>Unlike previous Wi-Fi attacks, AirSnitch exploits core features in Layers 1 and 2 and the failure to bind and synchronize a client across these and higher layers, other nodes, and other network names such as SSIDs (Service Set Identifiers). This cross-layer identity desynchronization is the key driver of AirSnitch attacks.
>The most powerful such attack is a full, bidirectional machine-in-the-middle (MitM) attack, meaning the attacker can view and modify data before it makes its way to the intended recipient. The attacker can be on the same SSID, a separate one, or even a separate network segment tied to the same AP. It works against small Wi-Fi networks in both homes and offices and large networks in enterprises.
----
I wardrove back in the early 2000s (¡WEP lol!). Spent a few years working in data centers. Now, reasonably paranoid. My personal network does not implement WiFi; my phone is an outgoing landline; tape across laptop cameras, disconnected antenna; stopped using email many years ago...
Technology is so fascinating, but who can secure themselves from all the vulnerabilities that radio EMF presents? Just give me copper/fiber networks, plz.
----
>the next step is to put [AirSnitch] into historical context and assess how big a threat it poses in the real world. In some respects, it resembles the 2007 PTW attack ... that completely and immediately broke WEP, leaving Wi-Fi users everywhere with no means to protect themselves against nearby adversaries. For now, client isolation is similarly defeated—almost completely and overnight—with no immediate remedy available.
It is hard to disagree with this approach. While I still use WiFi, it is a separate subnet and only whitelisted MACs are allowed to use it. Cameras and microphones are always unplugged when not in use, and my phone runs GrapheneOS. I also removed the hands-free microphone in my car, as well as the cellular modem.
Is MAC whitelisting anything but security theater? Isn't it trivial to determine a valid client MAC then spoof it?
What makes you say that? It does not seem trivial at all to guess a valid MAC.
It's not just a guess.
Any decent sniffer (e.g. airsnort) can immediately identify all associations between all WiFi/Bluetooth devices. DD-WRT (router firmware/OS) has this WiFi-associations detector built-in ("local WiFi map"). There is no need to attempt any sort of hack — associations are publicly-broadcast information.
Then, just pick any authorized MAC and duplicate as your own.
The MAC addresses of all the Wi-Fi clients are broadcasted in plain radio format all over the 2.4GHz. It is trivial.
It's in managmenet frames that you can sniff.
Does wpa3 pmf fix this particular issue?
This isn't considered "broken" — it's part of how WiFi works/associates.
You would like the film The Conversation (1974).
Enemy of the State is a pretty good light weight successor of that movie as well. It's such a fun watch too. (RIP Gene Hackman)
For a second I thought this was the Mel Gibson movie where he proves a Conspiracy Theory (1997)... but Gene Hackman, post-Watergate — with an ensemble cast of eavesdroppers?! — tonight's movie, decided.
Thank you for your recommendation - it be crazy up in here (head, country, world).
One fan theory is that Gene Hackman plays the same character, decades later, in Enemy of the State (1998).
I'll have to rewatch EofState, after tonights Conversation.
Fan theories are the only way I ever finished DFWallace's trifecta (2000 pages of gruelling chaos). Thank god for fans.
Directed by Francis Ford Coppola, Palme d'Or at Cannes, three Oscar nominations including Best Picture (which, amusingly, it lost to The Godfather Part II).
Great movie.
In all fairness, Part II is absolutely incredible storytelling.
Are you suggesting The Conversation is even better?! So excited for tonight's showtime — I'll make an updated reply here, tomorrow morning (with my viewreport).
I think they were simply musing as to how one Coppola film lost to another.
… also starring Harrison ford…
I'm watching this right now... Ford is ssoo yyoouunngg!
It also has Frodo from Godfather.