[YLUG] Solving a general wireless security problem

john halewood john.halewood at gmail.com
Thu Jun 12 02:42:14 BST 2008


2008/6/10 mike cloaked <mike.cloaked at gmail.com>:
> I have a colleague at work who is an academic scientist and who scoffs
> at me for being concerned about security issues - and often jokes
> about what I "might have to hide" on my computer, and says he has
> never had a problem so why should he worry. I guess that attitude may
> be far more common than is desirable.
  wait until his bank/credit card is emptied and then try and educate
him. I've found that a wooden stick with rusty nails in the business
end works quite well. Avoiding using DNS is quite useful - but getting
Joe.Public to memorise 4 octets is quite difficult (and IPv6 will make
that even worse). Best bet is to go back to something you can trust.
When I'm away (which is often) I either ssh back to a known good
server - or use RDP if I have to use Windows. I can accept the latency
to offset the possible security issues. Of course, if you've got a
really nasty MITM intrusion (and with some of the public networks I've
seen it wouldn't be difficult), then you could just sniff the
datastream regardless and then decrypt it. However most hackers can't
be bothered with the difficult stuff and just go for the plaintext,
and even something like Morning Cloud would take a long time to
decrypt an ssh session using 2048-bit wibble encryption that you wrote
yourself and patched into the source code of openssl.

cheers
john

p.s. I'm not kidding about the stick with the rusty nails.



More information about the York mailing list