I mean, I already send sensitive information to the public internet, how much more risky could this be? The WEP leak requires the attacker to be physically proximal to your network and deliberately trying to attack, and since wardriving hasn't been a thing in at least a decade now, unless you live in a super-dense apartment complex, the odds of this ever happening are just so, so low. It's a little like preparing for your house to resist a plane crash.
And even then: what information is being transferred on my LAN that isn't already being transferred on the internet, and how much of it is being transmitted as cleartext? Do you think I'm sending my credit card numbers and passwords back and forth between my home machines? The only 802.11b traffic in my home is machines so old they can't even do SSL, so there is, AFAIK, no site or platform left in this world that both requires a login and protects sensitive information that I can use on those machines. I am truly not worried about someone hacking my Macintosh Repository account.
...yeah? Who is out there running WEP and WPA on the same router? How many modern routers is this even possible on? My 802.11b network is a WRT-54G hardwired into my real router, with a separate SSID that isn't broadcast. I fully realize not broadcasting an SSID isn't a security measure, but if people can't even casually notice that it exists, that's another layer of lowered probability.
Someone would have to choose my house AND be within ~20m of my router (the closest they can get without trespassing is about 10m) AND looking for hidden 802.11b networks AND willing to sit there to capture enough packets to crack the password (which, on a network that probably handles 200 HTTP transactions a month, on perhaps as many as three days in that month, is gonna take them anywhere from a couple hours to several weeks) AND then mess with redirecting traffic...all to, what, capture a bunch of encrypted traffic and some HTTP transactions to sites that don't even have logins, much less host any information worth having?
And they'd have to be parked in front of my house to do any of that...and everything but the old Macs is VPNd on each device, so that's yet ANOTHER level of obfuscation to this imaginary attacker being able to do anything more nefarious than printing porn on the LaserJet that's turned off 98% of the time. This whole thing is like four orders of magnitude less likely to affect me than the act of simply living in a house people can see.
And the most root reason this doesn't matter? This is hogwash. I'm not making anyone do anything; I can't prevent anyone reading this from doing literally anything at all. The person who gives an eighth of a metric shit about IPSEC or INFOSEC and follows advice from internet randos like they're military orders doesn't exist, and honestly, if they did, should not be using the internet unsupervised in the first place and is their own largest security hole.
Be this paranoid at work. At home just isn't enough of a target and doesn't have enough at stake to get this worried about it.
Last edited:
