Last meters security
Time to rant in Engrish, been a while. For the past year and a half, I've been working at home, using properly wired technologies to get me around the Net and connect to my workplace.
Being the "passive security freak" I am, in other words, knowing about security enough to be able to properly protect what I want and let go what I don't really care about, I tend to try to keep my Internet usage private, to a certain degree.
For example, I do not really care about US of A government knowing about our company or my e-mails, hence I elected to buy a ssl certificate instead of creating my own, for convenience and for others, even if that means a 3rd party has all my info, hence the gov't can get my "secure" transactions anytime they want.
I also do not care much for people to access my "private" network at home, my key is all too obvious and I tell it to whoever goes near my home and asks for it, without reserve. It's still a protected network, but oh so little. I simply don't advertise it as public, there are net cafés for that.
Contrary to many people, I do not used to care about man-in-the-middle attacks. I mean, you still need either your network compromised, your computer compromised, your ISP compromised, the backbone compromised or the server (my server for instance) compromised. If that were to happen, I'd be in more trouble than anything. People understand that, using unsecure channels to send anything, even for sending passwords, private information, e-mails with important matters.
However, after starting to work in cafés and public places, that led me to thinking about the last meter security in wireless cafés and wireless networks. As soon as your key is compromised, or as soon as you have a open network, anyone can get everything you type and send, as long as you are not using a secure channel (https, sftp, ssh, pop3s, smtps, imaps).
The exercice is simple. Go to your favorite web site and whisper audibly whatever you type that is unsecure, passwords included. For example, my web site and wordpress in general doesn't allow to have a 2nd address in a secure location to log in. Like for instance having a https://login.php, only for that part. Or the add comments, or the post message, or the whole wp-admin folder.
Some exceptions do arise. For example hotmail do secure the login transaction, and that only (unless you specify a fully protected session). But these exceptions are very rare, due to the quantity of CPU used in https sessions, and the quantity of people who don't believe in security. Because of wireless network, this attitude will need to be changed. Either that, or there will need to be some amendments to the wireless protocol to allow for a fully protected session.
If I had to propose something in the wireless protocols, even the parts concerning open networks, it would be to have a secure login to the open network, followed by a basic encryption scheme throughout the life of the connection, for the whole connection, not only some part of it.
For example:
- I connect to the open network
- I receive the proper credentials to connect to the network, along with a flag saying the router supports security connections, and an open key.
- I send my open key using the router's open key.
- Data protection is negotiated between my computer and the router, which would consist of either a basic high-speed encryption, or a higher grade encryption when it is required, that could consist of a full ssl.
- The key is renowed at regular intervals, for better protection of poor encryption.
Maybe a full ssl session connection, then followed by a randomly generated WPA key only valid for my current computer session, and a socket to a port somewhere that would be kept open, used only to give back a new randomly generated WPA key every hour or so. That would probably work in current generation wireless routers, as they support such systems internally, and usually have a https server internally.
And no I do not believe the coffee shop owner is a bad guy. If you believe so, go somewhere else, or at least use secure protocols to your server. 
And no I do not believe my own home or my friends are bad guys. If I believed so, they either wouldn't be my friends, or at least I'd be in therapy.
