[ProllyInfamous]

>Unlike previous Wi-Fi attacks, AirSnitch exploits core features in Layers 1 and 2 and the failure to bind and synchronize a client across these and higher layers, other nodes, and other network names such as SSIDs (Service Set Identifiers). This cross-layer identity desynchronization is the key driver of AirSnitch attacks.

>The most powerful such attack is a full, bidirectional machine-in-the-middle (MitM) attack, meaning the attacker can view and modify data before it makes its way to the intended recipient. The attacker can be on the same SSID, a separate one, or even a separate network segment tied to the same AP. It works against small Wi-Fi networks in both homes and offices and large networks in enterprises.

----

I wardrove back in the early 2000s (¡WEP lol!). Spent a few years working in data centers. Now, reasonably paranoid. My personal network does not implement WiFi; my phone is an outgoing landline; tape across laptop cameras, disconnected antenna; stopped using email many years ago...

Technology is so fascinating, but who can secure themselves from all the vulnerabilities that radio EMF presents? Just give me copper/fiber networks, plz.

----

>the next step is to put [AirSnitch] into historical context and assess how big a threat it poses in the real world. In some respects, it resembles the 2007 PTW attack ... that completely and immediately broke WEP, leaving Wi-Fi users everywhere with no means to protect themselves against nearby adversaries. For now, client isolation is similarly defeated—almost completely and overnight—with no immediate remedy available.

[JKCalhoun]

You would like the film The Conversation (1974).

[dizhn]

Enemy of the State is a pretty good light weight successor of that movie as well. It's such a fun watch too. (RIP Gene Hackman)

[ProllyInfamous]

I just finished re-watching EotS — really advanced tech portrayal for a late-90s film.

Quote (from movie): "just think, all this technology is already twenty years old..."

Much better than The Conversation, but the links were uncanny (including Hackman's line: "yeah this has been my office where I do things for a long time*" — and it's the same set[up]).

EotS honestly has the best death finale scene I've ever seen (not being hyperbolic, the best). Don't want to spoil it }:D ------>

[dizhn]

I love a few scenes. My favorite is the mob restaurant scene with the "tape" business. The whole thing is great.

However in terms of tech, there's the scene where they have CCTV footage from the lingerie store where the top dog wants the operator to see the other side of the package and asks if it's possible. The answer is not the typical CSI "zoom in .. there!" but goes like "the computer can take us to the other side?" , "it can hypothesize". Still not exactly super accurate in terms of possibility but I think AI nowadays would actually do precisely that, hypothesize and show you something.

[ProllyInfamous]

>the mob restaurant scene

Best sudden-shootout scene in any movie ever, IMHO.

>hypotehsizing

LLMs can definitely hypothesize. I'm about a third of the way into Cormac McCarthy's major works, and he definitely makes several interesting arguments on what he considers [enough] for consciousness [to exist]. His short essay on Benzene's discovery [0] is quite interesting (about languageless communication) if you can entertain œtherial out of body influence(s)...

[0] The Kukule Problem

[ProllyInfamous]

For a second I thought this was the Mel Gibson movie where he proves a Conspiracy Theory (1997)... but Gene Hackman, post-Watergate — with an ensemble cast of eavesdroppers?! — tonight's movie, decided.

Thank you for your recommendation - it be crazy up in here (head, country, world).

[teachrdan]

One fan theory is that Gene Hackman plays the same character, decades later, in Enemy of the State (1998).

[ProllyInfamous]

I'll have to rewatch EofState, after tonights Conversation.

Fan theories are the only way I ever finished DFWallace's trifecta (2000 pages of gruelling chaos). Thank god for fans.

[jasomill]

Directed by Francis Ford Coppola, Palme d'Or at Cannes, three Oscar nominations including Best Picture (which, amusingly, it lost to The Godfather Part II).

Great movie.

[ProllyInfamous]

In all fairness, Part II is absolutely incredible storytelling.

Are you suggesting The Conversation is even better?! So excited for tonight's showtime — I'll make an updated reply here, tomorrow morning (with my viewreport).

[JKCalhoun]

I think they were simply musing as to how one Coppola film lost to another.

[ProllyInfamous]

[headsmack] gotcha, of course...

----

Just finished The Conversation (Godfather II rightly won best film); although it features a neat plot twist, I cannot imagine this film being re-watchable.

Gene Hackman definitely acts his paranoid heart out, but his relationships with other characters are stuffy/forced. Too much dead air whenever he gets frustrated, almost as if there wasn't time to reshoot any scenes.

The cinematography/editing is fine, but the sound quality is terrible (presume it only won best soundtrack due to new sound warping/garbling techniques — to a modern listener, it's also sort of a cheap schtick). Particularly with female speakers, subtitles are necessary; but then certain dramatic points are wayyyy too loud.

----

Thanks again for the rec — actually makes me less paranoid about the modern world... just gonna play some sax uncaringly =P

[rsync]

… also starring Harrison ford…

[ProllyInfamous]

I'm watching this right now... Ford is ssoo yyoouunngg!

It also has Frodo from Godfather.

[drnick1]

It is hard to disagree with this approach. While I still use WiFi, it is a separate subnet and only whitelisted MACs are allowed to use it. Cameras and microphones are always unplugged when not in use, and my phone runs GrapheneOS. I also removed the hands-free microphone in my car, as well as the cellular modem.

[kayson]

Is MAC whitelisting anything but security theater? Isn't it trivial to determine a valid client MAC then spoof it?

[drnick1]

What makes you say that? It does not seem trivial at all to guess a valid MAC.

[ProllyInfamous]

It's not just a guess.

Any decent sniffer (e.g. airsnort) can immediately identify all associations between all WiFi/Bluetooth devices. DD-WRT (router firmware/OS) has this WiFi-associations detector built-in ("local WiFi map"). There is no need to attempt any sort of hack — associations are publicly-broadcast information.

Then, just pick any authorized MAC and duplicate as your own.

[tirant]

The MAC addresses of all the Wi-Fi clients are broadcasted in plain radio format all over the 2.4GHz. It is trivial.

[0x457]

It's in managmenet frames that you can sniff.

[ipython]

Does wpa3 pmf fix this particular issue?

[ProllyInfamous]

This isn't considered "broken" — it's part of how WiFi works/associates.