[OpenWireless Tech] A small question about tracking
"Andy Green (林安廸)"
andy at warmcat.com
Tue Nov 6 07:41:37 PST 2012
On 11/06/12 23:16, the mail apparently from Eugene Smiley included:
> On Tue, Nov 6, 2012 at 10:06 AM, "Andy Green (林安廸)" <andy at warmcat.com> wrote:
>> Right... and freedom from sniffing or other snooping between you and your
>> VPN server is also significant in this context, even if the AP owner is
>> malicious.
>
> Actually if the VPN runs between the router and the datacenter, users
> aren't protected from a malicious AP owner. Running it on the PC adds
> that protection but add the complications to the user experience.
It doesn't, it runs from the client (laptop, phone) to his VPN server.
The AP muts be fundamentally untrusted by the client, and the AP owner
must take the approach his clients are completely untrusted too. That
way, both can be safe.
By default the VPN can be secured with a PSK, if you want better
security you can use certs.
-Andy
More information about the Tech
mailing list