Haha, well allow me to give my opinions on your opinions of my opinions
Well then, by all means let me share my opinions of your opinions of my opinions of your opinions...err..wut? LOL!
1. Agreed, but your original statement is still arguable on the fact you state it provides no security when it in-fact does, even if it's very minor in comparison to a secure password, WPA2 and AES encryption as we both seem to agree on. Not that hiding an SSID is a necessary or common step for many, it's used for more often than I expected out in the field TBH...and unless you really want to look for pings for the hidden SSID's it's not really worth your time but as you said it's not really going to stop anyone that is motivated. ;P
2. Not really, type in the right SSID and be done with it 95% of the time...unless you have the OP's luck or older iDevices...at least in my experience with them.
MAC address filtering is an entirely different aspect to even bring into this conversation...moreso on the fact that if the hacker doesn't know what MAC address to spoof, he isn't gonna get in...but if he's already captured the packets to ID the MAC address odds are the wireless network was secured with WPA2/AES in the first place...or the dude was really good and extremely patient. Anyone can MAC spoof..hell Windows 10 has a feature for it!
I shit you not. And maybe you are already aware of it, but for those that aren't...it might be worth knowing if your MAC address is ever blocked and the security guy doesn't run a whitelist side-by-side with the blacklist.
3. True, but really what attacks are experienced more? A WAN-side DoS attack or a WiFi attack? At least in my region it is clearly the WAN-side attacks and port scans. Not nearly as much wireless attacks...but they do happen. Found a couple of rouge AP's recently and that was good fun! While I do agree that hardware conflicts to make it harder, most of the time connecting to a hidden SSID in my experience is really a non-issue. Hidden SSID's have uses beyond border security too...keeping workers off the internal WLAN is a good one..where a preconfigured GPO fires out wireless network settings so that the workstation can connect, but the user is blocked from accessing the WLAN SSID/NIC configs, keeps them from adding unwanted devices. How does that affect the home user? Well in a similar fashion as I use it, to have my own WLAN that noone else has access to unless I want them to...that is VLAN'd and used mostly for lab work and testing. Sure could someone break into it? Ya I am sure eventually but with my passwords it'll be one helluva good fight that'll probably sway them to move on. There are some uses for hidden SSID's, mostly in the name of keeping others out that might not necessarily be hacker-grade or even network engineer/tech-grade material...and even those that are more-so that even if they find the SSID, they still have to try to break the encryption or brute force in...have fun!
And then there's the issue at hand: security. Who really cares about your network? Or mine? I'll give you the benefit of the doubt and acknowledge the possibility that you might be somebody who has valuable data on your network, data that somebody could possibly have a reason to go chasing after it... or some other reason you legitimately need a strong, secure network. However, 99% of users need only to secure their network enough to stop weirdos from leeching their internet to download porn while sending dicks to their network printer. WPA2/AES is more than sufficient for this. Now, when it comes to real tough security, the kind of security needed to stop attackers with a reason for attacking a secure network, I admit my knowledge isn't great here... but, as far as I know anyway, WPA2/AES is still the best you could hope for, and hiding SSIDs won't save you from someone who can break WPA2/AES. That's like throwing a tarp over a bank vault and hoping the guy who knows how to break into the vault won't be able to tell it's under that conspicuous tarp...
I absolutely agree...the real issue is who really gives a flying fuck about our private networks unless we have something to offer. Are we worth the risk of detection? Is it just a game to see if they can get in? I already clearly stated I'll deal with the WAN side jokers far more than those whom take an interest in WLAN breaking and entering.
99% of users should be using WPA2/AES and a strong password...a weak password on WPA2/AES is still better than a weak password without WPA2/AES...but the risk is still factors greater than a strong password.
WPA2 Enterprise with RADIUS or centralized account management database with privilege/access control is the next step up from WPA2/AES, most home users won't utilize this as you need a central database for user accounts and control, in many cases Active Directory and Domain Services. There's plenty of risks with that method as well, but there's also more to add, port security, VLANs for different groups, various subnets and routes for different SSIDs, isolation if needed (this is really handy for guest networks for obvious reasons), and MAC blacklist/whitelisting all play a critical role depending on the level of security needed...half-assing any step is like leaving the main door open with the dead bolt out though...the storm door won't be able to shut because the security was setup wrong...
I do like your analogy of the bank robber w/tarp and hidden SSID, and you do have a point in that respect...but there's still a use and need for hiding SSID's out there, but it shouldn't be the expected mainstay for wireless security, but rather just one extra step someone would have to take to access the network or to break into the network.
