> I'm primarily thinking of a wifi office or internet cafe; can't > everybody sniff everybody else's traffic (including DNS requests)? Does > this mean that every wifi network is vulnerable to this really easy > attack, and there's basically no defense other than upgrading all of DNS?
When your traffic is in plain-text while you're in a wifi cafe, you give your privacy to the one operating that access point already. https was designed for these scenarios. When your traffic is sensitive, use https. I'm wondering what would one gain by eavesdropping unimportant traffic of others in an Internet cafe? I'm not sure if this attack can cause any noticeable damage. A. _______________________________________________ p2p-hackers mailing list p2p-hackers@lists.zooko.com http://lists.zooko.com/mailman/listinfo/p2p-hackers