![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
I've recently noticed that my wireless network connection list (in Win 7) displays 2 entries for my wireless network. One of them shows the router's configured SSID, and the other one shows an SSID of "Other Network". My router is set up with a non-default SSID, does not broadcast the SSID, and has security configured. The "Other Network" is definitely my own network and not someone else's, as it displays the exact same signal strength and security type/radio type as is shown for my normal connection. It also goes away when I turn my router off.
While researching the above, I noticed that in the Windows 7 "Manually connect to a wireless network" dialog window, there are 2 checkboxes, "Start this connection automatically" and "Connect even if the network is not broadcasting". Under the 2nd checkbox, there is a warning which states: "If you select this option, your computer's privacy might be at risk."
This confused me, as from what I've learned in the past, having the wireless router not broadcast the SSID is more secure than having it be broadcast.
Based on a comment on this page: http://slickdeals.net/forums/showthread.php?t=1636208
and based on a part in this book "Windows 7 Annoyances: Tips, Secrets, and Solutions By David A. Karp",
it seems that when a computer tries to connect to a network that is not broadcasting the SSID, the computer itself sends out the SSID while trying to connect. If someone else in the physical vicinity is spying on wireless signals during that timeframe, they could in that way find out what the network's SSID is. If the network is configured *without* any other security, then it would be possible for the other person to set up their own unsecured network with the same SSID as yours, and to thereby trick your computer into connecting to their network instead of your own. Connecting to their network would be a security risk. That is apparently what is meant by "your privacy might be at risk".
Based on the above, I would think that as long as your network is using encryption, it should still be more secure to have the router NOT broadcast the SSID, because then someone else can only capture the SSID when your laptop is initially trying to connect to the network. If the router is broadcasting the SSID, then someone else can capture the SSID anytime the router is turned on.
However, after reading some more webpages on the topic, I'm still not sure. If your laptop is configured to automatically connect to a network that is not broadcasting the SSID, the laptop itself sends out the SSID while trying to connect. If the laptop is used while traveling, the laptop will continually send out signals which include that SSID, while looking for that default connection.
I'm not sure, but apparently the laptop may also continuously send out the unencrypted SSID, even while it is connected to the encrypted network?
These webpages advise against turning off SSID broadcasting:
http://technet.microsoft.com/en-us/library/bb726942.aspx
http://superuser.com/questions/43836/automatically-connecting-to-hidden-ssid-wifi-network
This page says that your security is either the same or better when not broadcasting SSID
http://www.networkworld.com/community/node/33820
I'm still not clear on why having broadcast turned off for an encrypted network might possibly be less secure than having broadcast turned on. Or if that is the case or not.
Even though hackers can easily determine the SSID when it's not being broadcast, I still prefer it not to be broadcast, so that my neighbors won't see it in their network list (even though they wouldn't be able to connect to it even if they did see it). As long as my network has strong encryption turned on, hackers will find it as hard to break in with or without the SSID being broadcast. For further security, to avoid my laptop from continually sending out the SSID while I'm traveling, I could temporarily change my home network properties to not automatically try to connect.
While researching the above, I noticed that in the Windows 7 "Manually connect to a wireless network" dialog window, there are 2 checkboxes, "Start this connection automatically" and "Connect even if the network is not broadcasting". Under the 2nd checkbox, there is a warning which states: "If you select this option, your computer's privacy might be at risk."
This confused me, as from what I've learned in the past, having the wireless router not broadcast the SSID is more secure than having it be broadcast.
Based on a comment on this page: http://slickdeals.net/forums/showthread.php?t=1636208
and based on a part in this book "Windows 7 Annoyances: Tips, Secrets, and Solutions By David A. Karp",
it seems that when a computer tries to connect to a network that is not broadcasting the SSID, the computer itself sends out the SSID while trying to connect. If someone else in the physical vicinity is spying on wireless signals during that timeframe, they could in that way find out what the network's SSID is. If the network is configured *without* any other security, then it would be possible for the other person to set up their own unsecured network with the same SSID as yours, and to thereby trick your computer into connecting to their network instead of your own. Connecting to their network would be a security risk. That is apparently what is meant by "your privacy might be at risk".
Based on the above, I would think that as long as your network is using encryption, it should still be more secure to have the router NOT broadcast the SSID, because then someone else can only capture the SSID when your laptop is initially trying to connect to the network. If the router is broadcasting the SSID, then someone else can capture the SSID anytime the router is turned on.
However, after reading some more webpages on the topic, I'm still not sure. If your laptop is configured to automatically connect to a network that is not broadcasting the SSID, the laptop itself sends out the SSID while trying to connect. If the laptop is used while traveling, the laptop will continually send out signals which include that SSID, while looking for that default connection.
I'm not sure, but apparently the laptop may also continuously send out the unencrypted SSID, even while it is connected to the encrypted network?
These webpages advise against turning off SSID broadcasting:
http://technet.microsoft.com/en-us/library/bb726942.aspx
http://superuser.com/questions/43836/automatically-connecting-to-hidden-ssid-wifi-network
This page says that your security is either the same or better when not broadcasting SSID
http://www.networkworld.com/community/node/33820
I'm still not clear on why having broadcast turned off for an encrypted network might possibly be less secure than having broadcast turned on. Or if that is the case or not.
Even though hackers can easily determine the SSID when it's not being broadcast, I still prefer it not to be broadcast, so that my neighbors won't see it in their network list (even though they wouldn't be able to connect to it even if they did see it). As long as my network has strong encryption turned on, hackers will find it as hard to break in with or without the SSID being broadcast. For further security, to avoid my laptop from continually sending out the SSID while I'm traveling, I could temporarily change my home network properties to not automatically try to connect.