Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
My last company wont pay an overdue utility fee for the building. So when I help them out on weekends I have to drive to a gas station to use the bathroom. Just systemic of why I left.
-
Wack61915yHow do you route a vpn to a hotspot? Doesn't Android explicitly not route vpn to the hotspot, or did they change that again?
-
After the "paperless desk", you are taking the next step with the "deskless desk". :p
-
Maybe get a personal router that connects to a wifi network so nobody can even see your actual computer. Or is that what you meant by the VPN?
Like this?:
https://amazon.com/TP-Link-Wireless... -
-
scor33105y@Plasticnova
Was looking for this particular RFC, thanks!
Great piece of work. Such indepth description and technological proficiency. -
@Demolishun the traffic will still lack the layer of encryption in the public wifi.
-
@groxx it's not encrypted — anyone can hear and make out what the devices are shouting each other.
-
@groxx That opens up to "Bad Twin" attacks. What if the router is cloned the first time you connect?
-
@groxx Besides, wasn't the encryption key derived from the pre-shared key? You can decrypt WiFi traffic if you have the PSK anyway.
-
@groxx https lives on a different layer of the OSI model. The channel is encrypted with the help of the pre-shared key ("password"). I don't know why encrypting open channels is not standard. Maybe because it's not safe anyway as anyone can still join the network, or because of backwards compatibility.
-
Root797675y@groxx Because I can sit in the parkinglot with a packet sniffer and read the traffic of everyone on the network?
It allows anyone within signal range to be a bystander listening in on every conversation that computer has. but in this case, you can hear conversations from a quarter mile away if you have a nice antenna. I had an 14 inch antenna from Alfa (coupled with their really nice receiver) that let me do exactly this, and connect to a network from that far away, too. It also let me spoof any traffic I wanted once I had the wifi credentials -- or at any time if it's unsecured.
Even if everything is over https (which it totally isn't), there are tools that can determine which sites and services you are using based simply on usage rates and payload sizes/patterns.
If you so desire, you can also record all of the encrypted traffic and bruteforce any rsa encryption offline at any point in the future. This is much easier if you have the initial negotiation. That's tinfoil hat land, but worth mentioning.
The point is, though, open networks allow for significantly more, and significantly easier attacks (both active and passive) than secured networks. You'll find a few mentioned in this thread, or you can do some minimal reading and learn about quite a few more on your own. If that's too much work, that's fine. The takeaway is that even secured wifi isn't particularly secure, but unsecured wifi is just negligent. -
@electrineer That is what the vpn is for. They are already doing that. The device eliminates hacking the computer directly.
-
@Plasticnova
You know what would be cool and insane?
A video documenting the actual implementation of this protocol.
I'd watch a good 30 minutes of video on youtube.
Get Mr. Beast to do it because hes clinically insane. -
@Wisecrack I don’t speak this language, but looks like they actually do it: https://m.youtube.com/watch/...
Related Rants
Root rents an office.
Among very few other things, the company I'm renting an office from (Regus) provides wifi, but it isn't even bloody secured. There's a captive portal with a lovely (not.) privacy policy saying they're free to monitor your traffic, but they didn't even bother using WEP, which ofc means everyone else out to the fucking parking lot four floors down can monitor my traffic, too.
Good thing I don't work for a company that handles sensitive data! /s But at least I don't have access to it, or any creds that matter.
So, I've been running my phone's connection through a tor vpn and sharing that with my lappy. It works, provides a little bit of security, but it's slow as crap. GET YOUR SHIT TOGETHER, REGUS.
AND WHILE YOU'RE AT IT, CLEAN THE SHIT OUT OF THE FUCKING BATHROOM FFS.
Ugh. $12/day to work in a freaking wind tunnel (thanks, a/c; you're loud as fuck and barely work), hear other people's phone conversations through two freaking walls, pee in a bathroom that perpetually smells like diarrhea, and allow anyone and everyone within a 50+ meter radius to listen to everything my computer says.
Oh, they also 'forgot' to furnish my office, like they promised. Three freaking times. At least I have a table and chair. 🙄
Desk? What desk?
Fucking hell.
rant
unsecured wifi
regus
adventures in office spaces
desk what desk