Path: csiph.com!x330-a1.tempe.blueboxinc.net!newsfeed.hal-mli.net!feeder3.hal-mli.net!newsfeed.hal-mli.net!feeder1.hal-mli.net!news.glorb.com!tr22g12.aset.psu.edu!newsflash.concordia.ca!canopus.cc.umanitoba.ca!utnut!utcsri!flaps
Newsgroups: comp.security.misc
From: flaps@dgp.toronto.edu (Alan J Rosenthal)
Subject: Re: Which is more secure: wireless connection versus ethernet?
X-Nntp-Posting-Host: zeus.dgp.toronto.edu
Message-ID: <2011Dec13.225555.3906@jarvis.cs.toronto.edu>
User-Agent: nn/6.6.5
X-No-Ahbou: yes
References: <23888bc9-90e9-4a63-b391-68dfee867d38@f39g2000yqn.googlegroups.com>  <0BBFq.481$SP1.157@uutiset.elisa.fi>  <barmar-57713C.03351013122011@news.eternal-september.org> <OVLFq.25438$cN1.5960@newsfe12.iad>
Date: 14 Dec 2011 03:55:55 GMT
Lines: 16
Xref: x330-a1.tempe.blueboxinc.net comp.security.misc:322

unruh <unruh@invalid.ca> writes:
>On 2011-12-13, Barry Margolin <barmar@alum.mit.edu> wrote:
>> Wouldn't they need physical access to your home to sniff the Ethernet?

(or just compromise a machine of yours which is already on that same ethernet,
but anyway...)

>Nope. If you are cable, then apparently your traffic is open to anyone
>else on that cable as well.

Something which bears remembering is that when you don't see certain traffic
on certain wires, that's a bandwidth optimization, not a security guarantee.
The smartest ethernet switch has no choice when seeing a packet addressed to
an unknown MAC address but to send it down all wires.  So long as it doesn't
do this too often, it's meeting the bandwidth optimization objectives.
But one shouldn't rely on it for security, if possible.