Victor, I can't even /find /the "use https" option in my Firefox anymore. I'd guess it's automatic now. In 2012-ish people were complaining about the redirect to https, so Mozilla's inclusion goes back at least that far. - Vara On 3/20/2017 5:15 PM, Victor Odhner wrote: > Thanks, everyone. > > I’ve learned something in this discussion, and it led me to re-visit > what I did know, which was refreshed here: > https://security.stackexchange.com/questions/35867/why-isnt-open-wifi-encrypted > > So, one basic point is that giving out a lame password does indeed > give each user a unique encryption but increases the risk of access to > open points internally. I’m clueless about some issues, like an AP not > wanting to be identified. > > I had not heard of “always HTTPS”, thanks Vara. I will check the > family’s traveling browsers for this option. (Most things I do are /of > course/ over HTTPS, or in the past were inside my system.) > > Disclaimer: my brain is somewhat damaged since I’m four years away > from my long IT career. I mostly use my Linux box and MacBook for > browsing and email. Now in the nonprofit volunteer world, I’m mostly > fixing appliances and drywall, playing DJ and guitar teacher for kids, > and generally free of technical stuff except painful encounters with > Office 365. But I’ve kept the MacBook clean for four years of heavy > use, so that’s where my paranoia about WIFI comes from. > > Best, > > Victor > _____________________ > > On Mar 20, 2017, at 16:32:40, der.hans > wrote: > > Am 20. Mar, 2017 schwätzte Vara La Fey so: > > moin moin, > > Anon Anon already covered the awesomeness of Vara's post :). > > I will add that there is no difference between open or secure hotspot from > the general public's perspective[0]. You should consider the WiFi AP to be > compromised and be cautious about how you send data over it. The same as > your ISP's router when you're at home. > > If the data is sensitive, make sure you have end to end encryption you can > trust. Do not trust the WiFi AP or the upstream router. > > The real reasons for businesses to add authentication is to reduce > bandwidth usage and possibly help avoid liability. > > [0] When using corporate WiFi using corporate resources, then you should > be able to trust they are providing adequate security for their APs and > the internal network. I tend to run everything over SSH tunnels anyway :). > > ciao, > > der.hans > >> Nuh uh. Open hotspots is one of the great things about the internet, >> and from time to time everyone needs one - sometimes in the middle of >> the night or during holidays when lobbies with keys posted aren't >> available. Open hotspots are also a good way to maintain anonymity >> for dissidents, whistle-blowers, LGBT who are not "out", etc. When I >> have my own routers, I often run them open for all these reasons, and >> I always will. >> >> I sometimes educate family and friends about PGP, and one of these >> days I will run a Tor node as well, with all the censor-circumvention >> tools available. The more that censors and anti-anonymity >> Orwellianists don't like it, the more everybody should do it. >> >> I don't give .001% of a damn whether actual criminals use hotspots or >> anything else, in exactly the same ways I don't give .001% of a damn >> if they use guns, cars, roads, kitchen knives - or anything else. >> >> Instead of desiring safety over the animating quest for freedom, why >> don't you suggest educating people to use https? As it is, the >> Electronic Frontier Foundation (www.eff.org ) >> recently reported that https use is up to 40%, IIRC. >> >> - Vara >> >> >> On 3/20/2017 12:29 PM, Victor Odhner wrote: >>> I’m really annoyed that so many companies offer open WIFI when it >>> would be so easy to secure those hot spots. >>> Restaurants, hotels, and the waiting rooms of auto dealerships are >>> almost 100% open. >>> I am not one to say “there ought to be a law” because we have too >>> many doggone laws, and I’m not that into a lot of demonstrating and >>> yelling. But I would love to help educate companies on why they >>> should secure their routers. >>> If I were a progressive type, I’d suggest putting stickers on those >>> venues saying: >>> >>> We don’t have passwords on our WIFI >>> because OUR WIFI (and YOUR passwords) >>> should be available to everybody >>> with no effort! >>> But being more right-wing, I’d much rather recognize that they’d be >>> happy to do the right thing if we could explain it to the right people. >>> I’ve repeatedly thanked the mechanic shop I use (C&R Tire on Tatum) >>> because they have a key posted and I can feel sort of safe going >>> online while I wait for an oil change. But all the places that have >>> open routers are corporate owned so it does no good to gripe to the >>> folks behind the desk. >>> Any ideas on this? >>> Thanks, >>> Victor >>> --------------------------------------------------- >>> PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org >>> >>> To subscribe, unsubscribe, or to change your mail settings: >>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss >> >> > > -- > # http://www.LuftHans.com/ > http://www.PhxLinux.org/ > # veni, vidi, wiki - I came, I saw, I > documented--------------------------------------------------- > PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org > > To subscribe, unsubscribe, or to change your mail settings: > http://lists.phxlinux.org/mailman/listinfo/plug-discuss > > > > --------------------------------------------------- > PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org > To subscribe, unsubscribe, or to change your mail settings: > http://lists.phxlinux.org/mailman/listinfo/plug-discuss