Slashdot Mirror
Growth of Wi-Fi Opens New Path for Thieves
E. Harley writes "Wi-Fi connections are popping up all over the place from retails locations, schools, municipalities, and homes. Unintentionally or not, most of these wi-fi hot spots never change the system's default settings, hide the connection from others, or encrypt the data sent over it. This NY Times article [Free registration required] talks about the size and extent of the problem, and what has happened with law enforcement investigating criminals using these public connections. Also, the article updates us on an earlier Slashdot story about wardriving. That case is still pending."
When criminals operate online through a Wi-Fi network, law enforcement agents can track their activity to the numeric Internet Protocol address corresponding to that connection. But from there the trail may go cold, in the case of a public network, or lead to an innocent owner of a wireless home network.
After reading the article, it gives me the impression that you have a license to do just about any illegal internet activity so long as your WiFi router uses the default SSID, broadcasts its SSID and keeps the default passwords. If anything is traced back to you, you just blame the WiFi-Boogeyman for any illegal activities originating from your IP address.
I'm a big tall mofo.
Hm... maybe I should have downloaded that 35GB Simpsons torrent on a neighbors wireless internet. Ooops.
Schlep your lappy to a Starbucks, tap into the wifi, and fire up Driftnet (linux) or EtherPEG (mac). Watch what flies by... hours of entertainment.
Speak truth to power.
While I understand that Joe Six Pack wants plug and play functionality without configuring, it is really that hard to add in another layer? When the AP is running on factory settings, it can just cause all Web requests to route to the configuration page along with an easy to explain set up about passwords. AP passwords aren't hard as normal passwords since many APs are in a secure building so writing the password on the AP and locking it in the closet would work half decently.
While the user has to take some blame for technical ignorance, the AP makers also have to take some blame here since they have the tech people to implement better security.
--
Want a free iPod?
Or try a free Nintendo DS, GC, PS2, Xbox. (you only need 4 referrals)
Wired article as proof
http://www.nytimes.com/2005/03/19/technology/19wif i.html?ex=1268888400&en=51d90e7518bba5d6&ei=5090&p artner=rssuserland/
How do the police pinpoint the criminal when they bounce around these open Wi-Fi access points? Do they look at the MAC addresses?
""Wi-Fi connections are popping up all over the place from retails locations, schools, municipalities, and homes. Unintentionally or not, most of these wi-fi hot spots never change the system's default settings, hide the connection from others, or encrypt the data sent over it. This NY Times article [Free registration required] talks about the size and extent of the problem, and what has happened with law enforcement investigating criminals using these public connections."
But remember all this is OK, because we wouldn't want our freedoms to be restricted, right?
Now, I realize that I'm the exception, but how hard can it be to type 192.168.1.1 in a web browser? Of course, people should check the air pressure in their tires once a week, and clean the air filter on the furnace once in a while...
"Well, good luck finding a judge that doesn't run a bestiality site."
And this is why
Best Hacking Tools and Tutorials
Aside from the security issues.
Standards are still constantly being "improved" aka changing, and its stupid each vendor has their proprietary technology now.
802.11b, 802.11g, Airboost, Wireless G, Super Wireless G, Wireless GS Speedbooster, Wireless 125Mbps. Now its just getting stupid, and you pretty much have to buy routers and repeaters, Wireless Access points and all that crap from the same manufacturer and pray that theres interoperability.
Wireless seems all fine and dandy at first glance, oooh look no wires, oooh look it doesn't cost that much more than Cat5e systems. How cool!
Then you realize in reality its: "Oh crap, I need an access point with that stupid wireless router, oh I still can't get it to reach the bedroom have to toss in a repeater or two.
Oh wtf, even with high gain antennae I'm only at 60% signal strength..godammit why does this thing keep dropping its connection."
So after spending about two to five times what you initially intended, you decide: "Ah fuck this!" *Sticks a Cat5e into wireless router*
This is the same RIAA arguement from before in a diffrent context.
Some people like to share we should encorage that... The best possible solution is for the router to limit bandwidth to outside connections (length of use = more bandwidth? First 2 users connected get most bandwidth?)
Even windows doesn't have sharing on by default... Allowing users to sit behind your firewall isn't a huge deal, there are tonnes of users sharing their windows dir on Kazaa or whatever if someone wanted to be malicious they should.
There is some importance in making life better for other people, if you don't when you go on a camping trip people around you will be weighing how hungry bears are against the $ in your wallet.
The banks are not using secure authentication systems and WiFi users are getting blamed?
