this post was submitted on 27 Aug 2024
39 points (97.6% liked)
Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ
54609 readers
436 users here now
⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.
Rules • Full Version
1. Posts must be related to the discussion of digital piracy
2. Don't request invites, trade, sell, or self-promote
3. Don't request or link to specific pirated titles, including DMs
4. Don't submit low-quality posts, be entitled, or harass others
Loot, Pillage, & Plunder
📜 c/Piracy Wiki (Community Edition):
💰 Please help cover server costs.
Ko-fi | Liberapay |
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I have no idea what this client separation is.
As far as I know there isn't really any client separation on wifi. It's a shared medium.
At least I don't see anything preventing you from reading someone else traffic. So anything unencrypted on a wifi is also accessible to any other clients.
I had tools more than 10 years ago that could automatically hijack session cookies on wifi for anybody connected and not using https.
no worries.
the net effect of client separation is that your device sees no other layer 2 devices on the wlan besides the gateway. this would typically be enforced at the frame level by the APs and is separate from any radio privacy cryptography.
a properly configured wireless setup would assume every client is compromised and would also disallow local client-client via source routing or proxy ARP or any other escape options. 100% secure? probably not, but its a non trivial barrier that would have to be circumvented.
as with e.g. broken WEP years ago, there are still options to mess with clients at ~Layer 1 but I dont believe its currently as trivial as it used to be.
Do you have any documentation on how this work ? Is there a name to this special protocol? Is it a recent addition to the wifi standard ?
Again a wifi AP doesn't send data to a specific client. So how does an AP can enforce that one client can't read a frame for someone else that is properly authenticated? How would an AP prevent someone spoofing mac addresses from receiving that data ?
I'm really confused by this feature I never heard of even when I was playing with aircrack and so on. Yes sometimes your mac address can get filtered but even that is not really difficult to avoid.
Sorry I have so many questions but I honestly did quite some "tinkering" with wifi years ago and none of this sounds familiar.
Client seperation is implemented by the AP. There's lots of info, it's called client isolation normally. check this out