Is hiding SSID's still a security risk?

E

EnthusiastXYZ

Limp Gawd
Joined
Jun 26, 2020
Messages
221
The Internet says that:
1. SSID's were never designed to be hidden
2. Hiding SSID's never prevented SSID's from being detected/discovered
3. Using hidden SSID's presents a security risk because it forces connected device advertise their preference for a hidden network

My questions:
A. Hiding SSID's doesn't prevent SSID's from being discovered, but isn't SSID name still necessary for someone to connect to a hidden SSID? There is no way to connect to a hidden SSID with a typical Android device without knowing SSID name.
B. Does using hidden SSID's (at home, for example) still present a security risk for modern devices and modern operating systems? Microsoft states that the problem only exists in old devices dating back to Windows XP and Windows Vista. I am not sure about Android, but all my devices use Android 11 and latest iOS.
C. Assuming modern router capabilities, modern client devices, and modern OS, are there any advantages of using hidden SSID's over openly-advertised SSID's?
 
Microsoft prevent the xbox connecting to hidden ssid's on the same principle, they believe its a false economy security wise.

So I ended up making it visible but also adding a mac whitelist to compensate.

Point #3 doesnt compute with me however, one can setup a ghost AP to grab things like passwords and AP names, but a hidden AP wouldnt be any more vulnerable to that then a visible one.
 
I think point #3 is that clients of the hidden AP are the problem. I think such clients can continue to scan their environment and advertise "I prefer and seek a hidden AP because I am a client of such AP" signal. That makes it easier to identify who the clients of such an AP are, but these days Android clients can disable WiFi and BT scanning.
 
Hidden SSIDs are the equivalent of hiding your pornstash on multiple nested folders, anyone who knows how to search files will find it, it's security through obscurity, which isn't really security. Same with MAC whitelist its really east to get the MAC of nearby devices and spoof them. But that is 2 extra steps an attacker would have to take...maybe an additional 30 seconds.

If you have a determined, sophisticated hacker there's not a lot you can do. Hire a team, respond when they break in, gather evidence and turn them over to the authorities is really the only option you'd have.

Imagine a Bank that invites people to rob them, but says it won't press charges on any attempts....how long do you think that bank would keep it's money? Not long
 
cybereality said:
Hidden SSIDs are security theater, as are MAC whitelists. They might trick your roommate or family member, but are no issue for an attacker.
Click to expand...

I agree a knowledgable attacker can get round whitelists, but they are still useful enough perhaps to prevent people who dont know how to circumvent it.

The reality is though that wifi security is a joke, I enabled the whitelist as its still better than not having one but I am aware its a mechanism that already has ways to bypass it, however there is no mechanism that I am aware off that is effective on wifi AP's to properly restrict who can use that AP.

One thing we have to be aware off whilst they are trivial to bypass for a professional attacker, 99% of people out there dont know how to do it.

Hopefully one day we may get some proper tech that prevents spoofing macs and the like.

It is nice to assume that your risk is only from a "determined, sophisticated hacker", but the reality is most attempts on your security will be from bots and opportunistic amateurs. e.g. changing your ssh port isnt going to stop a state funded professional, but it stops you been low hanging fruit and filters out all the bots crawling ssh ports. So security via obscurity whilst its not adequate as a proper security prevention, it still serves a useful purpose. I bet you dont run your AP's open with no passwords right? as after all they easier to bypass than whitelists.
 
Last edited:
I always used to laugh if I saw a current Wi-Fi security article that said "Hide your SSID!"

That was fun for maybe the first three weeks of Wi-Fi being available to the public.
 
chrcoluk said:
I agree a knowledgable attacker can get round whitelists, but they are still useful enough perhaps to prevent people who dont know how to circumvent it.

The reality is though that wifi security is a joke, I enabled the whitelist as its still better than not having one but I am aware its a mechanism that already has ways to bypass it, however there is no mechanism that I am aware off that is effective on wifi AP's to properly restrict who can use that AP.

