Security Basics mailing list archives
RE: Home wireless free hotspot
From: Dave Kleiman <dave () davekleiman com>
Date: Fri, 16 Apr 2010 15:27:36 -0500
**** Disclaimer: nothing I am stating here should be taken as legal advice, always consult with a licensed attorney in your jurisdiction!*** Reginald, Really? Maybe you should stop with the LOLs and do a little background on your topic. Maybe you should not be giving legal advice, especially if you are not licensed attorney. My guess is you have never been involved in a litigation matter and think it is very cut and dry? Although the end results of all these cases are not decided for years, it seems it could tie you up in costly litigation for quite some time. So although you may have a written agreement or even a protective law like the "The 2005 Protection of Lawful Commerce", it *may* not excuse your liability, you *may* end up in court with the judicial system deciding the outcome. Just to show how your exampling is erroneous, for businesses (your example was gun manufactures/dealers) may feel they are protected by the 2005 Protection of Lawful Commerce. """Judge Weinstein lets suit against gun mfr proceed: A federal judge in Brooklyn ruled yesterday that New York City's lawsuit against gun manufacturers and distributors can go forward, despite new federal legislation devised to protect gun makers from such lawsuits. The ruling, by Judge Jack B. Weinstein of United States District Court, was a significant victory for the city, which has argued that some gun makers and sellers know about the flood of handguns into the underground market, and have the power to minimize it by relatively simple means, but refuse to do so. In his ruling, Judge Weinstein postponed a trial so the gun manufacturers could appeal. Gun makers named in the suit include Beretta U.S.A., Browning Arms, Colt Manufacturing, Glock and Smith & Wesson. The judge ruled that the new law, the Protection of Lawful Commerce in Arms Act, does not apply to the city's lawsuit because it falls under a narrow exception that allows lawsuits against the gun makers if their sales or marketing practices violate state or federal statutes.""" """9 Gun Makers Called Liable For Shootings: For the first time, a jury has found that gun manufacturers are liable for shootings with illegally obtained handguns because their marketing practices fostered illegal gun trafficking. In a lawsuit filed in Federal District Court in Brooklyn, which legal experts called a test case for a wave of suits that have recently been filed against the gun industry, the jury found yesterday that 15 of 25 firearms makers named in the suit had been negligent. The suit was brought on behalf of victims in seven shootings. Of the 15 manufacturers found negligent, 9 were liable in at least one of three of the shootings -- two of them fatal -- in the New York City region in recent years. The jury found that those nine manufacturers were collectively liable for the shootings -- even though it was not proved what brand of gun had been used in any of the cases -- because they oversupplied states with weak gun laws, which led to illegal sales in those with strict regulations, like New York. The jurors found liability where it had determined that the companies' practices had been a ''proximate cause,'' or a substantial factor, in the shootings.""" - http://www.nytimes.com/1999/02/12/nyregion/9-gun-makers-called-liable-for-shootings.html """Bloomberg signs 4 gun-control bills - One measure would hold arms makers and dealers liable for deaths and injuries caused by illegal use of weapons: A measure allowing the country's gun dealers and manufacturers to be held liable for deaths and injuries caused by the illegal use of their weapons in New York City was one of four gun-control bills signed into law yesterday by Mayor Michael Bloomberg. "There's just no argument here, guns kills people," said Bloomberg during a signing ceremony in the Blue Room in City Hall. "It's time to get them off the streets." One bill the mayor signed allows gun dealers and manufacturers to be sued if they fail to follow a "code of conduct" aimed at preventing guns from getting into the hands of criminals. The code will require these firms to abide by responsible sales practices, such as selling no more than one gun to a customer in any 30-day period.""" - http://infowars.com/articles/2nd_amendment/bloomberg_signs_4_gun_bills.htm ""In 1989, the Legal Action Project was created to change all that. Since then, LAP attorneys have represented gun violence victims pro bono in courts throughout the country, establishing a body of law holding that those who manufacture, distribute and sell guns owe a duty to engage in their business responsibly, and they may be liable for contributing to criminal or unintentional shootings when they fail to do so."" - http://www.bradycenter.org/legalaction/aboutlap ""Jurors trying to decide whether handgun manufacturers should be held liable for gun violence began their fifth day of deliberations Wednesday despite twice telling the judge they were deadlocked."" - http://www.cnn.com/US/9902/09/gun.lawsuit/index.html http://articles.latimes.com/2002/sep/30/opinion/le-winterroth30 Respectfully, Dave Kleiman - http://www.ComputerForensicExaminer.com - http://www.DigitalForensicExpert.com 4371 Northlake Blvd #314 Palm Beach Gardens, FL 33410 561.310.8801 -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Reginald Wheeler Sent: Friday, April 16, 2010 12:12 To: JayZee Cc: martinez85 () att