Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.sys.mac.system > #94844

Re: Hidden SSID is Security Risk?

From Jolly Roger <jollyroger@pobox.com>
Newsgroups comp.sys.mac.system
Subject Re: Hidden SSID is Security Risk?
Date 2016-09-28 02:08 +0000
Organization People for the Ethical Treatment of Pirates
Message-ID <e50n19FinckU2@mid.individual.net> (permalink)
References <270920162120121208%star@sky.net> <e50l0fFig7jU1@mid.individual.net> <270920162136337646%nospam@nospam.invalid>

Show all headers | View raw

On 2016-09-28, nospam <nospam@nospam.invalid> wrote:
> In article <e50l0fFig7jU1@mid.individual.net>, Jolly Roger
><jollyroger@pobox.com> wrote:
>
>> > I opened my iPhone's WiFi settings to choose a different one of my
>> > several wireless networks, all of which have hidden SSIDs. I saw the
>> > message "Using a hidden network can expose personally identifiable
>> > information. Configure your router to broadcast this network."
>> > 
>> > Huh? What personal information?
>> > 
>> > I'm not laboring under any delusions about hidden SSIDs providing a lot
>> > of extra security?I do that with proper passwords?but I wasn't
>> > expecting to see that a hidden SSID may compromise security.
>> 
>> iOS and macOS remember the SSIDs of each network to which you connect.
>> Later, when the device scans for available networks, they broadcast those
>> SSIDs (including hidden ones) as part of the probe. The owner of a network
>> with a hidden SSID might not want that hidden SSID to be seen in those
>> probes, which is what that message is about.
>
> but it doesn't broadcast where that network happens to be (or any other
> ssid in the scan).

Yep; though if you happen to be in the area of the network with the
hidden SSID, you'd be broadcasting the hidden SSID to anyone nearby. I
suppose if someone decided to name their hidden SSID with some sort of
personal identifying information (which would be foolish, admittedly),
you'd be broadcasting that information any time the device searches for
networks. None of this seems worthy of a warning message to me, though.
If anything, the owner of the hidden network is the one who should be
concerned about such things, rather than the person connecting. It's
really strange that Apple worded it the warning way they did and saw fit
to put it there at all. 

-- 
E-mail sent to this address may be devoured by my ravenous SPAM filter.
I often ignore posts from Google. Use a real news client instead.

JR

Back to comp.sys.mac.system | Previous | NextPrevious in thread | Next in thread | Find similar | Unroll thread

Thread

Hidden SSID is Security Risk? Davoud <star@sky.net> - 2016-09-27 21:20 -0400
  Re: Hidden SSID is Security Risk? nospam <nospam@nospam.invalid> - 2016-09-27 21:27 -0400
    Re: Hidden SSID is Security Risk? Jolly Roger <jollyroger@pobox.com> - 2016-09-28 01:38 +0000
  Re: Hidden SSID is Security Risk? Jolly Roger <jollyroger@pobox.com> - 2016-09-28 01:34 +0000
    Re: Hidden SSID is Security Risk? nospam <nospam@nospam.invalid> - 2016-09-27 21:36 -0400
      Re: Hidden SSID is Security Risk? Jolly Roger <jollyroger@pobox.com> - 2016-09-28 02:08 +0000
        Re: Hidden SSID is Security Risk? Patty Winter <patty1@wintertime.com> - 2016-09-28 04:40 +0000
          Re: Hidden SSID is Security Risk? befr@eaglesoft.de (Bernd Fröhlich) - 2016-09-28 08:59 +0200
            Re: Hidden SSID is Security Risk? Patty Winter <patty1@wintertime.com> - 2016-09-30 01:27 +0000
              Re: Hidden SSID is Security Risk? Davoud <star@sky.net> - 2016-09-30 13:20 -0400
        Re: Hidden SSID is Security Risk? "Happy.Hobo" <Happy.Hobo@Spam.Invalid> - 2016-09-28 12:40 -0500
          Re: Hidden SSID is Security Risk? Jolly Roger <jollyroger@pobox.com> - 2016-09-28 17:46 +0000
    Re: Hidden SSID is Security Risk? Patty Winter <patty1@wintertime.com> - 2016-09-28 04:39 +0000
      Re: Hidden SSID is Security Risk? Lewis <g.kreme@gmail.com.dontsendmecopies> - 2016-09-28 05:03 +0000
        Re: Hidden SSID is Security Risk? Alan Browne <alan.browne@freelunchvideotron.ca> - 2016-09-28 20:07 -0400
      Re: Hidden SSID is Security Risk? Jolly Roger <jollyroger@pobox.com> - 2016-09-28 16:41 +0000
        Re: Hidden SSID is Security Risk? JF Mezei <jfmezei.spamnot@vaxination.ca> - 2016-09-28 13:32 -0400
          Re: Hidden SSID is Security Risk? Alan Browne <alan.browne@freelunchvideotron.ca> - 2016-09-28 20:11 -0400
    Re: Hidden SSID is Security Risk? Alan Browne <alan.browne@freelunchvideotron.ca> - 2016-09-28 20:05 -0400
      Re: Hidden SSID is Security Risk? Davoud <star@sky.net> - 2016-09-28 23:22 -0400
        Re: Hidden SSID is Security Risk? Jolly Roger <jollyroger@pobox.com> - 2016-09-29 04:06 +0000
      Re: Hidden SSID is Security Risk? Jolly Roger <jollyroger@pobox.com> - 2016-09-29 04:06 +0000
        Re: Hidden SSID is Security Risk? JF Mezei <jfmezei.spamnot@vaxination.ca> - 2016-09-29 15:47 -0400
          Re: Hidden SSID is Security Risk? Jolly Roger <jollyroger@pobox.com> - 2016-09-29 21:01 +0000
            Re: Hidden SSID is Security Risk? JF Mezei <jfmezei.spamnot@vaxination.ca> - 2016-09-29 18:10 -0400
        Re: Hidden SSID is Security Risk? "Happy.Hobo" <Happy.Hobo@Spam.Invalid> - 2016-09-29 16:39 -0500
  Re: Hidden SSID is Security Risk? Alan Browne <alan.browne@freelunchvideotron.ca> - 2016-09-28 19:59 -0400
    Re: Hidden SSID is Security Risk? Jolly Roger <jollyroger@pobox.com> - 2016-09-29 00:20 +0000
      Re: Hidden SSID is Security Risk? Alan Browne <alan.browne@freelunchvideotron.ca> - 2016-09-28 20:39 -0400
      Re: Hidden SSID is Security Risk? "Happy.Hobo" <Happy.Hobo@Spam.Invalid> - 2016-09-29 16:47 -0500
        Re: Hidden SSID is Security Risk? Jolly Roger <jollyroger@pobox.com> - 2016-09-29 21:54 +0000
          Re: Hidden SSID is Security Risk? Jolly Roger <jollyroger@pobox.com> - 2016-09-29 21:56 +0000

csiph-web