[YLUG] Solving a general wireless security problem

mike cloaked mike.cloaked at gmail.com
Tue Jun 10 09:17:35 BST 2008 

On Mon, Jun 9, 2008 at 10:26 PM, Arthur Clune <arthur at clune.org> wrote:

> In general you can't prevent MiM attacks, only detect them e.g. you can't
> stop someone arp spoofing the router on your local network (your switch can
> but you can't), but you can detect the change of mac of the gateway.
>
> Similarly for the situation you envisage: you should be able to spot the
> change/lack of certificate for the bank (the most obvious and easy thing to
> spot) and then run away very fast.
>
> If you're in a coffee shop you've never been to before and using an open
> network (so no certificate to check for the network itself), certificate
> checks on the sites themselves are the best bet.
>
> You can also check for the same network appearing on multiple channels, but
> this can be legitimate (though it's not likely in your local coffee shop!)

Thanks for the replies - of course this seems to indicate that the
"expert" user has some chance of not being caught out - but what about
the less knowledgable user, who innocently takes his own or company
laptop on his journeys and then may get caught out? Just go into the
coffee shops in York or have a coffee at the station to see people
regularly using the public networks.

Maybe thought needs to be put in place to protect the majority of
people out there who have no idea what the previous discussions even
mean, let alone how to work around the issues. But who is in a
position to make a difference for the majority "out there"?

I have a colleague at work who is an academic scientist and who scoffs
at me for being concerned about security issues - and often jokes
about what I "might have to hide" on my computer, and says he has
never had a problem so why should he worry. I guess that attitude may
be far more common than is desirable.

I always do my best to avoid having a problem and I am lucky that I
have linux and have half a chance to get things right - but lots of
folk still go into internet cafes to check their email, or bank
accounts, whilst travelling the world....

-- 
mike

More information about the York mailing list