More worries about single-hop security deficiencies in the Net:
Evil Twin is new threat to Wi-FI users. It refers to the use of malicious servers that pose as genuine ones and try to extract sensitive information such as credit card numbers and bank details. [...]
The malicious server [I think they mean 'access point'] interferes with the signals sent to the wireless users. The users are tricked into logging in to the fake server.
Securing single links is a perpetual waste of time. A minor increase in attack cost. You're only as secure as the least upstanding sysadmin in the telco data centre. Of course, no telco employees ever have drug problems, gambling debts, mental illness, or general moral breakdown. They certainly don't have criminal friends of relatives.
Get yourself a VPN at the very least, and don't do business over unencrypted, unauthenticated links unless you really, really have to.
Gee, twenty years on, and we're still learning that the best place for security is at the edges, not in the network. WiFi would have been a better standard in some ways if security had been left out entirely, and the false sense of privacy eliminated.
UPDATE: And yes, I eat my own dog food. Have my own VPN server, and use SSH tunnels as a fallback. When on the road, all rabbits go down the VPN hole. As for the general insecurity of email and web browsing, I can't fix that, although at least stuff is going via my home ISP. I use Skype whenever possible in place of phone, server-based IM and FTP/email -- at least there's a hope of it being secure. And my laptop hard drive has a boot password, too.
Posted by Martin Geddes at 2:59 PMTrackBack URL for this entry:
http://www.telepocalypse.net/cgi-sys/cgiwrap/mgeddes/MT/mt-tb.cgi/563