[cjbprime]

I expect they could, yes; WPA2 doesn't offer forward secrecy.

But WPA2 never offered much anyway. If you're on mall wifi, you can already see unencrypted traffic for everyone else, because the client keys are derivable from the shared passphrase (which presumably everyone at the mall has been told) and overhearing the four-way handshake when someone joins. And! You can even fake a disconnect message that forces the four-way handshake to happen again, if you weren't around when the client originally joined.

All of which is to say, WPA2 in passphrase (PSK) mode never actually provided meaningful encryption against other people on the network. :( Someone forgot to tell the protocol designers that Diffie-Hellman exists. Using Diffie-Hellman would achieve both removing the exploit where you observe the four-way handshake, and providing for forward secrecy too.

[mysterypie]

> * If you're on mall wifi, you can already see unencrypted traffic for everyone else*

Without contradicting your observation, I want to mention that virtually anything important you do on the Internet these days--from online banking to Google searches to reading Hacker News--is protected by a second independent layer of encryption: HTTPS. I'm not excusing the WPA2 flaws, but I do think that your bank info, web searches, and Hacker News comments are secure even at the mall.

If someone can offer a credible explanation of why online banking or other HTTPS activity is insecure on public wifi, I'd like to hear it please.

[kakarot]

If you don't have extensions that force HTTPS on all content, you could, for example, get served a malicious image file.

from the article:

> they won’t be able to pretend to be a secure site like your bank on the wifi, but they can definitely pretend to be non-secure resources

[cjbprime]

You're right, though you're being a little rose-tinted about the situation. I think amazon.com shopping turned on redirects from HTTP to HTTPS last year sometime -- before that they would even redirect from HTTPS to HTTP. That means that until last year, in most instances, your coworkers or your fellow coffee shop customers could see which items you were considering buying online on Amazon. That's really, really bad!

Also, HTTPS doesn't protect domain names. If you're making TLS connections to (e.g.) a porn site over WiFi, the other people sharing your connection don't need to decrypt your traffic to know what you're doing.