That’s what I was wondering upthread, but it might just be that your computer is smart enough to broadcast a request when (and only when) it can’t see the connection.
I guess it depends whether your computer is more vulnerable when it’s expecting to connect to a hidden connection - some of the posts upthread seem to suggest that, but I’m not sure, for the same reason you mentioned above.
Alright, here’s a scenario. Let’s say you’ve got a typical home Wi-Fi setup, with SSID Broadcast enabled. Your SSID is “BigTsLAN”. Because you’re a smart cookie, you have WPA2 (AES) enabled on this connection. You happily use your laptop with this Wi-Fi network for a week.
Next week, your laptop dies, so you lose your remembered Wi-Fi networks and have to set everything up again. Now, wait a minute, when you try to connect to BigTsLAN, you see two of them! Turns out you’ve got a neighbor who’s trying to steal your credit card number. At this point, you can take action to determine which is which (fiddle with the SSID on your router, maybe his BigTsLAN has no security and yours does, etc.)
But if you take this scenario and change it so SSID Broadcast is disabled, at paragraph two, you’re right fucked. You tell your laptop to connect to a router with hidden SSID “BigTsLAN”, and your laptop dutifully shouts out to the entire world, “HEY, WHICH ONE OF YOU IS BigTsLAN?” The bad guy’s network, obviously, says, “Right here! I’m BigTsLAN! Connect to me!” And now you’ve connected to the bad guy’s network, and anything you send or receive on that laptop can be intercepted by the bad guy. That’s what the quotes in the OP were getting at, and they’re totally correct.
That scenario only works if encryption is disabled. If your router had WPA enabled, then (at least for OS X), the laptop won’t automatically connect to another network of the same name without encryption.
:smack:
By broadcasting your SSID, your network will be more unsecured due to the fact that it will be exposed to everyone. No doubt that a super hacker or super thief of CIA or KGB will be able to get into your home, but stating that because of that, you should leave the door all the way opened, is not only stupid but neglected with your own security.
There is absolutely nothing that can be 100% secured in this world, security is only about making it more difficult for unauthorized access. And for that reason, security is not made by just one rule, it is a combination of many precautions.
Let’s use the head - “How to make it more difficult for unauthorized access”
1 - WIFI works only within a very limited range - 300 meters max and that’s a limitation to the number of people who can access your wireless network.
2 - Who are in range with your WIFI?
a) How many of your neighbors are “super hackers” capable to retrieve your SSID?
b) How many hackers can come in a VAN and park on your driveway?
c) How many kids are hacking neighbors for fun?
3 - Who are you?
a) A multimillionaire such Donald Trump?
b) A person with many secrets such Bill and Hilary Clinton?
c) A bank?
4 - What do you store on your computer?
a) Pictures of Paris Hilton?
b) A piracy music library of 300,000 songs?
Think on this, Do you really believe that a super hacker will waste his expensive time to drive to your neighborhood and hack into your WIFI with a SFY kind of VAN?
Of course no. So, the fact that a super hacker, might do so, it justify the stupidity of broadcast your SSID?
My friend, disable SSID broadcasting wasn’t invented to protect you from Castro, it was designed for protecting you against the “hackers wannabe” more likely kids on your neighborhood
Windows, Linux and MAC can connect to hidden SSIDs, the problem with Windows 7 is that it lost connectivity with the WIFI when the computer is unused for several hours but Microsoft products don’t have any bugs, they call them “Features”.
Please, use your head before recommending the stupid things that you believe such broadcasting the SSID because you think that a super hacker can do it.
:dubious:
I forgot to mention a small detail, HTTPS and the Credit Card ACT
First of all, all sensitive data such passwords, credit card etc are no longer transmitted in “text only” whenever you see HTTPS, it is encrypted
1 - You hack into my network, now you need to hack into my firewall etc and decrypt my credit card
2 - Don’t worry about WIFI security, just concentrate in hacking my firewall
3 - Let’s remove the firewall from the picture, just get my credit card
My friend, the more precautions you take, the more difficult is for a hacker to get in -
if [“making it more difficult” = “more secured”] then; broadcast your SSID and do the math
Okay, wait a minute. I have taken my laptop over to my sister’s house. My brother in law set up their home network and he hides the SSID. He gave me the credentials for his network and I successfully connected. I have since left their house and my laptop has not returned. However, his credentials are still saved in my computer.
