Subject: Re: Initial stab at QT based wifi browser. Comments?
To: None <firstname.lastname@example.org>
From: Martijn van Buul <email@example.com>
Date: 04/19/2006 08:32:17
It occurred to me that Lubomir Sedlacik wrote in gmane.os.netbsd.devel.kernel:
> On Tue, Apr 18, 2006 at 05:38:28PM +0000, Martijn van Buul wrote:
>> If you want to have useful roaming support, I think you'd need to have
>> a background daemon connecting to whatever network it "knows". I kind
>> of like that feature from (excusez-moi le mot) Windows XP.=20
> are we talking about the same (mis)feature as described in
> http://www.securityfocus.com/archive/1/422250 ?
Yes. And it's not a misfeature merely because Windows just happens to have it.
The securityfocus article merely sums up the risk of using unencrypted
networks, and using *only* the network name for authentication. But really,
if you're using an unencrypted network, you have more possible security issues.
Wireless networks are a certain security risk. Period.
 It's a bit peculiar to see how most APs do MAC address filtering to
prevent rogue clients from joining, but I haven't seen anyone check the
MAC address of the AP they're associating with in an attempt to prevent
joining a rogue AP. I know this would not solve the issue at hand, but it
would raise the bar *considerably*.