:]
Tell me.. When did it become my fault that someone can download tens of thousands of customer credit cards? Perhaps if these credit cards had been ditched long before the Internet we wouldn't be having that problem. Kerberos, challenge-response, PKI, and two-factor authentication devices have all been available for quite some time.
Someone tell the Secret Service to stop monitoring IRC connections and go after lazy banks instead, or something
Everybody is forgetting each and every ethernet adapter has a unique serial number/address, called the MAC address. It would be very easy to prove/disprove you were the one or not by that address.
Also more sophisticated tracking of the type of operating system, version, etc. can be determined by passive profiling of your network activity. This is called fingerprinting.
The combination of "Oh we've got a Win2K box with this MAC address doing the deed". Pretty hard to disprove or refute.
-- You are in a maze of little, twisty passages, all different... --
What's needed is a layer of hardware-based identification on all internet-capable computers, which would be tied to the user's fingerprint and all of the user's actions would be logged by a central database. That way, any actions are have not been approved by the government or any corporation, would be immediately logged and the subject could be immediately arrested and shipped off to Syria/Lebanon/Turkey for tort***... i mean interrogation.
After these latter measures are in place, we can all be perfectly secure in knowing that no porn, violence, homosexual acts, books about evolution, untampered news, or any worthwhile content is being viewed by anyone in the U.S.
P.S. Or we could just make encryption and wifi security easy to implement and show people how to use it.
P.P.S. Nah... the former solution seems a lot more comprehensive in terms of public oppression... I mean security.
"After reading the article, it gives me the impression that you have a license to do just about any illegal internet activity so long as your WiFi router uses the default SSID, broadcasts its SSID and keeps the default passwords. If anything is traced back to you, you just blame the WiFi-Boogeyman for any illegal activities originating from your IP address."
A /GWB/Republicans/Big Business/Little Business/Your grandmother/My grandmother/Parents/etc's fault for my actions.
Welcome to the irresponsabilty culture of "It's not my fault. Blame the other guy". Just like it's the MPAA/RIAA/Microsoft/Apple/Google/French/Indian/US
From my experience, there is simply no way around having interlopers on your network unless you tunnel an ipsec'ed connection over the air. Granted many ap's use default settings, but even those that do not can usually be sniffed for legitimate mac addresses and subverted. To see if your ap is susceptible, you can test it against this month's article in 2600.
When I run
I will sometimes see an unsecured network with the ESSID of NETGEAR, just as though someone took their unit out of the box. (I just did a check and NETGEAR was still there!)My feeling about someone using an unsecured private Wi-Fi network is like walking into another's dwelling without permission whose doors are unlocked: it's still a crime, but the victim may be partly found liable for any civil action he may bring.
Gleepy the Hen. More intelligent than the average hen.
I suspect there isn't any good reason at all, but is it just because these companies have a really low opinion of consumers or that they want to make wireless seem really easy or what? It seems like it wouldn't be too much harder to enable strong security at all. For example, it seems like the WiFi guys could include some utility so once you put in your password and have the network configured as securly as it will get, you could pop a disk in which would get all the config info saved to it. Take the disk to a new computer which will then be automatically configured to use the WiFi.
exceptio probat regulam in casibus non exceptis
This problem could be reduced dramatically if WAPs shipped from the factory with complex random passwords WEP enabled and complex random WEP keys.
As an example on a new HPaq server the iLO remore management interface has complex random password, printed on a label on the device.
Imagine if Linksys, etc. did the same thing with WAPs, where no 2 WAPs with the same WEP key or password.
Sure some users would just disable the protection but I'm betting if you made it halfway convienient that most won't. Make it more work to be insecure and the security will win most of the time. You might even be able to reduce this further by having the admin interface give you lots of warnings and make you jump through hopps to disable the security funcions.
Of course secrity could be improved upon even further if the default security was better than WEP but I think that's too high a barrier for the average user to tolerate. WEP may suck but it's considerably better than wide open.
networks I can see
That "SMC" network covers the entire building due to multiple people using SMC routers with the default.
I rarely criticize things I don't care about.
Keep it open, limit the bandwidth for each uncommon connection; keep freedom.
If you let FCC give more regulation then everything will be difficult to use and everyone would pay a monthly charge just to use a device. Consider Amateur radio -- FCC puts heavy code burdens, and I just heard yesterday on local (non-linear) CB Radio from my neighbors that all the radio communication shops are getting out of the business becaue everyone would rather pay for service and take a number from that beastly FCC. Imagine that...FCC doesn't make anything easy to use; they just make the freedom much more difficult to attain. Tax tax tax. Now, more people would rather accept the number of the beast, such as a phone or pager number, than to give freedom a chance and just buy a tranceiver.
