[off-topic] Wifi Security - or lack thereof...
Michael Van Delft
michael at hybr.id.au
Tue Nov 13 12:58:41 WST 2012
I only just got this message on the 13th, there are two way I'd deal
with WiFi I don't trust, one is only uses sites and
browsers/programs[1] that have SSL setup correctly. HTTPS everwhere[2]
can help with this on sites that only default SSL for the login page.
The other option is setting up a VPN although that really just shifts
the issue from “Do you trust the WiFi?” to “Do you trust your VPN
provider?”
It’s sad how few people take security seriously, it was hard work for
me to convince the web developers we use at work that keeping peoples
passwords for our website in plain text would have been a very bad
idea.
[1] There was a big buzz in the news about mobile apps that don’t
check certificate authority paths correctly and are still vulnerable
to MITM attacks all mainstream browsers are ok.
https://www.schneier.com/blog/archives/2012/11/new_ssl_vulnera.html
[2]https://www.eff.org/https-everywhere
On Wed, Nov 7, 2012 at 11:26 AM, Jim Householder <nofixed at westnet.com.au> wrote:
> Hi,
>
> I have just spent a month on the road in the USA and Canada, and Internet
> security has been an issue.
>
> Perhaps 7 or 8 motels had secured wifi, another 13 or so asked for a
> password before the first page could be displayed, and the rest were wide
> open.
>
> When I tried to talk to them about security, they were not interested. They
> seem to think that the limited coverage area was sufficient.
>
> Oh, and 2 only had wired connections. I'm on one of them now. I have
> avoided any sites that need a password other than my email.
>
> One of these days I will set up tightvnc or similar but I usually
> procrastinate until it's too late.
>
> Cheers
> Jim
> _______________________________________________
> Off-topic mailing list
> Off-topic at plug.org.au
> http://lists.plug.org.au/mailman/listinfo/off-topic
More information about the Off-topic
mailing list