If we should encrypt the message rather than the method of transfer, why do we care about wifi security? Is this just security theatre?

Question

Most answers to this question about the security of satellite internet boil down to: encrypting the message is more important than encrypting the method of transfer.

However, there seems to be a lot of focus on wi-fi security.

For what threat models is wi-fi security important, and for what threat models is it just security theatre?

1. Preventing others from using my wi-fi? This could probably be done (more securely?) by explicitly authorising each device on the router. Back in the day (early 2000s), I had to tell my university the MAC address for each device I wanted to use the internet with, although this was for wired internet (there was no campus-wide wifi yet).
2. Preventing others from sniffing on my wi-fi? But we should rather encrypt on a higher layer (such as HTTPS)?
3. Are there other relevant threat models here?

Answer 1

Network encryption protects against different set of threats than application layer encryption like TLS.

In particular, network encryption like Wifi encryption are primarily designed to protect from a local attacker from being able to watch network patterns (by recording who you're making connections with, and discovering what devices are on the local network), observing/tampering of low level messages like ARP/DNS, and protecting network broadcasts from devices that aren't supposed to be in the network, and from tampering or selective interference.

TLS doesn't protect the low level TCP/IP packets, which leaks information like the IP address of the machine you're connecting with, and the TLS handshake also by design leaks a number of information about the connection like Server Name Indication (SNI) header.

The side effect of needing to do all this is that Wifi hardware already need to have enough code and processing power to handle encryption, so it becomes easier to just encrypt all wifi packets rather than selectively figuring out what needs protection or not. This come also with the side benefit that unsecured HTTP connection will still be at least marginally protected, even if at least to protect users of the infrastructure from each other, but not from the infrastructure provider.

Network encryption is designed to protect the network, not the service. Application encryption is designed to protect the connection to the service, but it doesn't protect the network. They complement each other, but neither completely makes the other unnecessary.

Answer 2

Why do we not just authorize each end device?

We do. Well, somewhat. The traditional Pre-Shared Key (PSK) model authenticates devices by them having access to the PSK. This is not the only way to do things, and your question mentions MAC addresses. This is generally insecure, since wireless devices necessarily broadcast their MAC address with every packet they send. MAC addresses are also mutable, meaning that an attacker can simply clone the MAC address of an authorized device to circumvent MAC-based filters.

The better approach is client certificates, which is done for WPA2-Enterprise security. It is a much better approach security-wise, but the downside is that each device has to support it. Many consumer-grade appliances (and indeed even some lower-end business appliances) don't support WPA2-Enterprise (e.g. your Nintendo Switch, your wireless printer, etc.).

Why do we encrypt on a lower layer if we could encrypt in a higher layer?

What makes you think that higher layers are somehow preferable? Encrypting in lower layers means that even protocols that are not encrypted will still be "somewhat" safe when used in a wireless network. Encrypting in a higher layer requires each and every application to handle encryption on their own.

Furthermore, encrypting data twice doesn't reduce the amount of security, and encryption has become so optimized that the performance impact is negligible for all but the lowest-end devices (think IoT, etc.).

Isn't this all Security Theater?

"Security Theater" is the practice of investing in countermeasures intended to provide the feeling of improved security while doing little or nothing to achieve it.

A prime example is the TSA. Many measures they put in place can be circumvented, or are just borderline ridiculous, such as patting down young children, infants, or elderly. There are more, and in fact Wikipedia has a nice list of some more heavily criticized points.

If you've been to a larger airport recently, you will certainly have vivid memories of people standing in line, waiting to be pat down and to be told ridiculous reasons as to why their belt could be used to strangle the pilot or something akin to it. All of this is a cost to the populace, to the actual users of the airport. None of this particularly adds a cost to an attacker, as they could circumvent these measures with relative ease.

Now that we have defined Security Theater, think about wireless encryption for a moment. You have to type in a randomly generated key once, which will take somewhere between 30 and 60 seconds, depending on how long the key is and how fast you can type. The benefit is that an attacker would have to capture a handshake and then spend some time between 30 seconds to 10^30 times the lifespan of the universe to crack the key. That certainly is a substantial security benefit, and is therefore not Security Theater.

Answer 3

In addition to the greats answers already posted, I would add that having people on your WiFi is not only a threat to the confidentiality of your exchanges.

