Re: [PLUG] Not the wisest comment on the Colonial break-in

Rich Freeman via plug on 10 May 2021 08:30:26 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Not the wisest comment on the Colonial break-in

From: Rich Freeman via plug <plug@lists.phillylinux.org>
To: Floyd Johnson <fljohnson3@sisna.com>
Subject: Re: [PLUG] Not the wisest comment on the Colonial break-in
Date: Mon, 10 May 2021 11:30:06 -0400
Cc: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>
Reply-to: Rich Freeman <r-plug@thefreemanclan.net>
Sender: "plug" <plug-bounces@lists.phillylinux.org>

On Mon, May 10, 2021 at 10:50 AM Floyd Johnson via plug
<plug@lists.phillylinux.org> wrote:
>
> This faintly reminded me of the difficulty we had setting up a Roomba a
> few months ago due to its lack of WPA2 capability. With a moment to
> think, I can almost understand the negative presumption about the
> consumer, essentially, "WLAN security provisions add unneeded cost, as
> John Q. Public doesn't bother with those."

WiFi is such a dumpster fire for security.

First, the default is no encryption.  That shouldn't even exist as an
option, even for networks where you want public access.  All
connections should at least use DH key exchange to defeat passive
monitoring.  Yes, that doesn't stop MITM, but it does force
evesdroppers to use active attacks which are far easier to detect and
also harder to pull off in the first place.

Second, there are a bunch of broken protocols like WEP which still
exist as options decades after being completely compromised, and these
give consumers a false sense of security when they get inadvertently
selected.  These shouldn't even be options at this point.

Finally, the most common "secure" mode for non-enterprise use is
WPA2-PSK, and this allows passive monitoring by anybody who knows the
PSK if they capture the initial handshake.  So if you use an encrypted
public network such as at a coffee shop where the password is written
on a sign, then anybody on that network who also knows the password
can evesdrop on your connection.  Again, while the password could be
used for AUTHENTICATION it really shouldn't be a substitute for
something like DH at the very minimum.

Of course using something like certificates to defeat MITM should be
the gold standard.  However, there is no reason that more
consumer-oriented implementations shouldn't at least defeat passive
monitoring.

>
> As for Colonial Pipeline, I have only the foggiest idea what happened
> over there. At most, I can only presume they have better backup habits
> than mine, and are currently reloading everything up to just before the
> the malware got in.

I guess we'll see.  Security costs money.  When a manager spends more
money he gets punished for it immediately.  When a manager doesn't
spend enough on security chances are he never hears about it, or he is
in a different job when it blows up for his successor, or if he does
get burned it is many years later and with everybody shrugging their
shoulders saying "who could have predicted this?"  High-impact
low-probability long-term decisionmaking is something that most people
are really bad at.

-- 
Rich
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug

References:
- [PLUG] Not the wisest comment on the Colonial break-in
  - From: Floyd Johnson via plug <plug@lists.phillylinux.org>

Prev by Date: [PLUG] Not the wisest comment on the Colonial break-in
Next by Date: Re: [PLUG] Not the wisest comment on the Colonial break-in
Previous by thread: [PLUG] Not the wisest comment on the Colonial break-in
Next by thread: Re: [PLUG] Not the wisest comment on the Colonial break-in
Index(es):
- Date
- Thread