I think I'm wasting a post due to the April 1 chaos today, but everyone seems to be missing the point here. This is real, and it's not just an open network. And it's not vulnerable to range boosters - it's fundamentally undefeatable range-based authentication. The system uses time-of-flight of the signal to measure the distance from access point to user much like radar. Some wifi hardware already does this, but doesn't use that information for authentication purposes. For example, Ubiquiti's AirOS devices provide an actual range measurement but with much lower resolution since they are intended for long-range links. This is just an improvement in accuracy combined with the use of measured range data for authentication. It's very clever.
So violate the IFS spec a little and appear to be closer than you are.
Open wifi does not use encryption. It's surprising that no standard has developed for this, but when you connect to an open wifi network, you are subject to possibly having your traffic sniffed.
Yes, you should be using secure protocols whenever possible (HTTPS), but it's an entire layer of security missing.
When you use secure WiFi with AES-CCM encryption using keys established with RSA, the AP conveniently decrypts your wireless traffic and passes it onto the internet in plaintext form. 802.11 security is necessary for controlling access, but not sufficient for privacy.
I've always wondered why I can't to passwordless, but encrypted Wi-Fi.
I can do it with a credit card.
It shouldn't be that hard to do, at least for phones where you can side channel a trusted cert over mobile do avoid MITM.
Because without some arrangement beforehand (establishing trust in a cert signer, establishing a key etc) MITM is always possible, and on a wireless connection, trivial.
What should be possible but generally isn't, is SSH style session continuation, where you're vulnerable in the initial session where you agree on the other end you're connecting to being the other end, but keys are stored and provided you were not MITMed the first time, subsequent sessions will use the keys and you will be ok from there on. This is practical, doesn't require passwords or certs or PKI and while it isn't perfect, it raises the bar quite a bit.
It does happen, rarely. In the UK, the soccer World Cup Final has been shown on both BBC and ITV simultaneously, giving viewers the choice of which pundits to listen to and whether to put up with ads at half time. Hard to see what's in it for the channels though.
I think you mean the FA cup final. Does that law cover the world cup too?
How are we to conclude that an AT&T phone of this sort will be anything but horrible?
If you want a straight up Android, buy a Nexus. If you want a straight up IOS, buy an iPhone.
Motorola Moto seems okay for lower cost near stock Android. Updates aren't for as long of course.
I just went Apply after years of being Androidy, just to see what it's like on the other side. So I guess I won't get to find out any time soon. I still have my Apple ][, so I claim old school points.
It may be a shiny new operating system, but it's plagued with the same old problems.
A new Skylake laptop was brought to me with Windows 10 installed. It took the owner less than a day to download some executable which installed malware (mysearchresults) that ferreted its way into many corners of the system and rendered it useless. The system came pre installed with McAffee something or other which failed to recognize the executable as a virus even though it declared that it had scanned it.
I like to think platform security is improving, but it's clear that basic naive user actions are as disastrous as ever.
You think people bought HD because they could see the resolution, or because large flat-screen LCD TV's came into vogue with new connectors at the same time?
I got a TV that fit the space nicely. It wasn't available in a non 4K format.
I can see the difference on my 4K TV when I stream 4K content. However I cannot say it has had the slightest effect on my enjoyment or non-enjoyment of any movie or TV show. I really do not care whether the show is 4K. I care that the show is good.
In a world where you use it to download porn for local viewing to get around a corporate content filter in the manner described above by the person who couldn't imagine using a VR helmet for any other purpose.
Morals as in doing my the job I'm paid to do and not letting down my coworkers rather than slacking off. Going to extra effort to download materials for slacking off doesn't get you brownie points for effort.
Indeed. But I also have a job to do and people would notice if I wasn't doing it. There might be the minor issue of morals as well. Some people have them.
Slashdot Mirror
I think I'm wasting a post due to the April 1 chaos today, but everyone seems to be missing the point here. This is real, and it's not just an open network. And it's not vulnerable to range boosters - it's fundamentally undefeatable range-based authentication. The system uses time-of-flight of the signal to measure the distance from access point to user much like radar. Some wifi hardware already does this, but doesn't use that information for authentication purposes. For example, Ubiquiti's AirOS devices provide an actual range measurement but with much lower resolution since they are intended for long-range links. This is just an improvement in accuracy combined with the use of measured range data for authentication. It's very clever.
So violate the IFS spec a little and appear to be closer than you are.
>https security layer, relying on PKI
Right, because that's shown to be so secure with the thousands of perfectly run CAs.
