Posted from the National Mall
September 9, 2010 9:50 AM Subscribe
The National Mall in Washington DC is a site for many historic events. Starting today mall visitors have access to free unrestricted WiFi (even the blue) from 3rd to 14th streets. This is just the latest addition to DC's expansive public WiFi network.
Neat!
So in college I took a class on wireless networking and part of it was using sniffer tools to reveal exactly how vulnerable unencrypted data was over 802.11b. Did the g or n revisions (or WPA) address any of those problems or is it still trivial for any network user to see all the network traffic? I've just been assuming things hadn't changed, but haven't been keeping up.
I ask because of these open wifi projects, both public and private. If I have the public Starbucks wifi SSID "approved" on my iPhone as well as my WPA-encrypted local network, what happens when they overlap? Might my IM conversation flip-flop between being hidden and being publicly readable depending on random signal strength fluctuations (seriously, my roommate's microwaving another pop-tart?)?
posted by Riki tiki at 10:18 AM on September 9, 2010
So in college I took a class on wireless networking and part of it was using sniffer tools to reveal exactly how vulnerable unencrypted data was over 802.11b. Did the g or n revisions (or WPA) address any of those problems or is it still trivial for any network user to see all the network traffic? I've just been assuming things hadn't changed, but haven't been keeping up.
I ask because of these open wifi projects, both public and private. If I have the public Starbucks wifi SSID "approved" on my iPhone as well as my WPA-encrypted local network, what happens when they overlap? Might my IM conversation flip-flop between being hidden and being publicly readable depending on random signal strength fluctuations (seriously, my roommate's microwaving another pop-tart?)?
posted by Riki tiki at 10:18 AM on September 9, 2010
Residents and visitors can use the new hotspots 24 hours a day, seven days a week, 365 days a year.
Great! Just what we need -- hacker street-people making D.O.S. attacks from the tubes on the Mall...
posted by vhsiv at 10:22 AM on September 9, 2010
Great! Just what we need -- hacker street-people making D.O.S. attacks from the tubes on the Mall...
posted by vhsiv at 10:22 AM on September 9, 2010
What's the network name? my office is in the 700 block of D st. NW.
posted by Ironmouth at 10:27 AM on September 9, 2010
posted by Ironmouth at 10:27 AM on September 9, 2010
I don't think 802.11n includes any additional encryption by default. WPA addresses this. But yes, traffic over this network that isn't encrypted by VPN or whatever is completely in the clear and sniffable.
If I have the public Starbucks wifi SSID "approved" on my iPhone as well as my WPA-encrypted local network, what happens when they overlap?
Does the iPhone have a priority list so you can rank different wireless SSIDs?
posted by mkb at 10:31 AM on September 9, 2010
If I have the public Starbucks wifi SSID "approved" on my iPhone as well as my WPA-encrypted local network, what happens when they overlap?
Does the iPhone have a priority list so you can rank different wireless SSIDs?
posted by mkb at 10:31 AM on September 9, 2010
We are getting ever closer to Max Headroom! Wheee!
posted by Katjusa Roquette at 10:33 AM on September 9, 2010
posted by Katjusa Roquette at 10:33 AM on September 9, 2010
Routed directly through NSA servers, probably.
posted by fourcheesemac at 10:34 AM on September 9, 2010
posted by fourcheesemac at 10:34 AM on September 9, 2010
Does the iPhone have a priority list so you can rank different wireless SSIDs?
Yes, I think so, but my point about the microwave is that there are circumstances in which the higher-priority network might get cut off even though you didn't go out of its range, and the iPhone would just silently fall back to 3G or another wifi network.
posted by Riki tiki at 10:42 AM on September 9, 2010
Yes, I think so, but my point about the microwave is that there are circumstances in which the higher-priority network might get cut off even though you didn't go out of its range, and the iPhone would just silently fall back to 3G or another wifi network.
posted by Riki tiki at 10:42 AM on September 9, 2010
reveal exactly how vulnerable unencrypted data was over 802.11b
It's not a function of b/g/n, it's a matter of WEP vs WPA2. The latter has a pre-shared key mode that uses AES and is perfectly secure as long as you don't pick a password that can be brute forced, i.e. 15 or so characters including upper/lower/punct/numbers/etc. Of course, a lot of the old b-only gear probably predated wide adoption of WPA2 and only supported WEP, but that's a function of its age and not that it was b and not g.
But anyway, WPA2 PSK probably isn't going to be offered here because it would mean that users would have to be given the password and that generally means too much fuss for people just looking for free access, so it's probably completely unencrypted and you should use https and/or a VPN.
posted by Rhomboid at 11:06 AM on September 9, 2010
It's not a function of b/g/n, it's a matter of WEP vs WPA2. The latter has a pre-shared key mode that uses AES and is perfectly secure as long as you don't pick a password that can be brute forced, i.e. 15 or so characters including upper/lower/punct/numbers/etc. Of course, a lot of the old b-only gear probably predated wide adoption of WPA2 and only supported WEP, but that's a function of its age and not that it was b and not g.
But anyway, WPA2 PSK probably isn't going to be offered here because it would mean that users would have to be given the password and that generally means too much fuss for people just looking for free access, so it's probably completely unencrypted and you should use https and/or a VPN.
posted by Rhomboid at 11:06 AM on September 9, 2010
Power to the people!
I'm a little fuzzy on this, but didn't Philadelphia want to do something similar a few years back? Then Comcast (who has a huge corporate presence there) did some shady backroom dealing to make sure it never happened.
posted by contessa at 6:05 PM on September 9, 2010
I'm a little fuzzy on this, but didn't Philadelphia want to do something similar a few years back? Then Comcast (who has a huge corporate presence there) did some shady backroom dealing to make sure it never happened.
posted by contessa at 6:05 PM on September 9, 2010
This definitely would have made the hours I spent reserving a spot for "Screen on the Green" a lot more fun.
posted by SNWidget at 7:34 PM on September 9, 2010
posted by SNWidget at 7:34 PM on September 9, 2010
Minneapolis has a pretty decent wireless network. It costs money to have in your home, but is free near parks, schools, tourist spots, etc. I pay under $30 a month for 4.5 mbps to my house, which is less than half the price of the local cable and DSL providers. There are also some really cheap, low speed plans for light users.
As far as I know WPA2 is secure. However, I have seen some social engineering attacks -- you make a fake wireless network with the same SSID as an existing network, and monitor traffic on your fake network. WPA2 includes network certificates to try to prevent this, but a lot of software doesn't properly warn you when they don't match up. It's even possible for a virus to create an ad-hoc network behind the scenes, though I don't think any do right now. The number of users who understand that this is a threat is infinitesimal.
posted by miyabo at 8:11 AM on September 10, 2010
As far as I know WPA2 is secure. However, I have seen some social engineering attacks -- you make a fake wireless network with the same SSID as an existing network, and monitor traffic on your fake network. WPA2 includes network certificates to try to prevent this, but a lot of software doesn't properly warn you when they don't match up. It's even possible for a virus to create an ad-hoc network behind the scenes, though I don't think any do right now. The number of users who understand that this is a threat is infinitesimal.
posted by miyabo at 8:11 AM on September 10, 2010
« Older Bro on bro violence | Apple U-Turn Newer »
This thread has been archived and is closed to new comments
Kidding aside, I think this is pretty cool.
posted by Mister_A at 10:17 AM on September 9, 2010 [1 favorite]