more on USG WiFi Nets "Wide Open"

[David Farber <dave () farber net>]

Begin forwarded message:

From: "Patrick W. Gilmore" <patrick () ianai net>
Date: May 20, 2005 11:47:05 AM EDT
To: dave () farber net
Cc: "Patrick W. Gilmore" <patrick () ianai net>
Subject: Re: [IP] USG WiFi Nets "Wide Open"


On May 20, 2005, at 11:15 AM, David Farber wrote:


> > Apparently nine of the 24 major agencies haven't got any
> > wireless-security plans, while many others haven’t got proper  
> > guidelines
> > in place.
> >
> > The report says that 13 agencies don't require their Wi-Fi  
> > networks to
> > be set up in a secure manner, and most don't monitor their wireless
> > activity.

Of course the agencies should have good security - as well as  
corporations, hospitals, and anywhere else that has wireless access  
to sensitive data.

But I am now worried the report will cause a TSA-like knee-jerk  
reaction to "do something", which not only will do nothing, but will  
harm productivity.  Many government agencies are so unproductive now,  
taking away tools which help them do their jobs scares me.

Especially since it is _TRIVIAL_ to set up wireless networks securely  
- just put them outside the firewall.  Instead, these agencies are  
probably going to their vendors screaming for something to secure the  
networks and getting MAC filtering or separate VLANs for  
unauthenticated users or "portal access" or the like.  All of which  
are far more expensive then the simple solution, and far less secure.

Your tax dollars at work. :)  Let's hope I'm wrong.

--
TTFN,
patrick

-------------------------------------
You are subscribed as lists-ip () insecure org
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/