[Noisebridge-discuss] FYI, Noisebridge Wifi is not secure
Scotty Allen
scotty at appmonsta.com
Tue May 29 06:04:45 UTC 2012
Sure enough:
http://code.google.com/searchframe#OAMlx_jo-ck/src/net/base/transport_security_state_static.json&exact_package=chromium&q=noisebridge.net&type=cs&l=187
However, this section of the file does say "// Force HTTPS for sites
that have requested it." so I'm not sure I consider this proof of
anything...
-Scotty
On Mon, May 28, 2012 at 4:25 PM, Will Sargent <will.sargent at gmail.com> wrote:
>
> To some people (mostly security and / or network professionals), this
> is blindingly obvious -- to those who aren't, this may be news.
>
> It's pretty clear that there are sniffers active in the space. We've
> had people try to hack machines or web sessions before, and I'm not
> saying there are SSL hacks, but consider that https://noisebridge.net
> is hardcoded into Google Chrome's source code.
>
> You may wish to consider a VPN, and/or disable mobile devices.
>
> http://tersesystems.com/2012/05/28/how-to-surf-from-a-public-wifi
>
> Will.
> _______________________________________________
> Noisebridge-discuss mailing list
> Noisebridge-discuss at lists.noisebridge.net
> https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss
More information about the Noisebridge-discuss
mailing list