Am 20. Mar, 2017 schwätzte Victor Odhner so:
moin moin Vic,
I had not heard of “always HTTPS”, thanks Vara. I will check the
family’s traveling browsers for this option. (Most things I do are of
course over HTTPS, or in the past were inside my system.)
"HTTPS Everywhere", it's an addon from the EFF and now available directly
from Mozilla's addon repository. Also checkout Privacy Badger from the
EFF.
Disclaimer: my brain is somewhat damaged since I’m four years away
Only somewhat because you've had four years of recovery? :)
ciao,
der.hans
from my long IT career. I mostly use my Linux box and MacBook for
browsing and email. Now in the nonprofit volunteer world, I’m mostly
fixing appliances and drywall, playing DJ and guitar teacher for kids,
and generally free of technical stuff except painful encounters with
Office 365. But I’ve kept the MacBook clean for four years of heavy
use, so that’s where my paranoia about WIFI comes from.
Best,
Victor
_____________________
On Mar 20, 2017, at 16:32:40, der.hans <[email protected]> wrote:
Am 20. Mar, 2017 schwätzte Vara La Fey so:
moin moin,
Anon Anon already covered the awesomeness of Vara's post :).
I will add that there is no difference between open or secure hotspot from
the general public's perspective[0]. You should consider the WiFi AP to be
compromised and be cautious about how you send data over it. The same as
your ISP's router when you're at home.
If the data is sensitive, make sure you have end to end encryption you can
trust. Do not trust the WiFi AP or the upstream router.
The real reasons for businesses to add authentication is to reduce
bandwidth usage and possibly help avoid liability.
[0] When using corporate WiFi using corporate resources, then you should
be able to trust they are providing adequate security for their APs and
the internal network. I tend to run everything over SSH tunnels anyway :).
ciao,
der.hans
Nuh uh. Open hotspots is one of the great things about the internet, and from time to
time everyone needs one - sometimes in the middle of the night or during holidays when
lobbies with keys posted aren't available. Open hotspots are also a good way to maintain
anonymity for dissidents, whistle-blowers, LGBT who are not "out", etc. When I
have my own routers, I often run them open for all these reasons, and I always will.
I sometimes educate family and friends about PGP, and one of these days I will
run a Tor node as well, with all the censor-circumvention tools available. The
more that censors and anti-anonymity Orwellianists don't like it, the more
everybody should do it.
I don't give .001% of a damn whether actual criminals use hotspots or anything
else, in exactly the same ways I don't give .001% of a damn if they use guns,
cars, roads, kitchen knives - or anything else.
Instead of desiring safety over the animating quest for freedom, why don't you
suggest educating people to use https? As it is, the Electronic Frontier
Foundation (www.eff.org) recently reported that https use is up to 40%, IIRC.
- Vara
On 3/20/2017 12:29 PM, Victor Odhner wrote:
I’m really annoyed that so many companies offer open WIFI when it would be so
easy to secure those hot spots.
Restaurants, hotels, and the waiting rooms of auto dealerships are almost 100%
open.
I am not one to say “there ought to be a law” because we have too many doggone
laws, and I’m not that into a lot of demonstrating and yelling. But I would
love to help educate companies on why they should secure their routers.
If I were a progressive type, I’d suggest putting stickers on those venues
saying:
We don’t have passwords on our WIFI
because OUR WIFI (and YOUR passwords)
should be available to everybody
with no effort!
But being more right-wing, I’d much rather recognize that they’d be happy to do
the right thing if we could explain it to the right people.
I’ve repeatedly thanked the mechanic shop I use (C&R Tire on Tatum) because
they have a key posted and I can feel sort of safe going online while I wait for an
oil change. But all the places that have open routers are corporate owned so it
does no good to gripe to the folks behind the desk.
Any ideas on this?
Thanks,
Victor
---------------------------------------------------
PLUG-discuss mailing list - [email protected]
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss
--
# http://www.LuftHans.com/ http://www.PhxLinux.org/
# "I dream of a world where the truth is what shapes people's politics.
# Rather than politics shaping what people think is true."
# -- Neal DeGrasse Tyson
---------------------------------------------------
PLUG-discuss mailing list - [email protected]
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss
