People will crack streamed DRM if there is content that's either only available there, or is available there first... If you look at most torrent sites these days you will see all kinds of content that has been ripped from streaming media sites, all of which used DRM and yet still got cracked and made available in a more convenient form via torrents.
When people started doing that it was the current generation console, and it's not a lot of effort to install an xk3y (which costs about the price of a single game) and then copy downloaded iso files to a usb hdd... In fact, being able to hook up a large portable hdd containing hundreds of games is far more convenient than sorting through a pile of dvd media.
Or you can use pdftk to remove the arbitrary pdf restrictions and get a plain normal pdf file out of it...
If the password can be retrieved in an automated fashion then even if its encrypted, everything necessary (i.e. the key) is present, so if the host is compromised the passwords effectively are plaintext as the attacker can simply run the same process to decrypt the password.
And even if you use SSL to check your mail, that doesn't change how the email has been transmitted from one mail server to another, which is often done without using SSL, and most mail servers will fall back to plain text even if they do support SSL because so many out there don't support SSL at all.
Not necessarily in these days of social media... A lot of people have Facebook accounts and will have added relatives or people they went to school with...
For your example, you already know the school, so you find out a list of their teachers (often published online) and try them all, and if the attacker knows your age they can narrow it down further... Either way there's a relatively small number of possible answers.
All the routers i've seen implement statefull filtering on ipv6 and allow all outbound and no inbound (except traffic related to an outbound connection) by default, which is functionally identical to their ipv4 nat implementation.
Good luck trying to scan an ipv6 range...
The smallest subnet is a
IPv6 works fine with VPN software, even ipsec was originally a part of ipv6 and cruftily backported to ipv4... Infact, you can use ipsec properly (ie end to end without kludges like l2tp) with ipv6. The problems published recently were due to short sighted vpn providers who completely ignore the existence of ipv6. If they provided dual stack connectivity over their vpn then there wouldn't have been a problem.
Bugs could still be found in ipv4 stacks too (and are still being found), on the other hand ipv6 is much newer and addresses some of the weaknesses of ipv4.
MAC filtering will stop random users from connecting automatically, but won't stop someone who is intentionally trying to gain access... Changing your MAC is trivial.
Agreed that _optout is offensive, why should i have to change the name of *my* network to cope with this crap, and where would it end? I shouldn't have to explicitly opt out of things i never have any intention of using and might not even be aware of.
The only real solution is a dedicated (isolated) guest network, with regularly changing keys... I don't have guests visiting all the time so i could easily generate a new key each time...
Until games start requiring it...
Any device that connects to wifi has to store the passwords either in the clear or in a retrievable form...
If you compromise the device, you can extract the keys (and a lot of other stuff too). Other devices just obfuscate the keys, but they are still retrievable (e.g. try wirelesskeyview or gsecdump for windows).
That's why virtually all platforms offer device encryption these days to lessen the chances of the device being compromised at all.
Limiting sites and protocols just causes problems, people will have their devices setup to connect to all manner of things (vpns, email, im, voip etc), and restricting what they can access will invariably block some stuff and render the connection unusable, causing a denial of service if the handset automatically connects to the wifi and loses its cellular connection where everything was working.
The PSK *is* the passphrase... The only thing the passphrase gives you is access to the network, and the key does that too.
What about files which don't contain a . character?
Pirates already have versions with these bugs fixed, widely available from various torrent sites.
There are already various emulators that do just that, and they are widely used for running legacy software on modern hardware.
One man's constant is another man's variable. -- A.J. Perlis
