On Sat, 2008-04-19 at 15:09 +0200, Johannes Berg wrote: > > > Does anybody actually *want* that? I personally dislike the behaviour > > > of scanning for all previously known SSIDs actively when hidden SSIDs > > > are so uncommon, I see it as an information disclosure vulnerability. > > > > I can't speak for what others may want, but the Payment Card Industry > > security guidelines include not broadcasting the SSID as one of their > > requirements, if that is what you mean by "hidden SSIDs." > > So how would you feel if I told you that, after you have once used that > hiddent network, your laptop will be broadcasting the SSID in probe > requests every time it scans, no matter where you are, even if you've > moved across the continent? Unfortuately, I keep getting way too many reports about hidden SSIDs still. I don't feel like it's something we can start ignoring (yet). Maybe in a few years, but we've still got to handle this for the forseeable future. Dan -- To unsubscribe from this list: send the line "unsubscribe linux-wireless" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
