this post was submitted on 05 Sep 2024
947 points (99.2% liked)

Technology

59123 readers
4466 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 83 points 2 months ago (3 children)

Hidden WiFi networks are not actually hidden in the literal sense. They still broadcast beacons that your wifi chip will see as basically “hidden network beacon lives here”. Your network connect interface just decides not to show you a list with a bunch of useless “(hidden)” entries you can’t do anything with.

Also, when a new client wants to connect to the hidden network, the first thing it does is broadcast an unencrypted message saying “HEY, I’M LOOKING FOR [hidden network name]” so it’s completely trivial to unveil the name of hidden networks given enough time.

[–] [email protected] 30 points 2 months ago (1 children)

I think it'd be more for obfuscation than completely hiding it. As long as there are other hidden networks on the ship you just name it something generic that blends in. I mean this whole thing is a really stupid idea, but naming it something like "COM.NAB_ISO:4133" would draw less attention.

[–] [email protected] 29 points 2 months ago* (last edited 2 months ago) (1 children)

It’s absolutely mind-boggling that the existing WiFi infrastructure on the military ship didn’t trigger any alarms. This is the kind of thing that you can get from “pro-sumer” grade hardware/software like Ubiquiti, let alone corporate-grade or military-grade stuff. The feature is called “Rogue Access Point Detection” and it’s built into literally every WiFi solution on the market. Like, your local library is analyzing this stuff it’s that basic.

Edit: To more directly address your point, the name shouldn’t matter at all. Rogue AP detection doesn’t give a shit about the display names of things, it looks at the actual hardware addresses and compares them to known things that are owned by your network.

[–] [email protected] 10 points 2 months ago* (last edited 2 months ago) (1 children)

Yup, I did some on-campus IT work while I was in college and it was super trivial to detect when people would have their own networks in the dorms

[–] [email protected] 3 points 2 months ago (1 children)
[–] [email protected] 3 points 2 months ago (1 children)

At mine it was not. Hotspots and the like that stayed up for too long were flagged and action was taken to have them disabled and the student reprimanded.

[–] [email protected] 1 points 2 months ago

Well, I can understand that APs wouldn't be allowed since having lots of APs in one space makes it worse for everyone.

Wired should be allowed though.

[–] [email protected] 20 points 2 months ago (1 children)

That’s why I put that term in quotes, and was specific about default networking interfaces. I didn’t go into detail because that confuses a lot of people.

Source: working with wireless networks professionally for pretty much the last quarter century.

[–] [email protected] 6 points 2 months ago

Yea, that was a good editorial choice on your part. I did pick up on your scare quotes, I just thought it would be good to tack on the additional info “below the fold” because it’s just baffling to me that 20 years later the majority of people still think they’re hackerman when they make WiFi “hidden”.

[–] [email protected] 4 points 2 months ago

"HEY, I’M LOOKING FOR [hidden network name]"

Client devices can also do this all the time even when not in range, which basically broadcasts they're looking for that network everywhere they go. That's just asking for someone to setup a rogue access point.