Your Coffee Shop Wi-fi Can See What You Are Connecting To …

Your Coffee Shop Wi-fi Can See What You Are Connecting To …

We connect to public wi-fi systems and think that we are not giving away the sites we are visting, as we are using HTTPs connections. But think again, our DNS requests reveal the sites we are connecting to. Also the start of the TLS connection actually reveals the site we are connecting to.

Loading...

So in our sticking plaster world of security, we leak lots of information. One of these things are the servers we connect to. Cloudreach is one of the leading companies in the world which is trying to force the industry to plug the games around DNS and TLS. They would like to see the world moving to TLS 1.3 as quickly as possible.

And so Cloudflare have just announced that they have implemented ESNI (encrypted Server Name Indication (SNI) TLS extension). This aims to stop ISPs and public wi-fi providers from snooping on your Web accesses (or anyone else who listens to your network packets). The first integration is within Firefox Nightly, and you can test your browser here:

Cloudflare are also pushing to secure DNS requests, while driving the move toward DNSSEC and TLS 1.3. Once ESNI is enabled, it should show the following:

Cloudflare has released Wireshark traces to show the difference. The following shows a normal TLS and where we see the server name (cloudflare.com) within the TLS packet:

If the encrypted SNI extension is now added we get:

A TLS connection should be secured and tunnel, but in the initial negotiation with the Client Hello we reveal the server name, and which can be seen by anyone listening to our network packets……Read More>>>

Source:- medium

Share:
Loading...