Hacker News new | ask | show | jobs
by gipsies 4111 days ago
> No offense, but it doesn't sound like you know fully what you're talking about.

About that ...

MAC addresses are not checked unless you use an extra tool for this. For example, a large institution (university, company, etc) can have many access points, each with a unique MAC address. However the SSID is unique among all Access Points. Your device will only check the SSID, try to connect (using mutual authentication), but no MAC address checks take place. You don't need to know or use the MAC address of the target network to clone it. You can just use any MAC address you want, that is if you know the password of it, or are cloning an unprotected network.
2 comments
danudey 4111 days ago
> the SSID is unique among all Access Points

I believe this would be more clearly understood as 'the SSID is identical across all access points'.

link
vlan0 4111 days ago
This could also be stated in more fundamental terms as 'the SSID is identical across all BSSIDs of an ESS'.
link
d23 4111 days ago
Yeah, I wish I could edit my post, but I believe I was wrong about the MAC address needing to be the same. The major point is that the network needs to be unsecured and/or you already know the password. At that point, creating your own faux base station doesn't make a lot of sense when you can just sniff the packets on the wire or do arp poisoning to route traffic through you (if you want to modify traffic in real time, which is what I'm assuming he was referring to when talking about the SSL stuff).

Either way, Wi-Fi security certainly != "a misnomer."

link