I participated in a virtual roundtable discussion with some other tech savvy minds over at WiFiJedi's (Douglas Haider's) Blog. The topic was Pre-Shared Keys and some of the new techniques Aerohive and others are bringing to the table. You can find the discussion here.
Let me know how I did.
A mild disagreement with your point about security at hotspot locations. T-Mobile did offer the tmobile-dot1x SSID using TTLS and WPA authentication, but I fail to see the advantage of this. Yes, if you used this service you would not have your traffic sent in plaintext over the air like those on the "tmobile" SSID, but you traffic is still exposed to anyone else on the same network. As an attacker, if I can also connect to the hotspot provider's AP, I can capture your plaintext traffic by manipulating ARP tables at layer 2 (for example).
ReplyDeleteWhat is the real benefit of using security in a hotspot? If the admission criteria for the hotspot is that anyone with physical proximity or a credit card can access the same layer 2 network as you, then WPA encryption provides no significant benefit.
I will credit you this however: captive-portal authentication (used in SSID: "tmobile") is a travesty and a hack, and provides very little security. It is trivial to dupe legitimate users into turning over their authentication credentials (and potentially CC numbers) when captive portal is used for authentication on an open network. TTLS is a big improvement over captive portal authentication.
Nice write-up. :)
-Josh
Agreed! Maybe, "It was fast and secure" is a slight bit overstated. There are still vulnerabilities, however, some authentication and encryption better than none, IMHO.
ReplyDeleteHow do you feel about Personal PSK's?