One thing we have to be aware off whilst they are trivial to bypass for a professional attacker, 99% of people out there dont know how to do it.

Hopefully one day we may get some proper tech that prevents spoofing macs and the like.

It is nice to assume that your risk is only from a "determined, sophisticated hacker", but the reality is most attempts on your security will be from bots and opportunistic amateurs. e.g. changing your ssh port isnt going to stop a state funded professional, but it stops you been low hanging fruit and filters out all the bots crawling ssh ports. So security via obscurity whilst its not adequate as a proper security prevention, it still serves a useful purpose. I bet you dont run your AP's open with no passwords right? as after all they easier to bypass than whitelists.
Click to expand...

MAC whitelisting, static IP, static ARP, and similar technologies are about network management and administration, not security. I do hope that spoofing never goes away. It is as much of an attack tool as it is a defense tool.
 
EnthusiastXYZ said:
MAC whitelisting, static IP, static ARP, and similar technologies are about network management and administration, not security. I do hope that spoofing never goes away. It is as much of an attack tool as it is a defense tool.
Click to expand...
Well you may get your wish, I think if it was viable and the drive was there from vendors to make it go away we may have seen it by now on the advent of WPA3.

Wifi has been fortunate that there has been no awareness campaign to highlight just how weak it is from a security standpoint, as I said 99% of people are not aware, so they use it.

I am curious though if there are not well known methods that are actually effective at been a barrier to knowledgeable attackers.
 
chrcoluk said:
Well you may get your wish, I think if it was viable and the drive was there from vendors to make it go away we may have seen it by now on the advent of WPA3.

Wifi has been fortunate that there has been no awareness campaign to highlight just how weak it is from a security standpoint, as I said 99% of people are not aware, so they use it.

I am curious though if there are not well known methods that are actually effective at been a barrier to knowledgeable attackers.
Click to expand...

I think the correct word would be "UNfortunate"...
 
Sheesh.... there's nothing wrong with a hidden ssid. There are plenty of pretty broken OS's (like Windows) that might not deal with hidden SSIDs well though.

Pretty much all security is based on obscurity. The idea that we shouldn't obscure because someone "can" find out something is just stupid. We obscure to keep the "easy" path obscure.

The idea that it creates a security problem, absolutely bonkers.

Do not believe everything "the Internet" says.

WiFi in general is pretty non-secure. Maybe we should stop using it period....

I think it's up to you whether you advertise your SSID to the world or not.
 
Right, I wasn't saying that hidden SSIDs are less secure. Just that they don't offer any additional real security, besides tricking your neighbors that aren't hackers.

Nothing wrong with using them, it just doesn't seem worth it (same with MAC filters) as any real hacker can bypass that in a few minutes.

Also, WiFi is fairly secure there days, especially if you use WiFi6 with WPA3. Maybe if you have a really weak password it can be cracked, but it should be safe enough for most people.
 
Most of the reasons for hiding an SSID are about management rather than security. It isnt really about tricking anyone or trying to be sneaky, its just cleaner to set up a policy that automatically moves machines to their correct VLAN/SSID without anyone ever really knowing what SSID theyre even connected to, less names pop up in the list of available networks, peoples devices wont accidentally roam to it, you dont have a few hundred kids bored in class seeing which networks they can get into etc..
 
Right, the protocols haven't changed, so I assume that stack exchange post is still accurate.
 
In other words, it makes sense to hide SSID's for stationary clients (media streaming devices like Chromecast / Apple TV, PC's) that will always be within service area of the AP, but not hide SSID's for mobile clients (such as phones) that get connected and disconnected frequently. What kind of identifable information does a client broadcast when looking for a preferred hidden SSID? If it only advertises its preference, then geolocation is the only personal information that gets disclosed...
 
You must log in or register to reply here.
Back
Top