Lists

Terms and Conditions
Lists hosted on this site
Email the Postmaster
Tips for posting to public mailing lists

Re: [Fed-Talk] A serious security issue with iOS (iPad and iPhone)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Fed-Talk] A serious security issue with iOS (iPad and iPhone)

Subject: Re: [Fed-Talk] A serious security issue with iOS (iPad and iPhone)
From: "Silberberg, David" <email@hidden>
Date: Thu, 23 Feb 2012 07:46:13 -0500
Acceptlanguage: en-US
Thread-topic: [Fed-Talk] A serious security issue with iOS (iPad and iPhone)

I don't think this problem is specific to Apple devices/OSes.  If I connect my Windows laptop to an unsecured wireless network called Linksys (or whatever) at one location, it's going to automatically connect to a similarly named network at another.  The first time I connect to a common-named network, I'm going to get prompted; after that there's no other check other than the SSID name.

Seems to me there's been all kinds of discussion on the web about NOT using default or common SSID names.  For my two cents, it's up to the "service provider" to ensure that the SSID is unique.  That would "force" a user to recognize the fact that a device was trying to connect, and give them the opportunity to allow or kill the connection.



David Silberberg
Don't anthropomorphize computers, they hate it

-----Original Message-----
From: fed-talk-bounces+david.silberberg=email@hidden [mailto:fed-talk-bounces+david.silberberg=email@hidden] On Behalf Of Henry B. Hotz
Sent: Wednesday, February 22, 2012 11:16 PM
To: Fed Talk
Subject: Re: [Fed-Talk] A serious security issue with iOS (iPad and iPhone)

I believe that attwifi works as described partly because it's not a protected/encrypted network.  Doesn't mean it's not a problem of course.

If you read the explanation below the "ask to join" switch, it clearly says that known networks will be joined automatically regardless of the position of the switch.  Another consequence is that any access point which mimics the security configuration of a known network will be trusted.  Same for a MacOS laptop.

Hey, guys, we all knew that the security of WiFi was c*&($ anyway, right?  It's not entirely Apple's fault.
------------------------------------------------------
The opinions expressed in this message are mine, not those of Caltech, JPL, NASA, or the US Government.
email@hidden, or email@hidden


 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden

 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden

Follow-Ups:
- Re: [Fed-Talk] A serious security issue with iOS (iPad and iPhone)
  - From: "Henry B. Hotz" <email@hidden>
- Re: [Fed-Talk] A serious security issue with iOS (iPad and iPhone)
  - From: "Pike, Michael (IHS/HQ)" <email@hidden>

References:
	>[Fed-Talk] A serious security issue with iOS (iPad and iPhone) (From: "Pike, Michael (IHS/HQ)" <email@hidden>)
	>Re: [Fed-Talk] A serious security issue with iOS (iPad and iPhone) (From: Todd Heberlein <email@hidden>)
	>Re: [Fed-Talk] A serious security issue with iOS (iPad and iPhone) (From: "Pike, Michael (IHS/HQ)" <email@hidden>)
	>Re: [Fed-Talk] A serious security issue with iOS (iPad and iPhone) (From: "Villano, Paul Mr CIV USA TRADOC" <email@hidden>)
	>Re: [Fed-Talk] A serious security issue with iOS (iPad and iPhone) (From: "Henry B. Hotz" <email@hidden>)

Prev by Date: Re: [Fed-Talk] A serious security issue with iOS (iPad and iPhone)
Next by Date: Re: [Fed-Talk] Fwd: Cauliflower Vest for FileVault 2
Previous by thread: Re: [Fed-Talk] A serious security issue with iOS (iPad and iPhone)
Next by thread: Re: [Fed-Talk] A serious security issue with iOS (iPad and iPhone)
Index(es):
- Date
- Thread