Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

WiFi Security Questions

Posted on 2014-02-09
7
Medium Priority
?
349 Views
Last Modified: 2014-04-01
1. If I connect to an unsecured public WiFi, and someone is capturing packets, will he be able to capture and read all my unecrypted data?
2. If it's secured by WPA, does that prevent him from capturing data?
3. Is cellphone data secure?

Thanks!
0
Comment
Question by:epichero22
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 35

Accepted Solution

by:
Dan Craciun earned 500 total points
ID: 39845859
1. Yes
2. No. He will still be able to capture the data, but he will need to decrypt it. The packets still travel on the same medium (air) even when encrypted.
3. From who?
0
 
LVL 6

Expert Comment

by:Jelcin
ID: 39845884
2. If he / she has the WPA key and is in the same wlan then he is able to capture the packets without having to decrypt it.
3. Cell phone data in general is secure but of course it can be captured for example by NSA :)
0
 
LVL 17

Expert Comment

by:Kent Dyer
ID: 39845917
If you Google PCWorld's 5 Wi-Fi Security Myths you need to abandon now will help you understand this.  For the encryption (WPA/WPA-2), you need a PSK (Pre-Shared) key to get on your WPA or WPA-2..  Do stay away from WEP as it is pretty easily cracked.
0
Understanding Web Applications

Without even knowing it, most of us are using web applications on a daily basis. Gmail and Yahoo email, Twitter, Facebook, and eBay are used by most of us daily—and they are web applications. We often confuse these web applications tools for websites.  So, what is the difference?

 
LVL 44

Assisted Solution

by:Darr247
Darr247 earned 500 total points
ID: 39846108
> 2. If he / she has the WPA key and is in the same wlan then he is
able to capture the packets without having to decrypt it.

That's not accurate. If it's WPA2/AES they would both have different encryption vectors, set when their sessions were negotiated, using different NONCE values.  The data are not encrypted using only the 8 to 63 character passphrase.
0
 
LVL 47

Assisted Solution

by:Craig Beck
Craig Beck earned 1000 total points
ID: 39848699
+1 for Darr's comment.

The data is encrypted on a per-session basis between client and AP and the session-key is unique per client.  The data is only decrypted by the AP or client.

If clients connected to the same AP are exchanging data it is decrypted at the AP then re-encrypted with the particular receiving client's session details before it gets to him.

If the data leaves the AP on the wired-side it is decrypted before it goes on the wire, but then the data isn't sniffable by a wireless client.

That's not to say that it's completely secure though.  Once you have the PSK you can grab some over-the-air packets and attempt to decrypt them using the information you already have and a dictionary, for example.
0
 
LVL 11

Author Comment

by:epichero22
ID: 39905054
What about networks that have no security, but you need to login through a webpage before it lets you browse?  Can someone else still see what I'm sending / receiving?
0
 
LVL 47

Assisted Solution

by:Craig Beck
Craig Beck earned 1000 total points
ID: 39905095
Yes.  The traffic over-the-air is completely unencrypted after the initial login (usually via HTTPS).

You could use a VPN service to encrypt your traffic using IPSec if you use an open hotspot.
0

Featured Post

Free Backup Tool for VMware and Hyper-V

Restore full virtual machine or individual guest files from 19 common file systems directly from the backup file. Schedule VM backups with PowerShell scripts. Set desired time, lean back and let the script to notify you via email upon completion.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is in regards to the Cisco QSFP-4SFP10G-CU1M cables, which are designed to uplink/downlink 40GB ports to 10GB SFP ports. I recently experienced this and found very little configuration documentation on how these are supposed to be confi…
This month, Experts Exchange’s free Course of the Month is focused on CompTIA IT Fundamentals.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Suggested Courses

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question