On Tue, Sep 30, 2014 at 02:37:08PM +0400, Vadim Zhukov wrote: > Yes, I've seen that behaviour. And it actually bothers me - what if I > get associated with untrusted network, and my already opened > Ajax-enabled browser will start to transfer data via it without > notification?.. This can be avoided by forcing some unlikely nwid in > hostname.if, but this is not "secure by default". Or maybe I search > for security in the wrong place, dunno...
Why do you even already have an interface that is up when entering an untrusted environment? How can you be sure that you're connecting to the right AP even at home? The AP is usually not authenticated. I could come to your house with a strong antenna AP and grab associations from anything that attempts to use open wifi, no matter what nwid/bssid the devices would want to use. If I managed to figure out your WPA key you'd have to set up WPA enterprise and authenticate the AP to prevent a snooping attack, or just forget about wifi offering any form of snooping protection and use some kind of VPN (just like you would on the internet). I don't use netstart on laptops. I leave all interfaces down at startup (empty hostname.if files) and always re-configure them manually as needed. I make sure laptops always use a VPN (unless I'm at home, so if someone figures out my nwkey and comes to my place I'm owned). I don't care if the wifi is open or encrypted, it just provides an uplink I can run VPN on top of. My setup currently runs wifi interfaces and OpenVPN in rdomain 1. Anything else is in rdomain 0 so there is no chance some random appliation will leak traffic to the wifi link. Still, I would welcome a more convenient solution than this. I'm just not sure we've found it yet. Can autonetd make use of IPsec and/or SSH-based VPNs (or even OpenVPN if these other options can't manage to tunnel out)? If it makes that easy to use, then we don't have to worry too much about which wifi link is used as long as we can reach the VPN server via that link.
