Hacker News new | ask | show | jobs
by na85 4224 days ago
>What am I missing?

Encryption. Your neighbours hopefully have protected their wifi with a password. This prevents casual snooping but of course can't really keep out a dedicated attacker. There are automated tools to break WPA encryption.

Additionally, if your neighbours are browsing using SSL/TLS then you theoretically cannot eavesdrop on those sessions.
2 comments
stinos 4224 days ago
Are you saying if the neighbours use an encrypted connection it makes it impossible to just look at packets and see for which host they are or where they are coming from - i.e. the XKCD example as given doesn't work then anymore?
link
nisa 4224 days ago
If they use WPA/WPA2 the WiFi signal is encrypted so can't see anything without the key. You can make assumptions about the traffic volume and the involved machines but the data is insivisible.

If you are able to get the key or they use no encryption or WEP you can look at the packets and get metadata for SSL sessions and all unencrypted traffic.

link
ptaffs 4223 days ago
agree and adding: i recently learned the Key is different to the password to associate, ie you must capture the session key exchange when each client device joins the network, it's not just enough to know the network's passphrase. If you know the passphrase and capture the key exchange, then you can decrypt traffic. My local coffee spot runs a public/guest WPA network, even though we all know the passphrase, even plain text traffic is moderately secure. I guess forcing a key-exchange is possible, but just sharing what i recently learned. I think it's called EAPOL. https://en.wikipedia.org/wiki/EAPOL
link
stinos 4224 days ago
the data is insivisible

And that includes source/destination IP? Didn't know that..

link
icebraining 4223 days ago
Yes, sure. All they can see is the AP you're talking to; everything "above" is encrypted.
link
nodata 4223 days ago
You'd see their dns lookups.
link
Kiro 4223 days ago
So basically I can see if my neighbours are surfing on porn sites regardless of WPA or SSL/TLS?
link
chopin 4223 days ago
If you break their WPA, then yes, you can see which servers they connect to. For your purpose that possibly would be enough to know.
link
icebraining 4223 days ago
Regardless of WPA, no. Regardless of SSL/TLS, yes.
link
noselasd 4223 days ago
If the WiFi uses encryption, DNS is encrypted too.
link
nodata 4223 days ago
Yeah but without wifi encryption, and with SSL you can still snoop on DNS traffic.
link