Monday, July 23, 2018

Finally! Open WIFI encryption is coming.

I have been waiting for a very long time for a wifi standard that allows encryption across an "open wifi" connection.  Normally when you connect to an Open SSID there is no authentication or encryption.  This means any data that is transmitted in the clear is readable by anyone in the area.  This is less of a problem in todays world of HTTPS but it is still enough of a concern that I hate using open wifi anywhere without a VPN.  I also shy away from setting up any clients with open wifi for their customers and instead suggest that they have a wifi code posted.  Well we are finally getting "open wifi" with encryption!  WPA3 includes a new feature called Opportunistic Wireless Encryption (OWE).  I won't bother trying to explain it, because I'm not qualified, but I have linked a video below.  In short it allows encryption without authentication.  So you can offer a wifi signal that anyone can join and still offer the security of encryption in the air.  Please note that because there is no authentication there is also no guarantee that what you are connecting to is actually the ssid you think it is.  Hopefully we can see some verification like SSL uses in the future.  Maybe letsencrypt can help us out there with free certs??