On Mon, 21 Nov 2005, Stephen J. Wilcox wrote: <snip>
What do you learn by looking at someone's ipsec, ssl-wrappered, or ssh tunneled traffic?
no, we're not trying to do that, you dont really think that because its encrypted it cant be decrypted do you?
I do believe (reasonably so, I think) that if I'm going have a conversation with a second party whom I already trust, that a third party will have trouble inserting themself into the path of that conversation without revealing their presence.. <snip>
you dont have to break the code if the endpoints trust sessions with you and share their encryption keys
Successfully inserting yourself in the middle requires some social-engineering or really bad protocol design. The former can be mitigated through vigilance, the later falls into the realm of peer review and security research. If I may paraphrase the original posters question (Ross Hosman), it was: Do large wireless buildouts present a new security threat due to the potential to spoof AP's? The answer to that is no, this is a threat we live with currently. We have tools to mitigate the risks associated with it. You can say that consumers are stupid, and won't figure this out, and that may be true; however when it's starts to cost them losts money, they will sit-up take notice and buy tools to solve this problem for them, just like they do with any other security threat that goes beyond being an anoyance. probably said product will be blue, say linksys on it, and have the word vpn (among others) buried on the packaging someplace.
Steve
-- -------------------------------------------------------------------------- Joel Jaeggli Unix Consulting joelja@darkwing.uoregon.edu GPG Key Fingerprint: 5C6E 0104 BAF0 40B0 5BD3 C38B F000 35AB B67F 56B2