It is also a threat to your endpoints, since the attacker can now access all sorts of devices that would be otherwise not exposed from the outside (IoT, printers, computers themselves, NAS, servers and so on). Any vulnerability on those endpoints would end up in a breach, and then lateral movement gets you in trouble.

So you want people out of your network:

1. To avoid sniffing - but you are correct in saying that using VPN or similar would get you secure from that threat
2. And also to avoid plain & direct attacks on things that would be otherwise inaccessible from the outside!

Answer 4

Wifi security has been around for a lot longer than it was standard for every website to use https. Go back 5 or so years and a very large chunk of the internet was unencrypted. Wifi security was providing a very real and large benefit in this time which is why the advice of not using cafe wifi for sensitive uses was and is such a prevalent piece of advice.

Even now there are still a bunch of protocols like dns which are unencrypted unless you have an application which has recently switched to DNS over HTTPS. This data is currently being protected by the security on your wifi network.

Back in the day (early 2000s), I had to tell my university the MAC address for each device I wanted to use the internet with.

This is about as secure as using name tags to authenticate users. Your MAC address is publicly broadcast and users can change their mac address to whatever they want so all an attacker has to do is listen for wifi traffic and copy the mac address of a legitimate user.

Answer 5

If you've got physical access to a network, you can make it completely unusable. This is especially a problem for wireless networks, because you have no way of limiting the physical access; it's also becoming a bit of a problem in modern "private cloud" hosting - you only need to compromise one machine to compromise the whole network.

The simplest method would be ARP flooding or spoofing. Just keep sending ARP requests, and wrong responses to ARP requests. A single machine can make the entire network unusable, using the very low-level protocols with essentially no protection. The only way to avoid this is to handle it on an even lower level - the (particular) Wi-fi protocol itself. ARP spoofing in particular is especially fun, since it's kind of hard to clear the ARP cache, and since many Wi-fi routers only allow configuration through the network, it may be tricky to fix the access.

That said, I'm not aware of any case where this was actually used in a real DOS attack on a Wi-fi network. It's more the thing you'd do to an annoying neighbour than a serious attack.

Answer 6

Ugh... There are soooooooo many edges, and the problem is that while you must get 500 things right to be [more or less] safe, you only need to get one wrong, and be unsafe. I daresay it is even impossible to list all things to be aware of.
Certainly, there are some things that are more important to Joe Average than others, but none of them is true "security theater", and you cannot really say that there are things that don't matter.

Most network protocols are just plaintext, but some do encryption (a satellite link or 4G/5G would be examples). This prevents a random loser from performing the most basic sniffing attacks, but it is somewhat limited and it only works between two nodes (e.g. your "internet box" (fiber modem/cable/DSL router, whatever) and the provider's satellite, base station, DSLAM, or "whatever box"). It however does provide a little, actually not-so-bad layer of "fallback" security in case you don't get the next paragraph right.

Why am I saying actually-not-so-bad? Well because although we conservatively think in terms of "the whole internet and everybody on it is malicious", in reality that isn't so much the case. Reading/intercepting your traffic at ISP or IPX level is something that the average criminal, and even the seriously experienced criminal are normally utterly unable to do, and it's something that "doesn't happen". _{(Yes, I am aware of governmental organizations which do this thing systematically and routinely on a large scale, but that is beyond the point. I'm talking about criminal criminals, not legal criminals.)}
Unluckily, sniffing and tampering messages is by far not all one can do.

TLS ("https://" or "green browser button thingie") is the one basic defense that prevents someone else who is not inside or near your house (possibly thousands of kilometers away) from reading your communications, intercepting/redirecting them, and changing their contents. This is an end-to-end encryption (and authentication), and it is the most important thing for Joe Average. Why? Well because it prevents me from reading your stuff, and from deceiving you into believing that I am your bank and telling me your password along with transaction numbers (which I'll use to steal your money). Your secrets remain secret, and I cannot pretend being you.

Again, we see that there's more than one side on the coin. Encryption is nice, but alone by itself it isn't sufficient.

Authentication should be considered just-as-important, and in some cases maybe even more important. Because, well, as long as both sides can verify that exchanged data (say, a bank order) is indeed authentic, it sure is "annoying" if someone can read it, but nowhere near as troublesome as if a criminal was able to pretend being you and doing transfers in your name!

Note that authentication only works reliably (barring the possibility of someone subverting the certificate chain) if you actually read what's displayed in that badge, too. Everybody can enable TLS on their server, and everybody get a certificate and show a green banner. That, by itself, doesn't mean much.

