Wifi is so commonly used, it needs to be secure in its basic defaul tuse.
Enterprise Wi-Fi: We Need Devices That Are Secure by Default
By Alberto Bartoli, Eric Medvet, Andrea De Lorenzo, Fabiano Tarlao , Communications of the ACM, May 2019, Vol. 62 No. 5, Pages 33-35
10.1145/3319912
Would you trust security technology that makes it possible (that is, quite likely) to steal the single sign-on enterprise credentials of any specific person in your enterprise by merely walking within 30 meters from that person? The attacker does not need to do any visible activity that might raise suspicions: a 50-euros device in a bag and a few seconds of physical proximity is all that is needed. Active cooperation of the target is not required and Internet connectivity is not required either. Thus, the attack may occur anywhere and the target would not notice anything. The attacker could steal the single sign-on credentials of a large fraction of people of your enterprise that happen to pass within 30 meters from the attacker. Perhaps at the office lunchroom, near a mass-transportation hub, or anywhere outside of the enterprise. .... (Abstract)
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment