Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Aren’t they still just encrypted against the password itself? So if it is a public place like a coffee shop with a known password, anyone can decrypt the data?


No, the password just allows key exchange to start. Every client has its own session key.


It appears that in practice this isn't implemented well and there are tools like Wireshark that let you intercept data from other users on WPA.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: