two simple questions from a newbie

(1) If I browse the web using a secure webpage (https://) from an open
wifi spot such as at a cafe (no WEP/WPA/VPN), is my surfing session
secure-- or even though it is https:// is it insecure from a packet
sniffer intercepting wifi signals?

(2) If I browse the web from an open wifi spot such as at a cafe (no
WEP/WPA/VPN), is my surfing session secure if I do my surfing by means of
ssh X tunneling and remote X client apps, for example if I
ssh -X me@myhomepc
and then once connected via ssh to my home computer I run a browser or
really any X application remotely?

Proteus wrote:

> (1) If I browse the web using a secure webpage (https://) from an open
> wifi spot such as at a cafe (no WEP/WPA/VPN), is my surfing session
> secure-- or even though it is https:// is it insecure from a packet
> sniffer intercepting wifi signals?

The content is hidden from everyone between you and the site you're
visiting. They can see where you're surfing to, but not what you're
looking at. They can get a good idea of how much you're downloading, but
in theory they'll be unable to tell what it is. Of course if you start
downloading ISO sized chunks of data from www.mega-porn.com... <g>

> (2) If I browse the web from an open wifi spot such as at a cafe (no
> WEP/WPA/VPN), is my surfing session secure if I do my surfing by means of
> ssh X tunneling and remote X client apps, for example if I
> ssh -X me@myhomepc
> and then once connected via ssh to my home computer I run a browser or
> really any X application remotely?

An ssh tunnel means that anyone between you and the ssh server (your PC in
this "me@myhomepc" scenario) can *only* see that you're making an
encrypted connection to your machine from some other location. They can't
see your final destination, nor any of the content.

On the other side of your PC/ssh server, between it and the site you're
tunneling to, anyone can see everything. It's all in the clear. Unless of
course you're tunneling to an https:// site in which case go back and see
the answer to question (1), also. ;)

Were you trying to secure something specific, or just asking general
questions? What methods you use depends on exactly what you're trying to
secure, and from whom.

--
_?_ Outside of a dog, a book is a man's best friend.
(@ @) Inside of a dog, it's too dark to read.
-oOO-(_)--OOo-------------------------------[ Groucho Marx ]--
grok! Registered Linux user #402208

On Tue, 29 Nov 2005 05:45:01 +0000, Jeffrey F. Bloss wrote:

> Proteus wrote:
>
>> (1) If I browse the web using a secure webpage (https://) from an open
>> wifi spot such as at a cafe (no WEP/WPA/VPN), is my surfing session
>> secure-- or even though it is https:// is it insecure from a packet
>> sniffer intercepting wifi signals?
>
> The content is hidden from everyone between you and the site you're
> visiting. They can see where you're surfing to, but not what you're
> looking at. They can get a good idea of how much you're downloading, but
> in theory they'll be unable to tell what it is. Of course if you start
> downloading ISO sized chunks of data from www.mega-porn.com... <g>
>
>> (2) If I browse the web from an open wifi spot such as at a cafe (no
>> WEP/WPA/VPN), is my surfing session secure if I do my surfing by means of
>> ssh X tunneling and remote X client apps, for example if I
>> ssh -X me@myhomepc
>> and then once connected via ssh to my home computer I run a browser or
>> really any X application remotely?
>
> An ssh tunnel means that anyone between you and the ssh server (your PC in
> this "me@myhomepc" scenario) can *only* see that you're making an
> encrypted connection to your machine from some other location. They can't
> see your final destination, nor any of the content.
>
> On the other side of your PC/ssh server, between it and the site you're
> tunneling to, anyone can see everything. It's all in the clear. Unless of
> course you're tunneling to an https:// site in which case go back and see
> the answer to question (1), also. ;)
>
> Were you trying to secure something specific, or just asking general
> questions? What methods you use depends on exactly what you're trying to
> secure, and from whom.


Thank you, clears up some confusion. Main issue is that I teach online,
and need to deal with the issue (along with a hundred other online
teachers at my campus, not to mention students) of doing online teaching
activities from a laptop at local wifi hotspots. It would not be good if
someone got hold of our login passwords and such, they could then change
student test scores or do worse.

Proteus wrote:

>> Were you trying to secure something specific, or just asking general
>> questions? What methods you use depends on exactly what you're trying to
>> secure, and from whom.
>
>
> Thank you, clears up some confusion. Main issue is that I teach online,
> and need to deal with the issue (along with a hundred other online
> teachers at my campus, not to mention students) of doing online teaching
> activities from a laptop at local wifi hotspots. It would not be good if
> someone got hold of our login passwords and such, they could then change
> student test scores or do worse.

Understood.

I'd say it's best to look towards using the end to end encryption of
HTTPS. Or maybe some sort of VPN between your laptop and school. Tunneling
to your home machine has the advantage of hiding your ultimate destination
from anyone sniffing your wifi connection, but it leaves the part of the
connection path between "home" and "school" unencrypted. You're not really
trying to hide where you're going anyway, just your login information and
maybe some critical data like grade updates. Encrypting all the way to the
school's web server makes a *lot* more sense.

--
_?_ Outside of a dog, a book is a man's best friend.
(@ @) Inside of a dog, it's too dark to read.
-oOO-(_)--OOo-------------------------------[ Groucho Marx ]--
grok! Registered Linux user #402208