Now THAT is interesting!
Now THAT is interesting!
Meanwhile, at the alt.internet.wireless Job Justification Hearings, Jeff Liebermann chose the tried and tested strategy of:
A salutary tale on that theme:
And you're worried that your wife may find out where you were the night before?
Excellent read! Thanks for the link.
You betcha! I'm trying not to be "Tigered" by my own clubs! :)
So far, the summary of my epiphany seems to be the following:
I also had the revealing revelations of:
Is there anything else I missed, that I'm clueless of (and which isn't necessarily obvious) that I need to be concerned about? :)
You haven't demonstrated why this is a bad thing.
You haven't demonstrated why this is a bad thing. In fact, I'm pretty sure it doesn't mean what you think it means (or you wouldn't have added it to this list or given it the "worst of all" label).
I would have said no benefit, only disadvantages.
Only if your password falls within the limits of what's contained in the pre-comp tables. It's easy enough to avoid.
*sigh*
Yes, keep an eye on tin foil futures and stock up if you see a price increase coming.
I can't describe it any clearer than this:
It's either: a) A good thing b) A bad thing c) Meaningless
Since divulging the last-connected SSID is clearly not meaningless; and it's clearly not a "good thing", then it's a "bad thing".
The point is not "how bad"; the point is to simply realize that it exists. And to see what can easily be done to mitigate the risk.
What's enlightening about that story of how that team was hacked is that the security experts fell prey to relatively simple social engineering, using a few cues.
Those few cues were able to balloon into a full-scale security breach!
Your list of previously visited hotspots is one of those social cues.
The black hats knew what to do to avoid catastrophe; they just didn't do the simplest of things to prevent it.
Likewise, with revealing your previously used SSID.
Very interesting read indeed!
Ooo. Wonderful. Set up a set of false categories and prove anything you want.
What risk?
I would have picked "c)".
Let's agree to disagree.
You feel absolutely no information is divulged; I feel your last- connected SSID is revealed.
I, for one, am happy that I know this. You don't care.
And that's OK. Let's just not try to convince each other.
Agree? I won't try to convince you that I don't want my home SSID disclosed, ok? And you can stop asking why it matters to me (because it's obvious why it matters to me as it's in the title of this discussion).
:)
If you feel there is no risk in disclosing your radio NIC MAC, your home SSID, your current machine hostname, your username, etc. at a public hotspot, then let's just agree to disagree.
I think there is risk. You do not think there is risk (apparently).
And, as I said to others, that's OK. Privacy is a personal thing (tm).
I'm not saying there's a LOT of risk, by the way. All I tried to understand here is what actually happens.
I think we have that information now (for the most part).
It's up to each of us (as individuals) as to what actions we take once we're aware of the home SSID disclosure.
I, for one, prefer not to disclose my previous whereabouts when I don't have to. You obviously do prefer to disclose that information - and that's OK.
Let's just agree that we disagree. OK?
He never said that. You are really great at argumentation from irrelevancies. He said he picked c) Meaningless. That does not mean he picked "absolutely no information is divulged". It means he feels that the information divulged is meaningless.
then why do you keep trying to convince people?
No, again you have changed the topic. The topic of this thread is not your likes and desires.
No, the title of this discussion is "Re: Is hiding your home SSID actually a privacy flaw (broadcasting your home SSID at public hotspots)?" There is nothing about Aaron FIsher in that title.
Excellent! You saved me the trouble of replying while accurately covering everything I wanted to cover, especially the "meaningless" part.
The last post in any thread is always the point of view of an idiot!
Let he who is without sin, cast the first stone. Let he who is burdened with much sin, cast the last stone. (Me, about 1972)
On Thu, 17 Feb 2011 21:19:54 +0000, Aaron FIsher wrote:
What I (think I) learned (so far) from you guys was:
a) The previously connected SSID & current radio NIC MAC address are often divulged when initially connecting to an AP so you probably don't want to use a unique or identifiable SSID if you're worried about that. See examples at:
g) The last person to post is either an idiot, or "burdened with much sin"! :)
Did I miss anything in the summary?
Warren Oates wrote on [Fri, 18 Feb 2011 18:15:26 -0500]:
Just telnet to port 25 of a know mail server...
How is that "anonymous"?
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.