This shows you the differences between two versions of the page.
Next revision | Previous revision Next revision Both sides next revision | ||
communication:security [2017/10/26 23:49] frater_secessus created |
communication:security [2019/01/27 13:55] frater_secessus [VPN] |
||
---|---|---|---|
Line 1: | Line 1: | ||
- | ====== Wireless security ====== | + | ====== Wireless security |
- | + | Because nomads don't stay in one place their internet connection is usually wireless (ie, radio based). | |
- | Wifi and mobile data are both based on radios | + | |
- you are transmitting sensitive data; //and// | - you are transmitting sensitive data; //and// | ||
- the data is unencrypted at any point along the route | - the data is unencrypted at any point along the route | ||
- | Short version: | + | **Short version:** if you are using a secured website it doesn' |
> You could have an airplane write the transmitted data in the sky and it would still be safe. You could tattoo it on your face and it would be safe. You could paint it on the side of the empire state building and it would be safe. -- secessus | > You could have an airplane write the transmitted data in the sky and it would still be safe. You could tattoo it on your face and it would be safe. You could paint it on the side of the empire state building and it would be safe. -- secessus | ||
Line 12: | Line 11: | ||
==== using websites ==== | ==== using websites ==== | ||
- | {{ http:// | + | {{ http:// |
+ | **If the website is secure the information is fully encrypted between your browser and the website**. | ||
+ | If the site is insecure, refrain from posting sensitive data. If the site requires a login, ensure you are using a unique password and preferably username. ((should be doing this anyhow!)) | ||
Line 20: | Line 21: | ||
+ | ==== using apps ==== | ||
+ | You will have to verify the encryption of app connections on an app-by-app basis. | ||
+ | |||
+ | ==== your connection to the net ==== | ||
+ | |||
+ | Connecting to the net over wifi or mobile data is the "first hop" along the route to the server. | ||
+ | |||
+ | If the website is secured it doesn' | ||
+ | |||
+ | If the website is not secured then password **protected wifi or mobile data may protect you from casual onlookers at that first hop**((ie, at that McDonalds or between your phone and the tower. | ||
+ | |||
+ | It is a fallacy to think open wifi connections present any threat to connections to secured websites. \\ | ||
+ | It is a fallacy to think mobile data increases security on connections to secured websites. | ||
- | ==== using apps ==== | ||
- | ==== connecting over wifi ==== | + | ==== VPN ==== |
+ | A vpn encrypts one or more of the first hops and exits Somewhere Else. After the VPN exit the traffic is just as it was: either secured or unsecured. | ||
- | ==== connecting over mobile data ==== | + | The real value of a VPN is: |
+ | * hide one's IP address from the world in order to foil geolocation. | ||
+ | * hide one's IP address from the world to complicate identification. | ||
+ | * hide traffic from an employer, ISP, or someone else //in the first few hops// | ||
+ | ==== what about Three Letter Agencies ==== | ||
- | using wifi | + | **Q.** |
+ | **A.** | ||
- | using mobile data | ||