While I personally disagree on the common "encrypt everything!" ideology^[2], for anything that matters, i.e. anything where personal data or passwords, or non-trivial transactions are involved, TLS is a must-have-no-choice measure if a continuous, happy life is on your to-do list, and for most people the first, most important thing. But it's nowhere near the only consideration, or the only important one.

Actually, sometimes TLS is not end-to-end because sometimes you have root certificates installed on your computer (often the case with "enterprise" equipment, and happens with schools) so there exists a group of people who can, with arguably legitimate (cough) interest read, and modify, your traffic. No, you will not even notice that this happens, you have no way of telling. So, that's one thing to keep in mind and be wary of when e.g. using an enterprise laptop or being asked to install some stuff on your device by your kid's school (or such). Completely, entirely subverting the whole working and purpose of TLS is possible, and being done (usually without users understanding the implications).

Note that TLS also does not truly work as-intended for "everything", at least not in an end-to-end fashion. For example, many e-mail services nowadays optionally support TLS. But while you may think that's just perfect and good enough, it is only end-to-end between you and your mail server. The "real" end is somewhere else!

The message is stored in plaintext on the server, and possibly (likely) transmitted in plaintext to another mail server, and you do not know whether the other person sending/receiving your emails is using TLS (since it's an optional feature).

If you want true end-to-end encryption (which still discloses the fact that you sent something to a particular person), you must use yet something extra, such as PGP/Enigmail/Autocrypt. Which sounds easier than it is because sadly, the available software is all but user-friendly and all but mature, at least if like most people, you use a Windows computer (e.g. no progress after 4 hours when creating a key, or management program throwing assertions every 5 mins). It admittedly works much better under Linux, but unluckily, to many people "Yeah, just use Linux" isn't a valid option.

Wifi security itself has many aspects. For example, you may worry that someone uses your internet and steals a little of your bandwidth. But that is actually only a very insignificant, little thing compared to your provider canceling your contract, or getting a cease-and-desist for stuff tracked back to your IP address (maybe you contributed to a DDoS or work as relay for a botnet?), or police kicking in your door because something highly illegal was hosted on your home network and distributed on the web (think typical "darknet stuff", child porn, weapons, whatever).

It is also a rather small problem compared to the fact that someone using your Wifi is in fact using a "local network" computer. Which, as a very smart default in some operating systems, is given a lot of trust, including the ability to print and share files, or much more relaxed firewall settings in general.

A local computer usually has no trouble completely reconfiguring the router using e.g. uPnP either. Because yeah, it's local, so it's trustworthy, right. And uPnP is great, so we have it enabled. Plug and play is great already, my USB stick and my mouse works that way. This one is even universal, which sounds like it is even better. So let's leave it enabled, it was enabled by factory settings anyway, and Windows even runs a service for it, they know what they're doing!

Apart from being just outright "disturbing", a local computer further (usually) has the ability to access and thus test every device on the network (including computers, but also e.g. printers, television sets, or some refrigerators which, too, are computers) for exploits. This includes some really stupid default passwords like "0000" or "admin". Which, believe it or not, many present-day devices still have per factory setting, and for which probing malware (e.g. Mirai) is readily available. All you need is a foot in the door.

Bah. Humbug. What avail if someone manages to hijack a few IoT devices? It can't do any harm! Well, that may be what you think...

That's why one doesn't leave a Wifi network open. At the very least, if you have no better option, you should set up a significantly long/complicated WPA2 password and completely disable WPA/WEP (which, for a reason I don't understand, are still widely supported, and enabled?). But it doesn't stop there. Wifi (at least the flavor that you are likely to own) is not built for fulltime hardcore network admins, but for end-users, including your 80 year old mom. Which means it has features that make it more mundanely usable, such as "press button here". Which also means, unluckily, it is a lot more vulnerable in general. Some Wifi routers have a "restrict to known devices" setting of sorts, which I deem a reasonably good idea to always enable, except during the 5 seconds when you bring in a new device for the first time. That still doesn't protect against some exploits, but it prevents the most stupid insecure-by-design problems, and there is only so much you can do. At some point, the only thing you can do to increase security is not to have a computer at all.

But it doesn't stop there! And you just thought you were safe.

For example, if your Wifi devices support PMF, you likely want to enable that. Why, what does it do?

