wpa encryption of wireless network how to?

George N. White III aa056 at chebucto.ns.ca
Mon Feb 18 21:58:48 UTC 2008

On Mon, 18 Feb 2008, Bill Davidsen wrote:

> Tim wrote:
>> On Sun, 2008-02-17 at 10:37 -0500, wrote:
>>>> It doesn't make it the slightest bit hard.  My computer find networks
>>>> without an SSID being broadcast.  They're harder to work out which is
>>>> the right network to use, only in as much as you've got to try them all
>>>> out one by one.  But they're listed, and selectable.
>> Bill Davidsen:
>>> Amazing how your words agree with me while your tone says you don't.
>>> You agree that it makes it harder to connect, and seem to see no
>>> benefit to making an AP less inviting. Any step to make access even a
>>> little harder or less appealing will deflect some portion of the
>>> hackers who are looking for an easy target. 
>> You're interpreting words, rather than taking them at face value.
>> It doesn't make it *harder* to "connect".  It's just as *easy* to
>> connect to one with or without out.  That's the false security side of
>> things.
>> Working out which is the right one can be more difficult, for someone
>> trying to connect to the right one (e.g. you, or your neighbour, who're
>> trying to connect to their own).  That's the networking problems side of
>> things.
>> For someone just wanting to misuse someone else's wireless LAN, that's
>> not even an issue.  They'll try them all, they won't care which.  So
>> there's the fallacy that you're falling into kicking the bucket.
> You read different security books than I do, mine say you should make every 
> single step as hard as possible, even if there's a workaround the intruder 
> may not know it.

I'm not generally in favor of book burning, but in this case I might
make an exception.  Security is all about tradeoffs.  Making things
harder and less reliable for legitimate users has to offer real
security benefits -- hiding SSID's makes things harder with at best
minimal benefits.  It you to makes things harder on yourself, spend
your time on things with better payoffs.

George N. White III  <aa056 at chebucto.ns.ca>

More information about the fedora-list mailing list