The secure anonymous hotspot I proposed in 2007
Sophos security’s Chester Wisniewski offered a “solution” for securing Hotspots. The only problem is that it isn’t secure. Chris’ solution calls for the use of WPA-PSK which is not secure when everyone knows the PSK. That’s because anyone can sniff the initial connection and derive the unique session key which makes the solution insecure.
I proposed a more secure solution for a secure anonymous hotspot back in 2007. In fact we don’t even need to bother with any specific username and password. I even discussed this with Microsoft engineers and we talked about how it could even be a blank username/password or any username/password combination so that just about anyone can connect. It’s secure and easy to implement and it’s long overdue given the massive security problems with unencrypted hotspots.