience to customers than its worth as you no matter how many signs you put up you will have people asking staff what the password is.
mattwnz: Not a fan of free wifi myself, and the free provider could be potentially liable for anything that anyone does on it.
|
![]() ![]() ![]() |