Quote:Your mixing everything up.  Being "on the network" means you have the correct security key, which means your password can be validated and you can decrypt the data correctly.   It's the same thing.   On a secure network, the data is encrypted.  Every packet.  THAT IS THE WHOLE POINT OF IT.

 

You could decrypt the data with any security key but unless you have the right one, the output is just garbage.  The key is a hash of a password string.  Getting "on the network" is just validating that you have the correct key and can decrypt the data correctly. This is done by comparing the hash of the entered password string plus an arbitrary string with a stored key that was generated with the actual password and an arbitrary string.  I'm not even pretending to be some kind of expert on encryption, but this is the  most basic explanation of how encryption ususally seems to work.  

 

The stuff about FTP is irrelevant.  That's like saying a wired ethernet connection is not secure if a hacker is plugged into your switch.

 

Which leads me back to yet another statement of you saying cracking the password is easy.  How is it easy?  The only way it's easy (as far as I know) is if the password itself is stupid, or if you use a bad encryption scheme.  But you didn't even mention anything about password strength or type of encryption, so i'm assuming you're saying ANY wifi password is easy to crack.  If that is so, please educate us so we can protect ourselves, instead of just saying don't use WIFI because it's unsafe for reasons you can't disclose.  You should also contact all the million businesses worldwide who are perfectly fine with using WIFI.

 

As far as the WIFI at starbucks being safe.  It sorta is.  I may be even more paranoid that I should be by avoiding doing banking or purchases there.  That stuff is always encrypted through https. Anything a legit website thinks is sensitive information goes through https.  So even that is encrypted.

 

But seriously, why even hack these people.  All their information is on facebook anyway.   :thumbsup:

 

LOL, I think you and I are thinking about two different things.  Let me see if I can clear it up.

 

First of all, encryption is about securing data such as a file, a hard drive (the files stored on it), a password or the means of transmission.

 

It's also important to understand that a Wifi access point does send data to a hardwired modem at some point, and yes, that is somewhat "encrypted".  It's all about gaining access to the network.  Someone hacking a computer via Wifi isn't intercepting the radio transmission going over the air, they are intercepting the traffic that is on the network (which eventually goes to a wired connection somewhere).

 

An average home network with Wifi is not a "secure" or "encrypted" network.  The same can be said regarding public Wifi "hot spots".  The only "security" or "encryption" involved is being able to gain access to the network.  While yes, the radio transmission from your laptop to your wireless router/modem is encrypted, but once it reaches the network it is not (in most cases).  Think of it this way, your wireless connection to the router/modem is the same thing as plugging a cable into the same router/modem.  All network traffic flows through that router/modem.

 

Most wireless modems are protected using a certain scheme, usually either WEP or WPA/WPA2.  Anyone that uses WEP opens themselves up more so than if they use WPA/WPA2.  You do bring up a good point regarding password strength.  A vast majority of computer users choose weak passwords out of "convenience".  You also bring up another very important point regarding social media.  It's far too easy to find out information about a target by looking at facebook, instagram, linkedin, etc..  I would bet that most users on this very message board have passwords related to family, pets, hobbies or important dates in their lives.  All of this information can be found online pretty easily.

 

I would suggest if you really want to learn more, download Kali.  The tools are all right there for anyone wishing to learn about this kind of thing.  Cracking a Wifi password is pretty easy and once you do that, then any computer or appliance connected to said network is right in front of you.

 

As far as the millions of businesses worldwide who use Wifi, they are not immune to getting hacked.  It's not the Wifi that does it, it's all about getting into their network.

 

Yes people need to protect themselves, but the danger is not that someone is going to steal from them directly.  What a hacker uses people's machines for is to do other things such as mining bitcoins or making them part of a DDoS attack.  Identity theft doesn't happen because a person broke into your computer.  It happens because they broke into a network that you happen to do business with.

---