What I am trying to get at here is the problem of usability. Security is no use
to me to stop Internet crime if everyone either turns it off or is unable to
use it. The layered model is a big problem here because the lower layers
abstract away the user. There is no user interface, there are no
Phillip does have a point regarding 802.1x authentication, which is
typically used to authenticate the user to the service, and not vice
versa. Conceivably a person could set up an evil access point that
advertises the same beacon as the official access points, and has
802.1x enabled to accept the
Yes, a security experiment is not so interesting without an attack.
I would like an evil twin access point to be set up with a cert that says 'evil
twin' and measure how much traffic goes through it. This is frequently done at
BlackHat albeit not necessarily in a manner that complies with
Phillip,
write an Internet Draft prior to the experiment,
+1
*IPv6 Next Steps*
The Philadelphia IPv6 outage tested one specific aspect of the
transition - is there an IPv6 network on the other side to connect to
in due course, is it possible to run a pure IPv6 network?
I think that
Phillip:
Have you tried the SSID at the IETF meetings that is configured to make
use of 802.1x?
Russ
At 01:49 PM 3/24/2008, Hallam-Baker, Phillip wrote:
Secure WiFi Connection
I would like to see some demonstration of the fact that the default WiFi
configuration on all existing platforms
Well I would submit that there is a major problem there on the security
usability front.
Don't make me think. My tolerance for network configuration is vastly greater
than the typical user.
This has to all just work, just like my Apple Mac did on the home network the
day I bought it. Not
I am willing to have a go at it next time round but only if I have some idea
what I am expected to have on my machine and what authentication indicata I am
to expect.
As it stands there is no way for me to evaluate an authentic or inauthentic
experience. I don't know what authentic looks like.
On 25 mar 2008, at 02.18, Hallam-Baker, Phillip wrote:
I am willing to have a go at it next time round but only if I have
some idea what I am expected to have on my machine and what
authentication indicata I am to expect.
As it stands there is no way for me to evaluate an authentic or