This is Olpersonality's Typepad Profile.
Join Typepad and start following Olpersonality's activity
Join Now!
Already a member? Sign In
Recent Activity
What about reStructuredText?
Toggle Commented Oct 26, 2012 on The Future of Markdown at Coding Horror
For nitpickers, let me be more clear: Vulnerable: WEP WPA/WPA2 Personal using Wireshark WPA Enterprise using brute force WPA2 Personal/Enterprise with TKIP using brute force Harder but Vulnerable: WPA2 Enterprise AES Perfect: ... For Wireshark's excellent "How To Decrypt 802.11" website: Do you trust your coffee shop to use the right wireless security settings? If not, the above advice - "be very careful how we browse on unencrypted wireless networks" - is insufficient. Be very careful how you browse on any network you don't trust, period, and if you're very worried about security, tunnel.
Toggle Commented Nov 14, 2010 on Breaking the Web's Cookie Jar at Coding Horror
@Mircea Chirea Bugmenot5 is right. In a standard WPA2 setup, as long as the attacker is listening when you connect to the network, encryption is not sufficient. WPA2 uses PTK for private transmission between the AP and each client, but in order to set up the PTK channel, it has to send the key to the client in the first case. This is done via the broadcast GTK, and any users who are already connected to the network (authorized users) can intercept the key that is sent. That is, if I am on the network when you connect, then I will see the key the AP sends you via GTK that you will use to encrypt your PTK messages, and thus I can trivially decrypt each one. Further, if I have the right tools, I can force you to disconnect and reconnect, so even if you connected before I did, it won't really matter that much (just an extra step). Even in the case where the right tools are set up to prevent this attack (and doing so is far beyond the reach of most coffee shops), there are other proven man-in-the-middle attacks against WPA2. Assuming that WPA2 will protect you is not a good idea. Here's an example: VPN is an excellent suggestion; if you have a host somewhere you trust that can serve as a proxy for all of your web traffic then using it through VPN, SSH tunnel, or otherwise, it is a great way to protect yourself. TL;DR: wireshark can still snoop your traffic if it is on the network before you; wpa2 isn't good enough, but VPN is
Toggle Commented Nov 14, 2010 on Breaking the Web's Cookie Jar at Coding Horror
Olpersonality is now following The Typepad Team
Nov 14, 2010