F12 EEEPC 1000H WLAN with hidden SSID no go

Mikkel mikkel at infinity-ltd.com
Wed Nov 25 20:42:15 UTC 2009 

Bill Davidsen wrote:
> Tim wrote:
>> On Tue, 2009-11-24 at 15:14 -0500, Bill Davidsen wrote:
>>> I don't use hidden SSID much, as it only lends a tiny bit of security
>>
>> It doesn't add *ANY* security.
>> It *does* add problems.
>>
>> It doesn't hide your access point, at all.  It still appears as an
>> access point that can be used.  Anybody, and everybody, can see that
>> there's one there.  It just doesn't have a name associated with it.
>>
>> And the lack of a name doesn't prevent anyone from using it.
>>
> FUD. How can you hold two diametrically opposed ideas in your brain
> without your head exploding? Look at your first two lines and reconcile
> "adds no security" with "harder to use." The fact that problems come up
> regularly from legitimate users indicates that it is harder to get
> working, how that can fail to "lend a tiny bit of security" eludes me. I
> certainly didn't suggest that it was a desirable practice, but I gave it
> an honest appraisal. The fact that it wouldn't slow you down doesn't
> make it worthless.
> 
> However, those are your opinions, you're welcome to them. The second one
> certainly is correct.
> 
You have to remember that you have two types of users here. You have
the normal users - they want to connect to the access point without
problems. Hiding the SSID hurts them. Then you have the cracker.
Hiding the SSID does not hamper him, as he is capturing packets
anyway to help break the encryption. This gives him the SSID as part
of the process even if it not being broadcast. So as a security
measure, it does not add security, while at the same time, it is
making it harder for normal users.

The one exception I can see to that is if the only security is
hiding the SSID. The the person cracking the system has to find the
SSID before connecting. The normal users already have it. But they
have to tell the computer what SSID you are trying to connect to,
instead of the system seeing the SSID and connecting to it, or
giving you a choice of SSIDs to connect to.

Mikkel
-- 

  Do not meddle in the affairs of dragons,
for thou art crunchy and taste good with Ketchup!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: OpenPGP digital signature
Url : http://lists.fedoraproject.org/pipermail/users/attachments/20091125/e6cca2c6/attachment-0001.bin

More information about the users mailing list