April 14, 2014

the purpose of the CAPTCHA in gogo in-flight, via gogo in-flight

via @schneierblog this AM, a pointer to a wired article about how the wifi providers have cut a deal with the government to put more than the necessary lawful intercept capabilities into their systems. of particular note is the addition of a CAPTCHA to the system.

the article doesn’t go on to elaborate as to the rationale behind the addition of the CAPTCHA but it’s likely worth noting that it prevents devices which might be in the plane but not associated with a human on-bard from being able to “phone home” and use gogo as a control channel.

insert movie plot scenarios here

i don’t doubt that there’s a suite of additional capabilities which the company has added to the service at the behest of LEAs via the FCC, but this is actually a pretty reasonable addition to the service. though, i do wonder if there’s the potential for a MITM attack using a spoofed SSID and proxy capture system. that would require some additional components in the system which i can appreciate folks being loath to describe in detail to the masses.

still, buy yourself access to a VPN service and use it wherever you happen to be using public wifi.

Creative Commons License