Sitting in my own house, connected to my own wifi network, is my laptop at risk because it is looking for my sister and brother in law’s home network? Why would it do that since it is properly connected to my own network? Is my laptop at risk when I am traveling to places other than my sister’s or my own home?
It just seems that my computer is at greater risk of the hotel housekeeper physically stealing the thing than someone in the hotel detecting its request for my brother in law’s network and then doing something evil with it.
Think on the extreme difficulty on your story. A guy point a gun on your head and get your laptop, then jumps from the Golden Gates bridge and land on a vessel that goes to London but is killed by a fly and the laptop is confused with another laptop from a guy who hijacked a plane to Cuba and during the trip, he connect to your network thinking that he is connected to the White House that was hacking into the Kremlin and mistakenly fire a nuclear missile form Pyongyang to Iran
Well, in that case, you can enable or disable the SSID and Fox News won’t even notice it but normally, Disabling SSID will give you more protection - no all the protection against a nuclear missile but an acceptable level of protection against hackers wannabe
O socialismo é a filosofia do fracasso, a crença na gnorância, a pregação da inveja. Seu defeito inerente é a distribuição igualitária da miséria.
Please pay no attention to our new guest, as they do not know what they’re talking about. Broadcasting SSID continues to be recommended, advised, and in some cases, required. Until someone from the likes of Microsoft or Cisco comes around to say hiding your SSID is a good idea, I will continue to recommend broadcasting SSID.
Just because you can disable SSID broadcast does not mean you should - security by obscurity is not secure. It’s trivially easy to find all SSIDs, broadcast or not, and the 802.11 specs require SSID broadcast. I have no idea when the spec was perverted, but the intent is misguided. Also, the 802.11i spec for WPA2 encryption calls for not communicating at all with an AP that doesn’t broadcast its SSID.
While I’m thinking of it, the old idea of MAC filtering is another fairly worthless idea as MACs are easily spoofed.
If broadcasting your SSID make you happy? Then go ahead. You can also write a book and name it “Disabling SSID for dummies”, but that won’t make your network more secured.
Other than hiding my SSID, I am limiting the range to just 5 meters, channel with is a quarter of 5 mhz and TX Power is 5 dBm.
What I am doing is applying a concept from the Payment Card Industry Data Security Standard (PCI DSS) VikingCloud - Cybersecurity Intelligence
Basically, PCI doesn’t require that you will be 100% secured because that level of security simply doesn’t exists - The requirements are that you take all reasonable precautions concerning to the security
If you believe that by broadcasting your SSID, you are taking all the reasonable steps. Then go for it. But don’t say that on any job interview for an IT related position because you won’t be hired.
Keep waiting until Microsoft and Cisco call you to explain you how to maintain your home network secured because Bill Gates may never call you.
Enabling or disabling SSID broadcasting is there for you to turn it on or off whenever you want but disabling SSID exists because many companies including Cisco, D-Link, dd-wrt etc with their legions of experienced programmers designed it - if you don’t think that it is there for a reason and the rest of the world is stupid for inventing a router that is capable to Enabe or disabe SSID broadcasting, then I feel sorry for you.
