[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Comcast storing WiFi passwords in cleartext?

On Wed, 24 Apr 2019 17:04:22 -0700, William Herrin said:

> I take no position on what risk the comcast wifi passwords issue carries.
> I'm posting only to point out that an absolutist model which says, "stuff
> of type X must always be encrypted," is probably not well tuned to the
> customer's actual security needs.

I'm willing to bet that for a significant percentage of people who do at least
some of their work at home, but aren't router-savvy, the risks of a borked
router preventing them from working from home are a bigger issue than the
relatively low risk of a database compromise leading to a miscreant getting
hold of their wireless password and using their access point as free wifi.

Security decisions that are "obvious" when only security-minded and technically
clued people are involved become a lot less obvious when 95% of the people
involved are named Joe Q. Sixpack.