[OpenWireless Tech] Is it safe enough?
Guy Jarvis
fibreguy42 at gmail.com
Tue Jan 13 13:08:04 PST 2015
Useful article covering VPN security and more here
http://www.spiegel.de/international/germany/inside-the-nsa-s-war-on-internet-security-a-1010361.html
G
On Mon, Jan 12, 2015 at 12:52 PM, Hans-Christoph Steiner <
hans at guardianproject.info> wrote:
>
> Using a VPN would make it difficult for users of the same wifi to see your
> unencrypted traffic, as well as the operator of the wifi AP. But since the
> VPN provider can see all the traffic, and you don't know what the VPN
> provider
> is doing with your traffic, it is not a solution I would recommend to
> people
> concerned about security or privacy in their general internet usage.
>
> VPNs are mostly useful as circumvention tools when dealing with networks
> that
> block and filter. Or they are useful for providing a secure connection to
> a
> "Private Network" hence "Virtual Private Network". But as the most recent
> NSA
> leaks show, VPN protocols are mostly pretty bad when it comes to security.
>
>
> http://www.spiegel.de/international/germany/inside-the-nsa-s-war-on-internet-security-a-1010361.html
>
> .hc
>
> Pratheek Rebala:
> > Right, but I think the question is about making those guest networks
> secure for
> > users using the open connections.
> >
> > On Mon, Jan 12, 2015 at 16:12, Umut Erdal <umt.erdl at gmail.com> wrote:
> >
> > I think today most of routers support virtual networks such as guest
> > networks so i think it's the most safe option. By configuring your
> router
> > like this, you separate your network from other clients so they
> can't use
> > attacks like mitm.
> >
> > On Mon, Jan 12, 2015 at 12:59 PM, Pratheek Rebala <
> pratheekr at gwmail.gwu.edu
> > <mailto:pratheekr at gwmail.gwu.edu>> wrote:
> >
> > I'm not an expert on this but was wondering if enforcing a VPN
> type
> > solution to encrypt all traffic after joining an open wireless
> > connection can give an additional layer of security while
> accessing
> > sites not on SSL.
> >
> > Thoughts?
> >
> >
> > On Mon, Jan 12, 2015 at 13:04, Hans-Christoph Steiner
> > <hans at guardianproject.info <mailto:hans at guardianproject.info>>
> wrote:
> >
> >
> > You should not rely on the network providing security, that
> never really
> > works. Instead you should rely on end-to-end security, like
> using
> > HTTPS, TLS
> > etc. If you have privacy concerns, then you should use Tor.
> >
> > Do you ever use any open wifi? If the answer is yes, then
> you are
> > already
> > exposed to the risks, so you should then use proven
> techniques to
> > improve
> > security and privacy, instead of hoping the network is.
> >
> > .hc
> >
> > Weeez:
> > > If I set my network as an open one, is it safe enough??
> will the hackers see what I'm doing, or who I am, or get my password while
> I'm logging in a website? As the information are transferring without
> encoding..
> > >
> > >
> > >
> > > _______________________________________________
> > > Tech mailing list
> > >Tech at openwireless.org <mailto:Tech at openwireless.org>
> > >https://srv1.openwireless.org/mailman/listinfo/tech
> > >
> >
> > --
> > PGP fingerprint: 5E61 C878 0F86 295C E17D 8677 9F0F E587
> 374B BE81
> >
> https://pgp.mit.edu/pks/lookup?op=vindex&search=0x9F0FE587374BBE81
> > _______________________________________________
> > Tech mailing list
> > Tech at openwireless.org <mailto:Tech at openwireless.org>
> > https://srv1.openwireless.org/mailman/listinfo/tech
> >
> >
> > _______________________________________________
> > Tech mailing list
> > Tech at openwireless.org <mailto:Tech at openwireless.org>
> > https://srv1.openwireless.org/mailman/listinfo/tech
> >
> >
>
> --
> PGP fingerprint: 5E61 C878 0F86 295C E17D 8677 9F0F E587 374B BE81
> https://pgp.mit.edu/pks/lookup?op=vindex&search=0x9F0FE587374BBE81
>
>
> _______________________________________________
> Tech mailing list
> Tech at openwireless.org
> https://srv1.openwireless.org/mailman/listinfo/tech
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.eff.org/pipermail/tech/attachments/20150113/a073032a/attachment.html>
More information about the Tech
mailing list