Interesting People mailing list archives

more on Unsecured Wi-Fi would be outlawed by N.Y. county

From: David Farber <dave () farber net>
Date: Sun, 6 Nov 2005 19:31:44 -0500



Begin forwarded message:

From: Marc <marcaniballi () hotmail com>
Date: November 6, 2005 6:04:01 PM EST
To: dave () farber net

Subject: RE: [IP] more on Unsecured Wi-Fi would be outlawed by N.Y.county


Hi Dave

Over here in France Dave, when we aren't watching the riots on CNN and

laughing, most of the ISPs here provide WiFi routers with theirservice -

the security features are already implemented and you can't change them

(without some skill at hacking). Essentially, if you want to connectto theAP with a wifi card, you need to go to the "main" (trusted) machinein your

network and get a key for the new machine. I have noticed something
interesting though. Everyone I know runs some sort of AV/AS/Aad/Firewall
suite on their machines. No one buys actual dedicated security hardware

(aside from the larger businesses). So the question begs - what's thebig

deal about security at the router/AP?

I have a theory - this is a backhanded way at ensuring that densely

populated areas (like cities) don't spontaneously turn into freelarge areawireless networks, simply because everyone leaves their AP in OPENmode and

doesn't really care if others are piggy-backing on their connection from
time to time.

It works in my neighborhood - where we "opened" our APs to share ourwifi

radii among our little community.

Marc

-----Original Message-----
From: David Farber [mailto:dave () farber net]
Sent: Sunday, November 06, 2005 12:12 PM
To: ip () v2 listbox com
Subject: [IP] more on Unsecured Wi-Fi would be outlawed by N.Y. county

Begin forwarded message:

From: Dewayne Hendricks <dewayne () warpspeed com>
Date: November 5, 2005 8:21:13 PM EST
To: Dewayne-Net Technology List <dewayne-net () warpspeed com>
Subject: [Dewayne-Net] re: Unsecured Wi-Fi would be outlawed by N.Y.
county
Reply-To: dewayne () warpspeed com

[Note:  This comment comes from reader Thomas Leavitt.  DLH]

From: Thomas Leavitt <thomas () thomasleavitt org>
Date: November 5, 2005 4:48:56 PM PST
To: dewayne () warpspeed com
Subject: Re: [Dewayne-Net] Unsecured Wi-Fi would be outlawed by
N.Y. county

Gah. Next, they'll make it illegal to leave your door unlocked.

We need a Constitutional amendment along the lines of "Congress shall
make no law regarding technology without having a clue."

Or perhaps a law requiring that an appropriate private sector
standards
body should vet all laws related to the Internet prior to
introduction...

With regards to this particular example of stupidity: people should be
free to implement the security measures they feel are appropriate - a
firewall may or may not be necessary (although I certainly would
rather
be running one).

Tort liability for negligent administration of confidential personal
information is the proper means of addressing the problem.

Mandating that people install a "network gateway server" equipped
with a
"firewall" is stupid, on many levels - technically, the presence of a
"firewall" means little or nothing, passage of such a law will
encourage
the that folks have taken care of potential security problems by
installing one. A firewall is useless if it isn't configured properly,
and often requires holes be punched in it for the network to be
useable
(which defeats much of the original purpose of installing one).

Furthermore, there are security models that don't put a "network
gateway
server" and a "firewall" on the same box... are companies that have
implemented such going to have to throw away thousands of dollars
worth
of equipment because it is in technical non-compliance? What about
folks
who run firewalls on individual servers without a centralized
firewall?
Or who run ZoneAlarm on their PCs? Does a Windows box running Windows
Firewall and offering Internet Connection Sharing qualify? How do you
define "firewall" anyway? Is a NAT box a "firewall"?

Further, it doesn't serve the end it is intended to: the vast majority
of security breaches and privacy protection violations occur *behind*
the firewall (or where a firewall might be).

And the idea that people would have to put up signs saying,
essentially:
"we've put a security precaution in place, but it may very well be
utterly pointless, so please be careful" is hilarious... although the
idea of having to "register" Internet connections with the
government is
NOT funny at all.

Regards,
Thomas Leavitt


Weblog at: <http://weblog.warpspeed.com>


-------------------------------------
You are subscribed as marcaniballi () hotmail com
To manage your subscription, go to
  http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/


-------------------------------------
You are subscribed as lists-ip () insecure org
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/

Current thread:

more on Unsecured Wi-Fi would be outlawed by N.Y. county David Farber (Nov 06)
- <Possible follow-ups>
- more on Unsecured Wi-Fi would be outlawed by N.Y. county David Farber (Nov 06)