> Because extremely few people actually look at the detailed specs. You’d think more people did, but it turns out they don’t.
Well that's depressing :(
> It’s relevant for those who misguidedly have their network infrastructure set to trust all local network connections. In my experience, many people do.
For 99% of people worrying about "network infrastructure" would only be relevant at home, right? So the threat model here is some nefarious nearby actor (your tech-savvy neighbor? someone else parked nearby who hates you and knows how to do these hacks?) is trying to hack you? How often does this actually happen?
I'd argue the number of startups that have trust all local network connections is not far behind. I doubt a company seriously considers their wifi connectivity as a threat vector until they get to a series B size.
Hypothetically I'd imagine if you take early startup infrastructure snooping + <insert criminal act here> you probably have a criminal enterprise that's cashflow positive.
Many elaborate scams are not relevant to most people, but only to people with money. Most phishing attacks are not relevant to most people, only to people in some important enough positions, or with access to interesting enough networks.
But the damage of such attacks is still large enough to care.
I'm sure there are quite a lot of non-tech-startup small businesses in the same boat. And sure, still less than 50% of people own such business, but that something doesn't directly affect a majority doesn't mean it's not important.
I guess, to clarify, what I'm trying to get at is, should someone who hears "this computer/router/whatever supports WPA{N+1}, whereas that one just supports WPA{N}" factor that into their purchasing decision or not. And the answer I see seems to be, "if this is just for your household use, then no, unless you have reason to believe someone in your proximity would try to hack you".
Well that's depressing :(
> It’s relevant for those who misguidedly have their network infrastructure set to trust all local network connections. In my experience, many people do.
For 99% of people worrying about "network infrastructure" would only be relevant at home, right? So the threat model here is some nefarious nearby actor (your tech-savvy neighbor? someone else parked nearby who hates you and knows how to do these hacks?) is trying to hack you? How often does this actually happen?