OHMS BLOG

Wednesday, May 25, 2011

privacy technology

Your unencrypted network traffic is vulnerable beyond the Wi-fi access point

Whether it's your Facebook identity or your Google Calendar traffic, there has been plenty of coverage lately about unencrypted information being sent to websites. What annoys the hell out of me, however, is this notion (coming from people who should know better, might I add) that these issues are only a problem if you're connecting to the internet via unsecured wi-fi.

This is complete and utter nonsense; the only thing that secured wi-fi gives you is a higher barrier to entry!

Consider this mental exercise: What happens to your data after it travels past the wi-fi access point? It needs to travel the remaining hundreds or thousands of kilometres to the website's data centre. If that information is unencrypted at the application layer (let's say via HTTP), it's just as visible by somebody intercepting it as it comes across the wire as it was over the unsecured airwaves. Wi-fi encryption is at the link layer, so it's only going to protect your data as it travels from your device to the access point; from then on, it's open season.

I don't dispute the fact that it's easier to snoop on unsecured wi-fi than it is to monitor a wired medium. What I do dispute is this ridiculous claim that securing your wireless connection or using a wired connection solves everything for you.

Avoiding unsecured wi-fi is not the solution. Using secure application layer protocols such as HTTPS is the solution.

1 comments:

Custom Logo Design said...

After reading your post i have a better understanding of what "Your unencrypted network traffic is vulnerable beyond the Wi-fi access point"really is. Your post have the information that is helpfull and very informative. I would like you to keep up the good work. You know how to make your post understandable for most of the people.

Release 7.0; Copyright © 1996-2012 Aaron Klotz. All Rights Reserved.