Slashdot Mirror
Free Wireless Networks at Airports
WallytheWalrus writes "Today's Minneapolis Star-Tribune is carrying an article about the installation of a wireless network throughout Minneapolis-St. Paul International Airport, the first of five such airports across the nation to get a uniform wireless network system. The system, which cost only $250,000 to install, will be free to business travellers passing through the airport (who have the correct hardware), and available through a number of kiosks throughout the airport. One can only hope this is the first step towards bigger and bolder public wireless network projects."
ummmm... who cares? This is a public, untrusted network. So what if someone's snooping? Use IPSec if you don't want to be snooped.
sulli
RTFJ.
This throws back to that other story about how airports are using unsecured wireless networks to check baggage at the sidewalk.
Who wants to bet they're not going to have the security they need to protect themselves because they go with the lowest contract bid?
Scenario:
Felon A puts semtex in a bag, and checks it at the curb, but never gets on the plane. Felon B is inside the airport and reassigns that bag to a passenger who DID get on the plane. Since the passengers and bags now match they won't do a cargo search for the unclaimed baggage.
Boom.
The system, which cost only $250,000 to install
At $250,000, sounds like it's far from free to me!
I'm not afraid of falling, it's the sudden stop at the end that frightens me.
On the other hand, the whole thing might be useful for catching terrorists who felt the need to shoot out a last minute email -- provided that traffic is monitored closely.
GreyPoopon
--
Why is it I can write insightful comments but can't come up with a clever signature?
Well, what about it? How different is wireless from an airport different from that shared ethernet in the airport hotel? Or having folks check in from those ubiquitious web terminals in airports that half of the time have cache's full of info?
Yes, it is possible that sitting there in the terminal your stream will get intercepted. So understand/teach others that these aren't secure, that pluggin in in *any* public pace isn't gonna be secure and certainly not at a client's office etc. Use a tunnel back to the home/corporate proxy server or don't go near any important content and *don't* use any passwords.
But don't go getting all upset of wireless and airports, it's not really different from all of the others.
I don't read ACs: If a post isn't worth so much as a nom de plume to its author then I wont bother either.
Your completely missing the point. Security is something that everyone should be aware of and trying to use as much as possible. If they were to wait a year until a better encryption was properly implemented into everyday wireless networking then they could insure a much more secure access point.
Just becuase you know its a public untrusted network doesn't joe nobody does. They feel safe beacuse it's regulated by the airport therefore they will do things on the network you probably shouldn't do in an untrusted network. Just like people who do insecure wireless netoworking in there home and then bitch when all their information and credit card numbers are compromised.
If you are runnning an open network or anything open to multiple users (even a shell server) you should try to protect the security of your users as much as possible, you shouldn't forget about it just because you know you wont do anything stupid on it.
Second, there are security concerns and as you pointed out, these are two fold. We don't want people snooping the airlines system. On the other hand if we're using the system to say, pre-pay for a rental car at the destination, we don't want people snooping credit card numbers either. There has been a lot of talk in the past about insecure 802.11 networks. It was my impression that these networks were configured incorrectly, and that it is possible (with later high bit key tech) to have a secure network. If the airports were to offer a good secure network, I think it would be of great benefit to flyers.
And then there are all the fun apps like being able to monitor arrivals and departures from your palm. As well as gate changes and whatnot. These can be as insecure as you like because it's really just another way of disseminating public information.
In all I think it'll be a good thing, with problems at first, but will become the norm in time. As far as The Man snooping the network, I think you'll get that no matter where you go. Don't not use a great public utility for that reason alone.
Being a resident of the Twin Cities, and an occasional traveler, I find it somewhat amazing that they're offering wireless at all. Not much to say about that.. it could be nice.
However, it's going to be somewhat worthless to offer your travelers wireless without also giving them a place to plug in your laptop. Yes, I know laptops have batteries and don't have to be plugged in to be used. However, if you're like me, you hoard your battery's power for the actual flight instead of using it in the terminal. It *IS* possible to plug in at the terminal, but outlets are far and few in between, and you have to work around the rechargeable golf carts (or whatever they call those things) and other laptop users.
Lastly, with all the other concerns they have at airports these days, I am doubly amazed that they have the time to think about this. Not that I mind, it just makes me wonder.
Please mod this post only if you think others should/n't read this. I have enough ego^H^H^Hkarma. Thanks!
You could be thwarted two ways:
1. The airport could lower the bandwidth available to individual users or at least monitor severe spikes in bandwidth use caused by one user. Once they see you doing it, it isn't tough to shut you off.
2. Denial of Service attacks from a single user are history. All reasonable targets have protections against single users. The real damage is done by Distributed Denial of Service attacks where a large number of nodes flood a target.
Granted, your point was how to catch abusers of the system and not that your attack would necessarily work. This problem plagues all wireless networks. While it may be difficult to track you down to an exact location, you are still in a post 9/11/01 airport. They are on the lookout for strange behavior.
I don't envy the first 'terrorist' caught packet flooding his least favorite web server.
OddManIn: A Game of guns and game theory.
Can't these be abused by mass UCE mailers?
try { do() || do_not(); } catch (JediException err) { yoda(err); }
Just imagine. A free, open wireless network in which you can churn out spam by the crate.
You're right. I am sick and tired of people screaming bloody murder anytime 802.11b is mentioned and how insecure it will be (and then they get modded up as insighfull?!?!?)
/.ers, don't just continue on the same old rag about how it is not secure.
802.11b can be made pretty secure, and it's not even that hard. Yes, wireless will never be secure as other methods, but it's not a big gaping whole either (or at least it doesn't have to be).
So unless you know what you are talking about,
Moon Macrosystems. Sun's biggest competitor.
Well, they set up a captive portal (NoCat.net) and tell every one that this is not a secure network and they shouldn't do anything stupid. Done.
Tom
Yes, funny. But who the hell says that they have to open up the fscking netbios ports? Or anything other than port 80???? And even better, if they block incoming everything (boo hoo can't run servers in the airport) and block the internal subnet from talking to anyone else on the internal subnet then NOTHING you cite could possibly be a problem. That's like 5 minutes setup with any proper firewall software.
But I guess they're all too stupid to have thought of anything as simple as that...
(Frighteningly though, you may be right)
Contrary to popular belief, coding is not all free blow-jobs and beer. Those things cost MONEY!
The only argument is that he is more anonymous at the airport but I think he has less of a chance getting caught/in trouble from home. Have you ever tried to go after a person who port scanned you? You can spam abuse@hisisp all you want, they don't do crap. I know because I manage a lab at a college and I've tried to get peoples accounts pulled for trying to break into my systems. If you want the law involved its even worse because you need to prove >$5000 of damage was caused and all that crap.
With the paranoia around airports now a days I don't even want to bring my laptop with me. The less crap I have on me the less I have to worrry about.
Or I could just be blowing steam out of my ass... oh well.