El socialismo, es la filosofía del fracaso, el credo a la ignorancia, la prédica a la envidia. Su virtud inherente es la distribución igualitaria de la miseria
Seriously, if you read the history of the most famous hackers in the world, you will learn that it is not a rocket science. Hacking is about finding opportunities - less opportunities, it becomes more difficult for unauthorized access
No matter what you do, there will be a backdoor or an opportunity for a hacker to get in, so your goal is not make it totally secured but just difficult enough to discourage “opportunity seekers”
I am not going to tell you where I work and what is my title, just that I have been in the Information Technology industry for the last 20 years and if a person mentions a single word about “Broadcasting SSID for dummies” on a job interview, I will not hire that person. So, if you ever want an IT related job that pays 100k or more. Don’t say a word about “Broadcasting SSID for dummies” because you won’t get hired
On routers designed for home users, Broadcasting SSID, is a silly approach to wireless security - don’t get confused with commercial routers designated for providing internet connection on hotels, airports etc because those Cisco routers can cost the market value of your neighborhood and are maintained by an army of high qualified and well paid engineers
Many old hackers contributed to today’s security after serving some time in prison, I don’t want to name anyone in particular but few of the most famous ones, contributed to develop most of the security strategies that we have today, so if you see a button in there that says “Disable SSID Broadcasting” - respect that technology that is available to people thanks to the effort of many many high qualified people and don’t try to disqualify things that you don’t even know how they work
I don’t know you so I can’t grade your skills but your concept of “Broadcasting SSID” is not an idea from someone who knows about network security
What say you to the fact that computers associated with a hidden SSID then constantly broadcast that SSID whenever they’re looking for a network? So you’ve “hidden” your network from the neighbors, but announcing it wherever you bring your laptop?
Since this is GQ; I thought I’d provide some actual quotes from a reputable source (Cisco):
And as such, it’s a futile move. You shouldn’t be trying to conceal your wireless network (you can’t, anyway, even if you do disable SSID broadcast), you should be locking them out with strong encryption.
This debate is silly. On consumer equipment disable WPS first, then quibble about SSID broadcast. Why debate the pinhole when there is an open door next to it?
[QUOTE=Traducao]
What I am doing is applying a concept from the Payment Card Industry Data Security Standard (PCI DSS) Cybersecurity Insights Blog | VikingCloud
Basically, PCI doesn’t require that you will be 100% secured because that level of security simply doesn’t exists - The requirements are that you take all reasonable precautions concerning to the security
If you believe that by broadcasting your SSID, you are taking all the reasonable steps. Then go for it. But don’t say that on any job interview for an IT related position because you won’t be hired.
[/QUOTE]
First off, the pass mark for PCI DSS compliance is 100% - your CDE must be 100% compliant. There is no “almost” here.
Not broadcasting SSID was a mistake in PCI DSS 1.1, and this has been corrected in 1.2 and beyond. If you honestly think you’re applying a concept from PCI, I suggest you obtain the current version and stop mis-interpreting the obsolete version. Perhaps you’re confusing the recommendation to not put your business name, an obvious function or address in the SSID? (e.g.: don’t use MyBookStore or POS_Terminals)
Good luck on that attempt to restrict power - again, that’s an attempt at security by obscurity. All you’re really doing there is making it harder for your users to maintain a connection.
I wouldn’t want to work for an ostrich. Please get your head out of the sand and learn the current industry best practices and standards.
There’s nothing wrong with security by obscurity (anyone wishing to argue must give me their credit care number, expiration date, and the code on the back. No? Isn’t that security by obscurity?), as long as it’s not your only method of security.
“No Security by Obscurity” is a phrase that’s parroted by people who don’t follow the rule themselves. I await your credit card information to prove me wrong.
I’m not making sense of this post. The three pieces of credit card info (plus the cardholder’s name) are the sum total of information required to use the card in many settings. In this analogy, the SSID is merely the cardholder’s name. Set WPA2 with a strong password and you have security good enough to prevent anything but a serious attack. Being concerned with whether your SSID is showing is like worrying about people knowing your name, rather than worrying about if they know your account details.
<slight hijack>
After reading this last night attempting to understand all of this, I opened my copy of Inssider just to see who in the neighborhood is running a wireless network. In the past I’ve found perhaps four or five wireless networks on my suburban street. It was double the number last night. Ok, no big deal. So a number of empty house are now rented.
But I did find one wireless network that had no SSID listed. I can see every field but the SSID field is empty. The network is listed as secured.
One last thing. I opened a different wifi scanner (name escapes me at the moment) and it returned the same results for that network, no SSID listed.
Anyone care to explain this? I’ve never seen this before.
</slight hijack>
But if I hide my SSID, I won’t be able to tell my neighbors how annoying their dog, lawnmower, arguing is
www.lifehacker.com.au…clever-ssids-that-scare-off-leeches-or-send-a-message/