(Replying to PARENT post)
This neatly solves both the problem with local eavesdroppers, and much of the problem where an ISP or law-enforcement fingers you, the billing contact, for the activity of third parties. Their traffic emerges at the other end of the VPN tunnel โ somebody else's problem.
And, it doesn't require any new local crypto protocols โ just mundane destination/port filtering.
(Replying to PARENT post)
(Replying to PARENT post)
What's my recourse? Not sure I have any.
(Replying to PARENT post)
(Replying to PARENT post)
It doesn't always work quite as well as you might hope - connecting can be a bit of a pain sometimes - but it's a great idea. They've provided a real incentive for people to share their bandwidth.
(Replying to PARENT post)
The goal is not to prevent someone some getting on the network but rather to keep all clients separated. Is that possible using existing devices/protocols?
(Replying to PARENT post)
However, the main security concern with open WiFi networks is that everybody can use them to do anything on the web. The person who runs the hotspot is responsible for the traffic that comes from this hotspot. If someone is using your internet connection to do anything illegal such as downloading child porn or something like that, there's no way to trace that back to the person who uses your WiFi.
The real issue is not about encryption, it is about identifying the users of a WiFi such that it holds strong in court if there are claims and one wants to prove his innocence. And I personally can't think of a secure out-of-the-box and easy-to-use solution that offers exactly that: protection from actions/attacks performed by others in your name over your WiFi without making them register and somehow prove their identity.
(Replying to PARENT post)
There is currently no WiFi protocol that allows anybody to join the network, while using link-layer encryption to prevent each network member from eavesdropping on the others. But such a protocol should exist.
It boggled my mind, repeatedly, when I discovered that non-password-protected wireless networks don't generate a unique encryption key for each connection. Boggle, I say. Sure, public key cryptography used to be too computationally expensive, but not any more. And even if it were, Diffie-Hellman has been around for quite a while, go ahead and use symmetric keys.
What the hell is wrong with our standards groups? And hardware manufacturers? There are trivial solutions to this, why haven't they pushed them?