blackberry net; jlightfoot () gmail com; listbounce () securityfocus com; security-basics () securityfocus com Subject: RE: Home wireless free hotspot Lol... and SMH... It would turn out the same way it would if your were in a Barnes and Noble in GA and did the same damn thing. I wouldn't be held responsible. How do you think your phone service provider avoids prosecution when some one gets caught doing something stupid while using the service. Terms of Use agreements save a lot of service providers from very painful and expensive legal and/or civil actions against them. This is per my lawyer. As told to me it's kinda like the gun industry. The manufacture makes the guns and they are bought by dealers. The dealers then sell them to the end user. None of them are responsible for what is done with the gun once the end user agrees that he will follow the letter of the law concerning the weapon that he/she just purchased. So if that end user shots someone the Dealer nor the manufacture are responsible. This same principle holds for service providers that provide a service. We are not responsible for the illegal actions of a third party. Hope this helps you to better understand why I advised in the direction that I did. Thank You, Reginald Wheeler, Owner A+, Networking+, MCSE 2003 1907 Hampton Dr. Sandy Springs, GA 30350 Ph:678.615.2997 wheeler90 () comcast net -----Original Message----- From: JayZee <octopush () gmail com> To: wheeler90 () comcast net Cc: martinez85 () att blackberry net, jlightfoot () gmail com, listbounce () securityfocus com, security-basics () securityfocus com Subject: RE: Home wireless free hotspot Date: Fri, 16 Apr 2010 08:18:35 -0700 Sounds like an easy escape clause in general - we all should probably have one of those regardless of having an open AP or not. Good for White/Black/Grey hats alike. Lets run an experiment!? You sign a "terms of use", open your AP and then we will get some local guys from 4Chan (those guys are up for anything!) down there in GA to run their script kiddy/pedobear/other "unmentionables" from your open AP for a while and lets see how that all turns out? An empirical test of this amazing loophole in paramilitary raids! -Jay ________________________________________ From: Reginald Wheeler [wheeler90 () comcast net] Sent: Friday, April 16, 2010 3:18 AM To: Jay Vlavianos Cc: martinez85 () att blackberry net; John Lightfoot; listbounce () securityfocus com; security-basics () securityfocus com Subject: RE: Home wireless free hotspot Now I spoke to a lawyer shortly after all this started to with this string. I was advised that all is needed is a terms of use. Thanks guys. Thank You, Reginald Wheeler, Owner A+, Networking+, MCSE 2003 1907 Hampton Dr. Sandy Springs, GA 30350 Ph:678.615.2997 wheeler90 () comcast net -----Original Message----- From: Jay Vlavianos <jvlavianos () ecastnetwork com> To: 'wheeler90 () comcast net' <wheeler90 () comcast net> Cc: martinez85 () att blackberry net <martinez85 () att blackberry net>, John Lightfoot <jlightfoot () gmail com>, listbounce () securityfocus com <listbounce () securityfocus com>, security-basics () securityfocus com <security-basics () securityfocus com> Subject: RE: Home wireless free hotspot Date: Tue, 16 Mar 2010 18:02:53 -0700 Um.... opening his wireless access point allows people to run a tor exit node on their own... does it not? As well as seeding torrents? As well as hosting warez? As well as running a dyndns'd porn server? As well as hacking NSA servers? As well as making all of your other neighbors zombie DDOS robots? He doesn't have to run the exit node himself, it only has to leave his pipe for him to get the finger... right? I think you are missing the _human_ aspect of this. You are basically saying "Yes, you might be arrested and charged with child pornography, humiliated in the local press and spend all of your life savings in a court battle... but you WILL ultimately prevail and get your gear back with an apology in the local news TV program so why not do it - THERE IS NO CASE LAW!!! WOO HOO!!!" Sounds a little stupid in that context doesn't it? Does to me at least. -----Original Message----- From: Reginald Wheeler [mailto:wheeler90 () comcast net] Sent: Tuesday, March 16, 2010 5:34 PM To: Jay Vlavianos Cc: martinez85 () att blackberry net; John Lightfoot; listbounce () securityfocus com; security-basics () securityfocus com Subject: Re: Home wireless free hotspot Dude the guy is not asking if it is safe to operate a freaking tor proxy server. He is asking if he set up something like what you would get if you were to go to a freaking coffee shop. Stop telling the guy he can't do it. Tell him the risk involved and tell him the best way to mitigate those risk. I know we have a bunch of IT professionals that are on this mailing list. The link that is provided talks of operating a proxy site that can and will violate your ISP terms of use. Now if you go through the proper channels you can offer a wifi hotspot as a service. You have to speak to your ISP for the details of what you need to do. So having said that and now getting pissed with the level of incompetence that many of my fellow IT professionals are showing I'm left wondering how in the hell you got your jobs. Now I am going to give Mr. Lightfoot this advise please consult an IT professional that is well versed in wireless networking and security. This person will also be able to help you with all of the legalities that you may run into with this project. Now for everyone else we all