Re: 23,000 IP addresses

[Steven Bellovin <smb () cs columbia edu>]

On May 10, 2011, at 9:53 16PM, Michael Painter wrote:

> Deepak Jain wrote:
> > For examples, see the RIAA's attempts and more recently the criminal investigations of child porn downloads from 
> > unsecured access
> > points. From what I understand (or wildly guess) is that ISPs with remote diagnostic capabilities are being asked if 
> > their
> > provided access point is secure or unsecure BEFORE they serve their warrants to avoid further embarrassments. [It'll 
> > probably
> > take another 6 months and more goofs before they realize that customers are perfectly capable of poorly installing 
> > their own
> > access points behind ISP provided gear].
>
> Exactly...what about those who choose WEP/WPA-TKIP for their 'secured' access point?
> I can just imagine being in front of a judge/jury after having been arrested for, as you say, "child porn downloads " 
> and listening to my law^H^H^H public defender explain the mechanisms of how the access point was 'cracked' and may 
> have been used by someone sitting in their car down the street.<shudder> 
It's happened -- here are two cases I know of:
http://news.cnet.com/Wi-Fi-arrest-highlights-security-dangers/2100-1039_3-5112000.html
http://news.nationalpost.com/2010/05/27/ontario-man-accused-of-downloading-child-porn-because-of-free-wifi-connection/


                --Steve Bellovin, https://www.cs.columbia.edu/~smb