Re: [Fed-Talk] A serious security issue with iOS (iPad and iPhone) (UNCLASSIFIED)
Re: [Fed-Talk] A serious security issue with iOS (iPad and iPhone) (UNCLASSIFIED)
- Subject: Re: [Fed-Talk] A serious security issue with iOS (iPad and iPhone) (UNCLASSIFIED)
- From: "Koelsch, Bernard F LTC MIL US USA DCS G-3/5/7" <email@hidden>
- Date: Fri, 24 Feb 2012 07:30:44 -0500
- Thread-topic: [Fed-Talk] A serious security issue with iOS (iPad and iPhone) (UNCLASSIFIED)
Classification: UNCLASSIFIED
Caveats: NONE
I'm not sure that's the right approach. MACs are assigned to individual
network components. In our homes, we usually have just one access
point, and one MAC. An office building, conference center, or an AT&T
store with high network volume likely has multiple ones, each with its
own MAC.
If the phone had to correlate MAC + SSID to save a connection, you'd
lose your WiFi every time you moved around the area and hit an AP your
phone hadn't connected to yet. A properly laid out WiFi network has
overlap as well, so you may bounce around between multiple APs while
sitting still, also.
To clumsily summarize the commonalities for infrastructure connections
in the 802.1X family of standards--you need an SSID (mandatory) and key
encryption (optional). MACs are only part of the standard in the
application of MAC filtering, which is the opposite approach from what
the endpoints (phones) are doing.
What is definitely not part of the standard is an automatic connection
to a network based on SSID. That's proprietary to the device OS, and
that obviously needs to be dealt with.
LTC Bernie Koelsch | Chief, Data Services, USACCSA | 703-697-9485
-----Original Message-----
From: fed-talk-bounces+bernard.koelsch=email@hidden
[mailto:fed-talk-bounces+bernard.koelsch=email@hidden] On
Behalf Of Pike, Michael (IHS/HQ)
Sent: Thursday, February 23, 2012 05:41 PM
To: Joe St Sauver
Cc: <email@hidden>
Subject: Re: [Fed-Talk] A serious security issue with iOS (iPad and
iPhone)
I would think it would be on the device's plate...
for example, lets say my home wifi is "mikepikewifi"... my phone should
remember it's MAC address
so if i come into work and someone else has a "mikepikewifi" the phone
prompts to join because the MAC is different...
I actually thought the phone had done this, but it doesn't.
mike
On Feb 23, 2012, at 3:30 PM, Joe St Sauver wrote:
> #All they really have to do is have the phone track the MAC address.
> #That will alleviate a big issue. While not fail safe ( as a MAC can
> #be spoofed) it would stop my damn phone from connecting to all the
> #"attwifi" networks that are now running in my office from android
> #hot spots.
>
> Shouldn't this issue be getting addressed via 802.1X?
>
> Regards,
>
> Joe
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
my.mil
This email sent to email@hidden
Classification: UNCLASSIFIED
Caveats: NONE
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden