From: Dan Williams <dcbw@redhat.com>
To: Johannes Berg <johannes@sipsolutions.net>
Cc: Vincent C Jones <v.jones@networkingunlimited.com>,
Tomas Winkler <tomasw@gmail.com>,
Brian Morrison <bdm@fenrir.org.uk>,
linux-wireless@vger.kernel.org
Subject: Re: RE: iwl3945 problem with 2.6.25-rc9
Date: Sun, 20 Apr 2008 11:24:17 -0400 [thread overview]
Message-ID: <1208705057.5036.7.camel@localhost.localdomain> (raw)
In-Reply-To: <1208610565.26186.17.camel@johannes.berg>
On Sat, 2008-04-19 at 15:09 +0200, Johannes Berg wrote:
> > > Does anybody actually *want* that? I personally dislike the behaviour
> > > of scanning for all previously known SSIDs actively when hidden SSIDs
> > > are so uncommon, I see it as an information disclosure vulnerability.
> >
> > I can't speak for what others may want, but the Payment Card Industry
> > security guidelines include not broadcasting the SSID as one of their
> > requirements, if that is what you mean by "hidden SSIDs."
>
> So how would you feel if I told you that, after you have once used that
> hiddent network, your laptop will be broadcasting the SSID in probe
> requests every time it scans, no matter where you are, even if you've
> moved across the continent?
Unfortuately, I keep getting way too many reports about hidden SSIDs
still. I don't feel like it's something we can start ignoring (yet).
Maybe in a few years, but we've still got to handle this for the
forseeable future.
Dan
next prev parent reply other threads:[~2008-04-20 15:28 UTC|newest]
Thread overview: 38+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-04-15 22:24 iwl3945 problem with 2.6.25-rc9 Marcus Furlong
2008-04-16 18:28 ` Chatre, Reinette
2008-04-16 19:01 ` Marcus Furlong
2008-04-16 19:26 ` Dan Williams
2008-04-16 19:48 ` Marcus Furlong
2008-04-16 20:04 ` Dan Williams
2008-04-16 21:22 ` Chatre, Reinette
2008-04-16 22:05 ` Marcus Furlong
2008-04-16 22:55 ` Chatre, Reinette
2008-04-17 0:06 ` Marcus Furlong
2008-04-18 3:03 ` Marcus Furlong
2008-04-18 21:46 ` Chatre, Reinette
2008-04-18 21:57 ` Johannes Berg
2008-04-18 22:12 ` Chatre, Reinette
2008-04-18 22:23 ` Brian Morrison
2008-04-18 22:35 ` Chatre, Reinette
2008-04-18 22:38 ` Brian Morrison
2008-04-18 22:37 ` Johannes Berg
2008-04-18 22:39 ` Johannes Berg
2008-04-19 0:28 ` Tomas Winkler
2008-04-19 8:32 ` Johannes Berg
2008-04-19 12:39 ` Vincent C Jones
2008-04-19 13:09 ` Johannes Berg
2008-04-19 13:44 ` Vincent C Jones
2008-04-19 13:48 ` Johannes Berg
2008-04-19 13:51 ` Johannes Berg
2008-04-20 15:33 ` Dan Williams
2008-04-20 15:24 ` Dan Williams [this message]
2008-04-20 20:39 ` Tomas Winkler
2008-04-21 0:14 ` Dan Williams
2008-04-21 18:39 ` Tomas Winkler
2008-04-21 19:20 ` Dan Williams
2008-04-21 20:47 ` Tomas Winkler
2008-04-20 15:28 ` Dan Williams
2008-04-19 2:32 ` Marcus Furlong
2008-04-22 23:02 ` Chatre, Reinette
2008-04-23 13:23 ` Marcus Furlong
2008-04-16 23:01 ` Marcus Furlong
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1208705057.5036.7.camel@localhost.localdomain \
--to=dcbw@redhat.com \
--cc=bdm@fenrir.org.uk \
--cc=johannes@sipsolutions.net \
--cc=linux-wireless@vger.kernel.org \
--cc=tomasw@gmail.com \
--cc=v.jones@networkingunlimited.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).