[AusNOG] Interception?

Matthew Moyle-Croft mmc at mmc.com.au
Fri Jul 6 14:54:22 EST 2012


On 06/07/2012, at 2:10 PM, Paul Gear wrote:

> On 06/07/12 11:56, Jake Anderson wrote:
>> 
>> On 06/07/12 11:42, Matthew Moyle-Croft wrote:
>>> A side thought about this problem:
>>> 
>>> I can finally see a use for QR codes - since most devices these days
>>> have the ability to read them.  Then having a standard for reading
>>> them in and setting not just wifi SSID but also, say, encryption and
>>> portal details would save a lot of hassle.
>>> 
>>> MMC
>>> 
>> Its got my +1
>> thats a great idea.
> 
> I can't believe QR codes have caught on for anything at all.  Training
> end users to follow links in an encoding scheme that they can't possibly
> read and evaluate for themselves is just making a rod for our own
> backs.  I view QR codes as a standard for distributing malware URLs,
> nothing else.

It's a fair point Paul - it's why I've never been a fan.  However, I'd argue that in this particular case it's a moot problem - It opens people up to no more of an issue than connecting to unencrypted and incorrect WIFI AP that snoops everything.  

If you had some kind of standard there's a possibility of being able to wrap some of the data in public crypto to validate against a set of certificates on a device looking for these QR codes.  But it'd have to be optional so that it didn't create a closed system that meant, for instance, only paying members of a scheme (such as telcos) could provide WIFI APs.  (I'm sure governments would love it!).

MMC




More information about the AusNOG mailing list