[OpenWireless Tech] Is it safe enough?
Hans-Christoph Steiner
hans at guardianproject.info
Mon Jan 12 04:52:00 PST 2015
Using a VPN would make it difficult for users of the same wifi to see your
unencrypted traffic, as well as the operator of the wifi AP. But since the
VPN provider can see all the traffic, and you don't know what the VPN provider
is doing with your traffic, it is not a solution I would recommend to people
concerned about security or privacy in their general internet usage.
VPNs are mostly useful as circumvention tools when dealing with networks that
block and filter. Or they are useful for providing a secure connection to a
"Private Network" hence "Virtual Private Network". But as the most recent NSA
leaks show, VPN protocols are mostly pretty bad when it comes to security.
http://www.spiegel.de/international/germany/inside-the-nsa-s-war-on-internet-security-a-1010361.html
.hc
Pratheek Rebala:
> Right, but I think the question is about making those guest networks secure for
> users using the open connections.
>
> On Mon, Jan 12, 2015 at 16:12, Umut Erdal <umt.erdl at gmail.com> wrote:
>
> I think today most of routers support virtual networks such as guest
> networks so i think it's the most safe option. By configuring your router
> like this, you separate your network from other clients so they can't use
> attacks like mitm.
>
> On Mon, Jan 12, 2015 at 12:59 PM, Pratheek Rebala <pratheekr at gwmail.gwu.edu
> <mailto:pratheekr at gwmail.gwu.edu>> wrote:
>
> I'm not an expert on this but was wondering if enforcing a VPN type
> solution to encrypt all traffic after joining an open wireless
> connection can give an additional layer of security while accessing
> sites not on SSL.
>
> Thoughts?
>
>
> On Mon, Jan 12, 2015 at 13:04, Hans-Christoph Steiner
> <hans at guardianproject.info <mailto:hans at guardianproject.info>> wrote:
>
>
> You should not rely on the network providing security, that never really
> works. Instead you should rely on end-to-end security, like using
> HTTPS, TLS
> etc. If you have privacy concerns, then you should use Tor.
>
> Do you ever use any open wifi? If the answer is yes, then you are
> already
> exposed to the risks, so you should then use proven techniques to
> improve
> security and privacy, instead of hoping the network is.
>
> .hc
>
> Weeez:
> > If I set my network as an open one, is it safe enough?? will the hackers see what I'm doing, or who I am, or get my password while I'm logging in a website? As the information are transferring without encoding..
> >
> >
> >
> > _______________________________________________
> > Tech mailing list
> >Tech at openwireless.org <mailto:Tech at openwireless.org>
> >https://srv1.openwireless.org/mailman/listinfo/tech
> >
>
> --
> PGP fingerprint: 5E61 C878 0F86 295C E17D 8677 9F0F E587 374B BE81
> https://pgp.mit.edu/pks/lookup?op=vindex&search=0x9F0FE587374BBE81
> _______________________________________________
> Tech mailing list
> Tech at openwireless.org <mailto:Tech at openwireless.org>
> https://srv1.openwireless.org/mailman/listinfo/tech
>
>
> _______________________________________________
> Tech mailing list
> Tech at openwireless.org <mailto:Tech at openwireless.org>
> https://srv1.openwireless.org/mailman/listinfo/tech
>
>
--
PGP fingerprint: 5E61 C878 0F86 295C E17D 8677 9F0F E587 374B BE81
https://pgp.mit.edu/pks/lookup?op=vindex&search=0x9F0FE587374BBE81
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <https://lists.eff.org/pipermail/tech/attachments/20150112/bb0f9bc9/attachment.sig>
More information about the Tech
mailing list