Would be nice.
Device isolation and each device given its own encryption key for the router.
Should have been done years ago.
You mean like the EAP+4 way handshake that was put in the spec years ago providing pairwise keys for every STA-AP pair?
Open wifi does not use encryption. It's surprising that no standard has developed for this, but when you connect to an open wifi network, you are subject to possibly having your traffic sniffed.
Yes, you should be using secure protocols whenever possible (HTTPS), but it's an entire layer of security missing.
When you use secure WiFi with AES-CCM encryption using keys established with RSA, the AP conveniently decrypts your wireless traffic and passes it onto the internet in plaintext form. 802.11 security is necessary for controlling access, but not sufficient for privacy.
Blocking the WiFi is good. Reduced inter cell interference.
But what blocks the WiFi also blocks the cell phone.
I've always wondered why I can't to passwordless, but encrypted Wi-Fi.
I can do it with a credit card.
It shouldn't be that hard to do, at least for phones where you can side channel a trusted cert over mobile do avoid MITM.
Because without some arrangement beforehand (establishing trust in a cert signer, establishing a key etc) MITM is always possible, and on a wireless connection, trivial.
What should be possible but generally isn't, is SSH style session continuation, where you're vulnerable in the initial session where you agree on the other end you're connecting to being the other end, but keys are stored and provided you were not MITMed the first time, subsequent sessions will use the keys and you will be ok from there on. This is practical, doesn't require passwords or certs or PKI and while it isn't perfect, it raises the bar quite a bit.
But taken phonetically and out of context, some people will choose to hear ass-pick.
Indeed. Quality content and success don't go necessarily go together.
>I'd like to use an Intel Linux distro that was really stable and could let me use Intel hardware to its full potential.
I think they thought of that: https://clearlinux.org/
Al Jazeera filled that role for those that cared to take a look.
It does happen, rarely. In the UK, the soccer World Cup Final has been shown on both BBC and ITV simultaneously, giving viewers the choice of which pundits to listen to and whether to put up with ads at half time. Hard to see what's in it for the channels though.
I think you mean the FA cup final.
Does that law cover the world cup too?
The Detectorists. You will not be sorry.
That was certainly the meaning I was trying to convey.
True story:
Yesterday I was scolded by a person for saying aspic.
We're actually helping educate you to use the correct spelling and to double check your spelling, so you stop making your self look like a moron.
"your self" or "yourself"?
"yooz"
How are we to conclude that an AT&T phone of this sort will be anything but horrible?
If you want a straight up Android, buy a Nexus. If you want a straight up IOS, buy an iPhone.
Motorola Moto seems okay for lower cost near stock Android. Updates aren't for as long of course.
I just went Apply after years of being Androidy, just to see what it's like on the other side. So I guess I won't get to find out any time soon. I still have my Apple ][, so I claim old school points.
How are we to conclude that an AT&T phone of this sort will be anything but horrible?
If you want a straight up Android, buy a Nexus. If you want a straight up IOS, buy an iPhone.
It may be a shiny new operating system, but it's plagued with the same old problems.
A new Skylake laptop was brought to me with Windows 10 installed. It took the owner less than a day to download some executable which installed malware (mysearchresults) that ferreted its way into many corners of the system and rendered it useless. The system came pre installed with McAffee something or other which failed to recognize the executable as a virus even though it declared that it had scanned it.
I like to think platform security is improving, but it's clear that basic naive user actions are as disastrous as ever.
Are you calling for more gubment regulation?
I'm calling for the gubment to accommodate normal software update practices in certified software.
Thanks. I was waiting for someone to blame it all on gubment.
Well they do bear some of the responsibility for the situation.
You think people bought HD because they could see the resolution, or because large flat-screen LCD TV's came into vogue with new connectors at the same time?
I got a TV that fit the space nicely. It wasn't available in a non 4K format.
I can see the difference on my 4K TV when I stream 4K content. However I cannot say it has had the slightest effect on my enjoyment or non-enjoyment of any movie or TV show. I really do not care whether the show is 4K. I care that the show is good.
In a world where you use it to download porn for local viewing to get around a corporate content filter in the manner described above by the person who couldn't imagine using a VR helmet for any other purpose.
Morals as in doing my the job I'm paid to do and not letting down my coworkers rather than slacking off. Going to extra effort to download materials for slacking off doesn't get you brownie points for effort.
Indeed. But I also have a job to do and people would notice if I wasn't doing it. There might be the minor issue of morals as well. Some people have them.