Suppose you have a bunch of security cameras connected via Wifi, and I'm a burglar who doesn't like video footage of his breaks. My personality rights, you know. So what do I do? I can dig a hole in the street and cut the power cable (or climb up a pole, depending on where you live). But this is easily noticed, I don't want to be seen, nor do I want neighbours to call in the power outage. I can set up a jammer which brutally kills off the 2.4GHz band. But... everybody in the neighbourhood will notice immediately, and I don't want attention. So what do I do?

I invest $20 in a deauther, which is a credit-card-sized mini-computer that listens for frames on your SS (your "WLAN channel"). It then sends, for every device seen, an "I am going off, please deauthenticate me" message to the Wifi AP tagged with its address. Poof, offline they go, all your nice cameras, and nobody even noticed! Your neighbours won't complain that their WLAN suddenly isn't working, either (in fact, if channels overlap, it might work better). It's just you who has been cut off, cleanly and silently. Turning on PMF prevents that from happening.

Unluckily, not all devices support it at all, and on those that do, you often have to search quite a bit to find the setting (which is, of course, by default disabled).

Coming back to the original question:
In the light that I can (probably) disable your video surveillance, completely, and instantly, without giving away a clue, using $20 worth of equipment. Do you think that one can justify saying "Security measure X is more important than this one."? On the other hand, seeing how I could withdraw all money from your bank account, do you think one can justify saying "This one is more important than Y."? I don't think one could say one or the other. They're both equally important, in different situations.

Do you think it is justifiable to call it "security theater"? I don't think so. One measure is useless without the other, criminals (or "bad people" in general) will just use whatever opportunity they're given.

Only paying attention to every component will give you a reasonable level of protection, as the likelihood that they find an open opportunity is much lower.

And yes, of course even when you do pay attention you're not 100% safe even if you never did anything wrong in your life. Because, hey, you might have a backdoor built in your router without even knowing.

---

^[1] Note that "VPN" is a bit ambiguous as there exist a multitude of VPN providers who sell... uh, I'm not sure what they sell exactly. Actually what they call "VPN" is really more like a proxy. But apparently, you can find people who will pay you for that.

^[2] Really, I don't care if someone can see what I type in Google (them being the actual problem, not the random hacker!), nor do I care if someone could possibly see which particular URL on a server I visited, or what pictures I looked at. Nobody wants to know anyway, nobody cares, and I don't care if they do. Weighing this against the extra power consumption and added delay, plus the immense trouble of setting up a transparent web proxy (which was a total no-brainer 10 years ago!), this is one thing that I really consider "security theater" going totally overboard. But alas, that's just my opinion, and I guess it's the price that you just have to pay.

Answer 7

To provide a contrary point of view, famed cryptographer Bruce Schneier once posted an article discussing why he has an open wifi network. This article generated a large amount of debate (links at the end of that article), with some security professionals supporting, and some opposing. Schneier's main security argument for not encrypting his own wifi is that he wants to use his mobile devices on other wifi networks, but doesn't trust those networks, and hence he has to secure the devices anyway:

"I'm also unmoved by those who say I'm putting my own data at risk, because hackers might park in front of my house, log on to my open network and eavesdrop on my internet traffic or break into my computers. This is true, but my computers are much more at risk when I use them on wireless networks in airports, coffee shops and other public places. If I configure my computer to be secure regardless of the network it's on, then it simply doesn't matter. And if my computer isn't secure on a public network, securing my own network isn't going to reduce my risk very much. Yes, computer security is hard. But if your computers leave your house, you have to solve it anyway. And any solution will apply to your desktop machines as well."

He also has a second argument, which boils down to the inability to prevent the wifi password from inadvertently leaking to third parties once it has been shared:

"people are logging into Wi-Fi networks from their Android phones, and backing up those passwords along with everything else into Google's cloud, that Google is amassing an enormous database of the world's Wi-Fi passwords. And while it's not every Wi-Fi password in the world, it's almost certainly a large percentage of them. Leaving aside Google's intentions regarding this database, it is certainly something that the US government could force Google to turn over with a National Security Letter."

Answer 8

Lie Ryan's answer is right, but even those benefits only exist if the key ("wifi password") is strong and not widely shared, in which case an attacker interested in monitoring or interfering with your operations is going to be able to get access anyway. The primary purpose of wifi passwords is preventing casual mooching of service - bandwidth hogging, use of service for criminal activity that might wrongly get tied back to you, etc.