I think as long as you can physically access a network, you can snoop/sniff. Since your network is "the air" it is available for snooping.
posted by thilmony at 10:29 AM on March 9, 2007

yep. imagine sitting in a restaurant where two people are yelling at each other as if no one is there... can you hear what they're fighting about?
posted by noloveforned at 10:31 AM on March 9, 2007

Yes they can still read your packets. In fact, this is how someone would probably find a valid MAC address to get around your filter.
posted by chunking express at 10:37 AM on March 9, 2007

Yes.
posted by delmoi at 10:41 AM on March 9, 2007

Filtering MAC addresses is no security at all, since the MAC address can be snooped when no encryption is present and then cloned. Plus, as other posters have said, every packet is being sent in the clear and so if you've done, say, any online shopping your credit card info was un-encrypted.

WEP isn't great security either, but anything is better than nothing.
posted by Dipsomaniac at 10:49 AM on March 9, 2007

Plus, as other posters have said, every packet is being sent in the clear and so if you've done, say, any online shopping your credit card info was un-encrypted.

I haven't found an internet store that didn't use SSL since the late '90s. So the encryption of the data link layer wouldn't matter at all.
posted by cmonkey at 11:02 AM on March 9, 2007

So the encryption of the data link layer wouldn't matter at all.

True, but on the other hand, consider all the sites that you log on to that don't use SSL - the one you're posting to right now, for instance. Your username and password are thus free for the taking whenever you access such a site over unencrypted wireless, and most people don't use more than a couple passwords.

do we need WEP to have any shred of security

Neither MAC filtering nor WEP offer any shred of security! It can be trivially cracked in a few minutes. You need WPA2 PSK for any shred of security.
posted by Rhomboid at 11:12 AM on March 9, 2007

If WEP is off but you're still using wireless I'm guessing your using WPA? In which case they can sniff your packets but (in theory) not understand your traffic if you have a decent key length. It's like having an argument in a restaurant in Navajo. Only people who speak Navajo (know your key) can understand what your saying but everyone who's listening can tell when you are having an arguement.
posted by Mitheral at 11:15 AM on March 9, 2007

MAC Filtering is equivalent to two people shouting at each other in a crowded room, only before saying anything they first shout out their names, and then they only listen to someone who says their own name first.

Everyone can listen in. Anyone can join the conversation by using one of the "approved names"

Example:

Bob: "I'M BOB! I'd like to look at Metafilter."
Server: "Here you go!"
Dave "I'M DAVE! I'd like to look at Metafilter."
Server: "Sorry, I'm ignoring you because you're not Bob."
Dave: "I'M BOB! I'd like all your credit card numbers."
Server: "Here you go!"
posted by blue_beetle at 11:28 AM on March 9, 2007

I have a better analogy:

You're worried that someone is reading your mail, but the only precaution you're taking is that you only open mail that has a specific sender's address on it.

Doesn't help, does it?
posted by cmiller at 12:51 PM on March 9, 2007

These credit card examples aren't really appropriate. Virtually all credit card information is sent over secure HTTP (HTTPS) connections. When using HTTPS, your browser encrypts/decrypts data sent to/received from the remote web server (e.g., amazon.com). So even if your WiFi network is unencrypted, the browser already encrypted the data.

Snoopers probably won't get your credit card info, but they will see that you like Asking Metafilter, and they'll be able to mooch off your connection.
posted by ktheory at 7:37 PM on March 9, 2007

MAC filtering blocks computers from associating with the access point (excepting MAC spoofing mentioned above) but does nothing to stop them from sniffing you because WiFi sniffing takes place at a lower layer on the protocol stack. 802.11 (WiFi) encapsulates 802.13 (ethernet).
posted by scalefree at 10:43 PM on March 9, 2007

How about:

You're worried that someone is reading your mail, so you conduct all your business using postcards.

Even with HTTPS, not using some kind of network-layer encryption makes it dramatically easier to orchestrate an attack (i.e., man-in-the-middle, assuming the user will just click past the 'hey this certificate isn't valid' warning in the browser.)

Anyway, yeah, WPA. Not using at least WEP is pure sillyness if you care at all about security.
posted by blenderfish at 2:17 AM on March 10, 2007

The problem with using encryption as protection against being sniffed is that your attacker can store your session for later recovery, either on a faster machine or after an advance in cryptology makes it practical to break your session. It all depends on the value of what you're doing online is (you probably care more about your bank account than your MeFi password), but in general you should always use the strongest method available & use multiple layers (SSL inside TOR inside WPA) if possible. If she really insists on leaving WEP off, at least consider installing TOR.
posted by scalefree at 11:37 AM on March 10, 2007

Taking another stab at this, depending on the OS & card used, ethereal can promiscuously sniff your WiFi connection even with MAC filtering on. For a full technical discussion of what's possible see here.
posted by scalefree at 1:41 AM on March 11, 2007

This thread is closed to new comments.