Victor, I can't even /find /the "use https" option in my Firefox
anymore. I'd guess it's automatic now. In 2012-ish people were
complaining about the redirect to https, so Mozilla's inclusion goes
back at least that far.
- Vara
On 3/20/2017 5:15 PM, Victor Odhner wrote:
> Thanks, everyone.
>
> I’ve learned something in this discussion, and it led me to re-visit
> what I did know, which was refreshed here:
> https://security.stackexchange.com/questions/35867/why-isnt-open-wifi-encrypted
>
> So, one basic point is that giving out a lame password does indeed
> give each user a unique encryption but increases the risk of access to
> open points internally. I’m clueless about some issues, like an AP not
> wanting to be identified.
>
> I had not heard of “always HTTPS”, thanks Vara. I will check the
> family’s traveling browsers for this option. (Most things I do are /of
> course/ over HTTPS, or in the past were inside my system.)
>
> Disclaimer: my brain is somewhat damaged since I’m four years away
> from my long IT career. I mostly use my Linux box and MacBook for
> browsing and email. Now in the nonprofit volunteer world, I’m mostly
> fixing appliances and drywall, playing DJ and guitar teacher for kids,
> and generally free of technical stuff except painful encounters with
> Office 365. But I’ve kept the MacBook clean for four years of heavy
> use, so that’s where my paranoia about WIFI comes from.
>
> Best,
>
> Victor
> _____________________
>
> On Mar 20, 2017, at 16:32:40, der.hans <PLUGd@LuftHans.com
> <mailto:PLUGd@lufthans.com>> wrote:
>
> Am 20. Mar, 2017 schwätzte Vara La Fey so:
>
> moin moin,
>
> Anon Anon already covered the awesomeness of Vara's post :).
>
> I will add that there is no difference between open or secure hotspot from
> the general public's perspective[0]. You should consider the WiFi AP to be
> compromised and be cautious about how you send data over it. The same as
> your ISP's router when you're at home.
>
> If the data is sensitive, make sure you have end to end encryption you can
> trust. Do not trust the WiFi AP or the upstream router.
>
> The real reasons for businesses to add authentication is to reduce
> bandwidth usage and possibly help avoid liability.
>
> [0] When using corporate WiFi using corporate resources, then you should
> be able to trust they are providing adequate security for their APs and
> the internal network. I tend to run everything over SSH tunnels anyway :).
>
> ciao,
>
> der.hans
>
>> Nuh uh. Open hotspots is one of the great things about the internet,
>> and from time to time everyone needs one - sometimes in the middle of
>> the night or during holidays when lobbies with keys posted aren't
>> available. Open hotspots are also a good way to maintain anonymity
>> for dissidents, whistle-blowers, LGBT who are not "out", etc. When I
>> have my own routers, I often run them open for all these reasons, and
>> I always will.
>>
>> I sometimes educate family and friends about PGP, and one of these
>> days I will run a Tor node as well, with all the censor-circumvention
>> tools available. The more that censors and anti-anonymity
>> Orwellianists don't like it, the more everybody should do it.
>>
>> I don't give .001% of a damn whether actual criminals use hotspots or
>> anything else, in exactly the same ways I don't give .001% of a damn
>> if they use guns, cars, roads, kitchen knives - or anything else.
>>
>> Instead of desiring safety over the animating quest for freedom, why
>> don't you suggest educating people to use https? As it is, the
>> Electronic Frontier Foundation (www.eff.org <http://www.eff.org>)
>> recently reported that https use is up to 40%, IIRC.
>>
>> - Vara
>>
>>
>> On 3/20/2017 12:29 PM, Victor Odhner wrote:
>>> I’m really annoyed that so many companies offer open WIFI when it
>>> would be so easy to secure those hot spots.
>>> Restaurants, hotels, and the waiting rooms of auto dealerships are
>>> almost 100% open.
>>> I am not one to say “there ought to be a law” because we have too
>>> many doggone laws, and I’m not that into a lot of demonstrating and
>>> yelling. But I would love to help educate companies on why they
>>> should secure their routers.
>>> If I were a progressive type, I’d suggest putting stickers on those
>>> venues saying:
>>>
>>> We don’t have passwords on our WIFI
>>> because OUR WIFI (and YOUR passwords)
>>> should be available to everybody
>>> with no effort!
>>> But being more right-wing, I’d much rather recognize that they’d be
>>> happy to do the right thing if we could explain it to the right people.
>>> I’ve repeatedly thanked the mechanic shop I use (C&R Tire on Tatum)
>>> because they have a key posted and I can feel sort of safe going
>>> online while I wait for an oil change. But all the places that have
>>> open routers are corporate owned so it does no good to gripe to the
>>> folks behind the desk.
>>> Any ideas on this?
>>> Thanks,
>>> Victor
>>> ---------------------------------------------------
>>> PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
>>> <mailto:PLUG-discuss@lists.phxlinux.org>
>>> To subscribe, unsubscribe, or to change your mail settings:
>>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>
>>
>
> --
> # http://www.LuftHans.com/ <http://www.lufthans.com/>
> http://www.PhxLinux.org/ <http://www.phxlinux.org/>
> # veni, vidi, wiki - I came, I saw, I
> documented---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
> <mailto:PLUG-discuss@lists.phxlinux.org>
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>
>
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.phxlinux.org
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss
(text/plain)