have to think before we comment, not misrepresent ourselves and do our best to leave our personal feelings about things in our pockets when consulting someone on anything unless they ask for it. Oh and P.S. a free to use wireless hotspot is not a Tor-Exit-Node. Tor meaning the The Onion Router is a piece of software that allows you to route internet traffic for programs that use the internet through layers of proxy servers in order to mask your IP address. This has absolutly nothing to do with a hotspot that will always carry the IP address that is issued him from his ISP. So again Jay I have asked you to site case law that will provide factual evidence that you can as a service provider be held accountable for the actions that another person has conducted on a network that has a Terms of use contract that has to be agreed upon in order to access the network. This does not include the fact that yes there is the inconvenience of having your equipment seized for the sake of investigation. You get it back. Plus if you have insurance and you do things the proper way. You will be able to get a replacement due to the fact that your now able to let your insurance company know that your equipment was damaged in a criminal act and your back in service. Thank You, Reginald Wheeler, Owner A+, Networking+, MCSE 2003 1907 Hampton Dr. Sandy Springs, GA 30350 Ph:678.615.2997 wheeler90 () comcast net\ Universal Systems Consulting LLC Simplifying IT -----Original Message----- From: Jay Vlavianos <jvlavianos () ecastnetwork com> To: martinez85 () att blackberry net <martinez85 () att blackberry net> Cc: John Lightfoot <jlightfoot () gmail com>, listbounce () securityfocus com <listbounce () securityfocus com>, security-basics () securityfocus com <security-basics () securityfocus com> Subject: Re: Home wireless free hotspot Date: Tue, 16 Mar 2010 08:30:34 -0700 One only needs to read stories like the one below of a poor Tor exit node operator to realize that you don't want -anyone- except yourself on your own net connection. That is, of course, if you need some excuse for your own activities ("I don't know man, I didn't download any softwarez- but maybe my neighbor did!). http://calumog.wordpress.com/2009/03/18/why-you-need-balls-of-steel-to-operate-a-tor-exit-node/ On Mar 16, 2010, at 7:32 AM, "Johnathan" <martinez85 () att blackberry net> wrote:
How sweet of you... Now matter how kind your intentions are, you may want to check the terms and conditions of the agreement of the contract you hold with your service provider. You legally may not be allowed to do such a thing you are proposing. You may be aware of this already, just wanted to put it out there for others who may have the same mind set as you. ---- Johnathan Sent via BlackBerry by AT&T -----Original Message----- From: "John Lightfoot" <jlightfoot () gmail com> Date: Fri, 12 Mar 2010 15:10:40 To: <security-basics () securityfocus com> Subject: Home wireless free hotspot Hello, I have a home wireless network that I'd like to make available to ne ighbors who need to borrow a connection from time to time. Consider it karmic repayment for the times I've had to borrow someone else's open connection. Of course, I'd like to do it securely, so I'm looking for some advice. My main network has a wireless router connected to the Internet, with a few wired connections to my home computers. The main router's wireless network is protected by WPA, access control via MAC address, etc. My thought is I would attach a second wireless router (Netgear) to a port off the main router and leave it unsecured, using a second subnet, and block any routing between the two subnets, other than straight out to the Internet, but I'm not sure the best way to do that. So, a few questions: If I set up a second router with a subnet "subservient" to my main router, presumably it has to get an IP address within the address space of the main network, but how can I limit access to that network to only my Internet interface? Would it make more sense for my secure network to be subservient to the main network, i.e. open up the main network and secure a secondary subnet off it? I also have a Secure Computing SG 300 Firewall/VPN appliance, could I configure that help keep the networks separate and my home network secure? It's got a lot of nice features, but I'm not sure it would help make my configuration more secure. This may be a very bad idea, so I'd also be happy to hear why that's so if it's true. Thanks for any advice. John Lightfoot --- --------------------------------------------------------------------- Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.
http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
--- ---------------------------------------------------------------------
------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------ ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- RE: Home wireless free hotspot Reginald Wheeler (Apr 16)
- Re: Home wireless free hotspot Adam Mooz (Apr 16)
- <Possible follow-ups>
- RE: Home wireless free hotspot Reginald Wheeler (Apr 16)
- Re: Home wireless free hotspot JayZee (Apr 16)
- Re: Home wireless free hotspot Reginald Wheeler (Apr 16)
- RE: Home wireless free hotspot Boyd, Chad (Apr 19)
- RE: Home wireless free hotspot David Gillett (Apr 20)
- Message not available
- RE: Home wireless free hotspot David Gillett (Apr 26)
- Re: Home wireless free hotspot JayZee (Apr 16)
- RE: Home wireless free hotspot Craig S. Wright (Apr 19)
- RE: Home wireless free hotspot Jay Kerby (Apr 19)