[Cialug] Wired and Wireless security differences
Dave J. Hala Jr.
dave at 58ghz.net
Mon Dec 17 15:46:46 CST 2007
Its true that SSL traffic can be brute force de-crypted, but how likely
is it that the person next door sniffing your wifi traffic, or the
person sitting out in the street capturing your session, has access to
that much computing power?
On Mon, 2007-12-17 at 15:39 -0600, Jeffrey Ollie wrote:
> On 12/17/07, Nathan C. Smith <nathan.smith at ipmvs.com> wrote:
> >
> > Today somebody challenged my (perhaps falsely held) belief that an SSL
> > transaction over wireless was equivalent to SSL over wired. Is there an
> > appreciable difference between the two?
>
> The only difference is that it's easier to sniff wireless traffic,
> therefore someone could see that you are sending encrypted traffic to
> an IP address belonging to Amazon.com. If they capture enough of your
> traffic, they could probably correlate the unencrypted traffic to
> Amazon.com with the encrypted traffic to make a guess at what you've
> bought. And even SSL traffic can be decrypted if you wait long enough
> or through enough computing power at it.
>
> Jeff
> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> http://cialug.org/mailman/listinfo/cialug
More information about the Cialug
mailing list