Re: [qubes-users] Question Wi-Fi security
> I still think seeing results from your test would be really interesting, > and I could reference it on the Network Manager mailing list. So you > have a 'yea' vote from me. > i have done a test, but i haven't any concrete result :/ i saw that using "airodump-ng --channel 1 mon0" -on the top there is the list of wifi routers (access points) available -down there is a list of detected devices -in the down list i can see both pc and mobile phone MAC addresses -with the wifi router ON under the "probe" column i can see the name of my wifi in the mobile phone line and also the pc line (windows). but not always and is unclear on which condition the name appears (i think i should read the man page) -with the router OFF i can't see my network name or other saved networks -i remember that i saw that hotel wifi under the "probe" column. so or android changed the way it work, or i have set something while i was connecting... i don't remember... i know that windows has an option "connect also if the network is not transmitting" android is much more limited. if there is someone who knows more details feel free to add them... anyway i think that there is no reason to make multiple netvm and that there are more important things to take care. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/10ee2b28-c2ee-5ffa-338e-236b5b4ced40%40posteo.net. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Question Wi-Fi security
On 04/10/2018 02:43 PM, Matteo wrote: Dear Qubes Team I have a question regarding Qubes and to be specific the way it connects to wifi networks. I'm not part of the Qubes team, i'm just a user. I don't know if Qubes uses passive discovery, active or both. But I know how you can find it: you can use another pc with kali live (or any linux distro+aircrack). I remember i used airodump and it showed that my mobile phone (android 7.1) was sending a hotel ssid (network i was connected few month before, and that wasn't available in that moment, because i wasn't anymore at the hotel). There are more problems with this wifi thing: -you leak connection history -i don't remember if it send only ssid or also it's mac, if yes you are leaking also position of that connections (so you are leaking where you was) -supermarkets and some places are tracking all this to see where you go in the market, they follow your phone. i have Qubes 3.2, if you want i can check using the above method if my pc send active requests or not. but i think that is more a mobile phone thing, and less a pc one; i don't have any proof or argument to say this, just my impression. Also just a user here, but what I know of Qubes networking at the media layer is that its close to 100% standard. I still think seeing results from your test would be really interesting, and I could reference it on the Network Manager mailing list. So you have a 'yea' vote from me. -- Chris Laprise, tas...@posteo.net https://github.com/tasket https://twitter.com/ttaskett PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886 -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/054bf8ad-5435-0582-938a-187fceebff25%40posteo.net. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Question Wi-Fi security
> Dear Qubes Team > I have a question regarding Qubes and to be specific the way it connects > to wifi networks. I'm not part of the Qubes team, i'm just a user. I don't know if Qubes uses passive discovery, active or both. But I know how you can find it: you can use another pc with kali live (or any linux distro+aircrack). I remember i used airodump and it showed that my mobile phone (android 7.1) was sending a hotel ssid (network i was connected few month before, and that wasn't available in that moment, because i wasn't anymore at the hotel). There are more problems with this wifi thing: -you leak connection history -i don't remember if it send only ssid or also it's mac, if yes you are leaking also position of that connections (so you are leaking where you was) -supermarkets and some places are tracking all this to see where you go in the market, they follow your phone. i have Qubes 3.2, if you want i can check using the above method if my pc send active requests or not. but i think that is more a mobile phone thing, and less a pc one; i don't have any proof or argument to say this, just my impression. > May I express what you probably read in every letter (or should read). For > the effort, the talent,the Qubes, and for what it can do, you're simply > the best. > Thank you very much > James Patel yes, really, i love the way the team is making and changing computer security, most of the infosec people try to avoid difficult questions, while Rutkovska and the tema try to find an answer to them. for example: https://theinvisiblethings.blogspot.it/2009/10/evil-maid-goes-after-truecrypt.html I think that today most "security" is offensive security/no sense thing like "i'm showing how 1337 i am" while this doesn't improve in any way the security. a super simple example: -office macro exists -usually they open cmd/powershell to download additional malware -why don't we have a simple program that prevent office from opening any child process? word have no reason to launch powershell or any other exe, this would stop many attacks. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/99c70c60-54c9-5a40-f4eb-4065e5f42d66%40posteo.net. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Question Wi-Fi security
Dear Qubes Team I have a question regarding Qubes and to be specific the way it connects to wifi networks. My question is basically this: Is it safe to use the same net-vm to connect to different wifi AP/Hotspots, meaning does the Wi-fi send the "previous Access Point ID's" while searching for a suitable network? Perhaps it does not perform any active search/broadcast at all? I am basing my conerns on the following article. I wouldn't bother you at all, just tried to learn the information from Fedora-23 documentation but obviously you could have made certain alterations for the sake of resolving security issues etc, which is why I'm directing my question to you. I'm not so worried about the MAC address itself- it can be always changed but if other "log" information was to be released then changing the net-vm would be a necessity in order to avoid ever so real mass surveillance!!! "The Wi-Fi technology features a service discovery mechanism, which allows stations to discover the access points in range. Two variant of service discovery are co-existing. In the first one, called passive service discovery,APs are periodically advertising their presence by broadcasting beacon frames containing various information (SSID, security features), while stations passively listen to those beacons to discover APs in range. ... In the second, called the active service discovery, the station plays an active role by periodically probing the neighborhood with probe request frames to which AP respond with probe response frames. A probe request frame includes an SSID field to designate the wireless network sought by the device. A Wi-Fi device probes for network to which it has been previously connected by circling through the CNL. By doing so, devices are actually broadcasting in plaintext their connection history. In response to obvious privacy issues [10, 7], a new convention ha be ve been adopted: stations can send probe requests with an empty SSID field; and in return AP must respond to them with a probe response even if the SSID field do not match their own SSID. The resulting probe requests are called broadcast probe requests. As a consequence, devices are not revealing their connection history anymore, but are still periodically broadcasting their MAC address in clear." May I express what you probably read in every letter (or should read). For the effort, the talent,the Qubes, and for what it can do, you're simply the best. Thank you very much James Patel -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/87316a3f30af011fa797ec7708d90b01.squirrel%40tt3j2x4k5ycaa5zt.onion. For more options, visit https://groups.google.com/d/optout.
