IBM To Unveil Secure Open Wireless At Black Hat

Trailrunner7 writes "Researchers from IBM's ISS X-Force plan to unveil a new system for running an open wireless network in a secure mode at the Black Hat conference here this week. The system mimics the way that Web sites browsers use digital certificates to establish a trusted connection with one another. X-Force researchers have been working on the system for a while now and the company plans to demonstrate the technology on Thursday during the conference. One of the main problems with public wireless networks is that they're susceptible to a number of simple attacks, including passive sniffing and man-in-the-middle. The X-Force system is designed to get around these problems by using a digital certificate to assure users that they are communicating with the wireless hotspot that they think they are."

Re:So how do I know...

[phantomfive]

Use a domain name as the SSID, and use the existing certificate framework that your browser currently uses. At least, that is the solution mentioned in the article.

Re:I could be wrong but...

[TheRaven64]

No, not at all secure. You just need to sniff the traffic that nodes that know the SSID broadcast and you can connect.

Re:Wait

[DrgnDancer]

But if you're at IBM's headquarters, and they have a big sign saying "Our public wifi network is "IBM.com" and is digitally signed" then you can be reasonably sure that you're OK. Not perfectly sure, but much more so than with current implementations. So Starbucks hangs a little sign that says "Join SSID Starbucks.com for free wifi!" Is it still possible that someone sets up a "storbucks.com" SSID and catches a few fish? Sure, but it's a Hell of a lot better than nothing. If you pay a little attention you should be much more secure than you would be otherwise.