I’m not that knowledgeable on networking, but I do remember that if a device is connected to a wired network, it can end up receiving packets not meant for it because switches will flood all the ports for packets they don’t know how to route. But I also heard that Wi-Fi is supposedly smarter than that and a device connected to it should never receive a packet not meant for it.
Is this true? And in practice, does this mean it’s preferable should keep computers with invasive operating systems (which might decide to record foreign packets sent to it in its telemetry) on Wi-Fi instead of on the wired network?
Also, how exactly does Wi-Fi prevent devices from receiving the wrong packets when it’s a radio based system and any suitable antenna can receive any Wi-Fi signal? Does each device get assigned a unique encryption key and so is only capable of decrypting packets meant for it? How secure is it actually?
deleted by creator
Switches will flood a network when they don’t know the location of a MAC address but this should only happen for the very first packet which is more likely to be DHCP or some boring background thing like that. As soon as the correct devices get the packet and replies then each switch along the way will update its MAC address table and they’ll know exactly which port to use until it expires (which depends on the switch, I don’t have a ballpark idea).
No. For the purposes you’re talking about wired is fine.
How your network is managed and set up makes it possible to get more security from WiFi using a bunch of new technologies added to recent WiFi protocols but you’d have to be actually have set all that up and have compatible networking stacks on the computers.
Also, and I say this as no great lover of Microsoft or its products, windows isn’t snooping network traffic not meant for it and bundling it up in its telemetry uploads.
The flooding a network thing really isn’t an issue, they’ll only flood for the first packet just to find the way and then it stops. Fire up Wireshark on a different machine and transfer a file between two other machines, you won’t see anything. I don’t know too much about WiFi but it probably does the same, it’s just a bridge to the same network.
Wired is probably better because machines can estimate your location from the SSID and they can leak the password giving access to the network.
Yes that’s true, sort of. There are many layers to it, but generally unmanaged wired switches are less strict. Most modern wifi systems enable client isolation by default.
If you use some WFP manager you can block all incoming connections and also block all OS connections… I basically only let my browser communicating with the internet, the rest has no business online.
it can end up receiving packets not meant for it because switches will flood all the ports for packets they don’t know how to route
This is only applicable to IPv4 networking and is very much “the old way” of doing things. If you have properly designed and set up your own home network, you shouldn’t be having broadcast traffic happen at all, because all your switches should have a MAC table that includes all the devices you have physically connected. Especially if you have bothered to take the time to hand out static addresses tied to the MAC address. A broadcast should generally only be happening if there is an unknown destination on the LAN, and an unknown destination only happens when there is a new device added at an unknown location. Once a broadcast packet has been sent and replied to, the switch fills it’s MAC table with the information on the new device, now knowing it’s location.
Wi-Fi’s packets can be intercepted by anyone, it’s technically sending all packets on blast as radio waves at all times. Sure, modern Wi-Fi can be encrypted, but that encryption can also often be broken.
Finally, IPv6 doesn’t use broadcast packets at all, instead using multicasting, which is similar to a broadcast but doesn’t flood every port in the wired network and is a bit more tightly directed.
