[OT] Does ad-hoc network depend on "security through obscurity ?"

James Cameron quozl at laptop.org
Mon May 31 02:20:25 EDT 2010


On Sun, May 30, 2010 at 04:38:37AM -0500, Mikus Grinbergs wrote:
> But this was on channel 1.  Can neighbors (or drive-bys) connect to
> it?

Yes.  Depending on what you mean by "connect".

Anyone else in the vicinity [1] can obtain the laptop name [2] merely by
performing a passive scan [3].

Anyone in the vicinity [1] can associate with the network, can negotiate
an IP address using zeroconf, and could monitor the network packets and
see the laptop name [2], and obtain activity sharing data; e.g. a
transcript of Chat between two XOs.

> And what is my legal liability if they do?

That depends on your legal environment.

As Sascha pointed out: this same vulnerability is common to all laptops,
computers, and operating systems that contain support for open wireless
networks.  There's no obscuring.  I see these ad-hoc networks available
on my MacBook and can connect to them.  I can't reach the internet
through them though.

The ad-hoc network mode does not depend on security by obscurity.  It
simply has no security at all, apart from that afforded by user
training.

Footnotes:

[1] within radio range, which varies from metres to kilometers depending
on height above ground of each wireless device,

[2] the "Name" and "Color" as set on initial boot or using the Control
Panel (My Settings) page "About Me",

[3] "iwlist eth0 scan" or the equivalent, such as the what the
Neighbourhood View does on an XO, or the wireless menu on an Apple.

-- 
James Cameron
http://quozl.linux.org.au/



More information about the Devel mailing list