Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.sys.mac.system > #94898

Re: Hidden SSID is Security Risk?

From Jolly Roger <jollyroger@pobox.com>
Newsgroups comp.sys.mac.system
Subject Re: Hidden SSID is Security Risk?
Date 2016-09-29 00:20 +0000
Organization People for the Ethical Treatment of Pirates
Message-ID <e5352rF6bvhU2@mid.individual.net> (permalink)
References <270920162120121208%star@sky.net> <B_CdnTY7KqfDxHHKnZ2dnUU7-b_NnZ2d@giganews.com>

Show all headers | View raw

On 2016-09-28, Alan Browne <alan.browne@freelunchvideotron.ca> wrote:
> On 2016-09-27 21:20, Davoud wrote:
>> I opened my iPhone's WiFi settings to choose a different one of my
>> several wireless networks, all of which have hidden SSIDs. I saw the
>> message "Using a hidden network can expose personally identifiable
>> information. Configure your router to broadcast this network."
>>
>> Huh? What personal information?
>>
>> I'm not laboring under any delusions about hidden SSIDs providing a lot
>> of extra security‹I do that with proper passwords‹but I wasn't
>> expecting to see that a hidden SSID may compromise security.
>
> SSID's don't provide less or more security.  They're just not obvious to 
> casual observation by a casual WiFi user looking to hook up.
>
> Some people or companies use hidden SSID's as a layer of protection 
> against hackers.  Against any hacker who really wants to know there are 
> tools that will discover the hidden SSID as soon as anyone in the know 
> hooks up to it.  It's a very thin bit of obfuscation.

Yes, and because of that, it's quite silly for that purpose. I can se
hiding your SSID to discourage relative novices from trying to connect;
but you'd have to be naive to think it is in any way protection from
people who are knowledgeable about networking.

> The best defense WiFi station side is a strong WPA2 or higher access 
> scheme with a long, random char password.

True, though it doesn't have to be random if it's of sufficient
length. I use complete sentences with spaces and punctuation, which
makes them easy to remember, unique, and very secure.

-- 
E-mail sent to this address may be devoured by my ravenous SPAM filter.
I often ignore posts from Google. Use a real news client instead.

JR

Back to comp.sys.mac.system | Previous | NextPrevious in thread | Next in thread | Find similar | Unroll thread

Thread

Hidden SSID is Security Risk? Davoud <star@sky.net> - 2016-09-27 21:20 -0400
  Re: Hidden SSID is Security Risk? nospam <nospam@nospam.invalid> - 2016-09-27 21:27 -0400
    Re: Hidden SSID is Security Risk? Jolly Roger <jollyroger@pobox.com> - 2016-09-28 01:38 +0000
  Re: Hidden SSID is Security Risk? Jolly Roger <jollyroger@pobox.com> - 2016-09-28 01:34 +0000
    Re: Hidden SSID is Security Risk? nospam <nospam@nospam.invalid> - 2016-09-27 21:36 -0400
      Re: Hidden SSID is Security Risk? Jolly Roger <jollyroger@pobox.com> - 2016-09-28 02:08 +0000
        Re: Hidden SSID is Security Risk? Patty Winter <patty1@wintertime.com> - 2016-09-28 04:40 +0000
          Re: Hidden SSID is Security Risk? befr@eaglesoft.de (Bernd Fröhlich) - 2016-09-28 08:59 +0200
            Re: Hidden SSID is Security Risk? Patty Winter <patty1@wintertime.com> - 2016-09-30 01:27 +0000
              Re: Hidden SSID is Security Risk? Davoud <star@sky.net> - 2016-09-30 13:20 -0400
        Re: Hidden SSID is Security Risk? "Happy.Hobo" <Happy.Hobo@Spam.Invalid> - 2016-09-28 12:40 -0500
          Re: Hidden SSID is Security Risk? Jolly Roger <jollyroger@pobox.com> - 2016-09-28 17:46 +0000
    Re: Hidden SSID is Security Risk? Patty Winter <patty1@wintertime.com> - 2016-09-28 04:39 +0000
      Re: Hidden SSID is Security Risk? Lewis <g.kreme@gmail.com.dontsendmecopies> - 2016-09-28 05:03 +0000
        Re: Hidden SSID is Security Risk? Alan Browne <alan.browne@freelunchvideotron.ca> - 2016-09-28 20:07 -0400
      Re: Hidden SSID is Security Risk? Jolly Roger <jollyroger@pobox.com> - 2016-09-28 16:41 +0000
        Re: Hidden SSID is Security Risk? JF Mezei <jfmezei.spamnot@vaxination.ca> - 2016-09-28 13:32 -0400
          Re: Hidden SSID is Security Risk? Alan Browne <alan.browne@freelunchvideotron.ca> - 2016-09-28 20:11 -0400
    Re: Hidden SSID is Security Risk? Alan Browne <alan.browne@freelunchvideotron.ca> - 2016-09-28 20:05 -0400
      Re: Hidden SSID is Security Risk? Davoud <star@sky.net> - 2016-09-28 23:22 -0400
        Re: Hidden SSID is Security Risk? Jolly Roger <jollyroger@pobox.com> - 2016-09-29 04:06 +0000
      Re: Hidden SSID is Security Risk? Jolly Roger <jollyroger@pobox.com> - 2016-09-29 04:06 +0000
        Re: Hidden SSID is Security Risk? JF Mezei <jfmezei.spamnot@vaxination.ca> - 2016-09-29 15:47 -0400
          Re: Hidden SSID is Security Risk? Jolly Roger <jollyroger@pobox.com> - 2016-09-29 21:01 +0000
            Re: Hidden SSID is Security Risk? JF Mezei <jfmezei.spamnot@vaxination.ca> - 2016-09-29 18:10 -0400
        Re: Hidden SSID is Security Risk? "Happy.Hobo" <Happy.Hobo@Spam.Invalid> - 2016-09-29 16:39 -0500
  Re: Hidden SSID is Security Risk? Alan Browne <alan.browne@freelunchvideotron.ca> - 2016-09-28 19:59 -0400
    Re: Hidden SSID is Security Risk? Jolly Roger <jollyroger@pobox.com> - 2016-09-29 00:20 +0000
      Re: Hidden SSID is Security Risk? Alan Browne <alan.browne@freelunchvideotron.ca> - 2016-09-28 20:39 -0400
      Re: Hidden SSID is Security Risk? "Happy.Hobo" <Happy.Hobo@Spam.Invalid> - 2016-09-29 16:47 -0500
        Re: Hidden SSID is Security Risk? Jolly Roger <jollyroger@pobox.com> - 2016-09-29 21:54 +0000
          Re: Hidden SSID is Security Risk? Jolly Roger <jollyroger@pobox.com> - 2016-09-29 21:56 +0000

csiph-web