undefined | Better HN

0 pointsgojomo15y ago0 comments

That's what I thought -- enough to protect against fellow wireless sharers, but not the hosting establishment or path through their ISP to a website.

0 comments

chrisbroadfoot15y ago

No, you misunderstood. It's enough to protect you against random people sniffing wireless packets. Not other people that are on your network.

gojomoOP15y ago

Your terminology "the network" or "your network" is still unclear; encryption to the AP could be unique per wireless network client, or not. If it is unique per client -- and it is my belief that recent standards, like WPA2 at least, provide this -- then casual passive eavesdropping by other wireless clients (as with the FireSheep tool) is thwarted. (And that's what most people are most concerned about.)

Are you suggesting that no generation of WEP or WPA protects against other authorized wireless users of the same AP, because they're "on your network"?

[rewritten completely to seek clarification]

bluesmoon15y ago

WPA enterprise allows a separate (changing) key for each user, typically what you get from an RSA token. Once it gets to the AP, it's then clear text (assuming HTTP) over the rest of the internet until it hits your (HTTP) service provider.

If you have control over the internet between the AP and your server, then you're safe. If you don't, then how safe you are depends on how much you can trust the owner of each router along the way. In general, you should be okay, except that every now and then you might end up on an untrusted router, and it's then game over.

barfoomoo15y ago

Sorry, did not follow this part - "Not other people that are on your network.". Care to elaborate?

j / k navigate · click thread line to collapse