[kwlug-disc] Firesheep: Open WiFi cookie stealing for the masses ...

Adam Glauser adamglauser at gmail.com
Wed Oct 27 18:05:20 EDT 2010

On 27/10/2010 5:58 PM, unsolicited wrote:
> Isn't the root cause, here, really, and merely, never use open wi-fi?

Based on what Lori said earlier, I'd say the real problem is that even 
WPA encrypted wifi is not really safe if you don't trust the other 
people that have the WPA key.

In that case, the only solution is to use an end-to-end encryption 
technology, like SSL, SSH tunneling or VPN.

I think I must be missing something - does anyone know why the WPA 
session negotiation doesn't use a secure key-exchange algorithm to 
generate session keys?  As Paul said, this seems like it should be a 
solved problem.

More information about the kwlug-disc mailing list