Keep your WiFi gateways open; it is the freedom-like thing to do. If any problem arises to software by an anonymous user, then you deserved the problem to begin with for having poorly design software. Slashdot's moderation system is a testament to how well Anonymous users can be silenced. Amen to that FIX!
Well than, since 90% of Slashdot users do not pirate intellectual property, I can only assume that you already own a legally purchased copy of the Simpson's episode in question, and thus this would be "fair use". Right?
"Who are in control, they are not in control of anything - they don't even control themselves!" - Glen Beck
Part of the problem is that the manufacturers don't disable anything by default...instead, you can literally plug a wireless router in and it'll instantly work assuming your internet connection uses DHCP to get its IP address.
Perhaps the easiest way to solve this problem is to disable the wireless part of the router until you run the setup program (or even better, make it launch the browser so it will work on any OS) and make you go through the steps of enabling encryption and everything.
I have WPA enabled on my wireless router (a Linksys WRT54G with the latest firmware) and MAC filtering. I broadcast my SSID ("Break this"), but that is more for ease of use then anything.
I then enabled SSL for the admin pages, so I must type https://192.168.1.1/ (the actual IP is different) to reach the router's admin page. I figure between SSL and WPA, it will be pretty hard for someone to break into my router's admin page.
The key is, with WPA and MAC filtering that will keep out all but the most determined out. If they ever got past that and onto my wireless network, I have logs so I could manually block them.
i'll play devil's advocate, for a minute:
the airwaves are supposed to be public.
therefore, if there's a "thief," the thief would be the group that cordones the public airwaves off and claims them as their own private property.
"Forgive us our trespasses, as we forgive those who trespass against us." -Jesus Christ The Lord's Prayer
We have a Python script on our laptops that send netstat, ipconfig, route info via email when they boot. When a laptop is stolen and the thief is dumb enough to use it online, we can subponea the ISP and walk to their door. But the last one that was stolen was in an apartment building that had 5 or 6 open WAPS. We knew that the laptop was in one of the apartments, but the cops could not get a search warrant for all the apartments within 150' radius of the open WAP that the stolen laptop was on... long story short, they got away with it.
http://www.nytimes.com/2005/03/19/technology/19wif i.html?ex=1268888400&en=51d90e7518bba5d6&ei=5090&p artner=rssuserland
Video Production Support
Notice that the NY Times NEVER questions whether there could be an ulterior motive to associating wifi with theft, child porn, and terrorism. This TImes articles is a propaganda piece aimed to associating wifi with Bad Things. This propaganda piece is likely bought and paid for by the telcos and cable lobbies who are using propaganda like this to shut dowm possible competition.
eat shiat and bark at the moon
Notice that this article goes out of its way to associate the following practices with wifi:
--theft
--child porn
--terrorism
And the article here never even questions whether associating these practices with wifi could be a subterfuge by the telcos and cable companies to demonizes wifi so as to be able to outlaw municipal wifi through legislation, which is what they are afraid of, as that will cause them to cut their broadband prices.
This whole article is a propaganda piece, bought and paid for by the vested interests, such as telcos and cable companies.
What a sham is the NY Times. Just another cog in the CorpGovMedia propaganda machine...
eat shiat and bark at the moon
In the open wireless router case, all your router is doing is routing. Same as the ISP's router, above you. In fact, everything YOU route, THEY route first. So, in order for YOU to be liable for what the open router routes, the ISP would also have to be liable.
Therefore, Lucky for you, their lawyers would incidentally defended you, by analogy, as they defend the ISP. And (to the best of my knowledge) the ISP's have been pretty good at defending themselves, in terms of what they route.
"Forgive us our trespasses, as we forgive those who trespass against us." -Jesus Christ The Lord's Prayer
This problem could be reduced dramatically if WAPs shipped from the factory with complex random passwords WEP enabled and complex random WEP keys.
The incentive for the manufacturers is for wireless access points to NOT be secure out-of-the-box.
If it's not secure, it's plug-and-play. Plug it in, it's up. If it's more secure, it makes instalation (to the point of getting traffic through it) more difficult.
Insecurity doesn't affect the user until they get burned - mainly by lower performance as their bandwidth gets leached (assuming their important applications, like banking, already use end-to-end encryption). Leaching might not even be noticed. If it is, they can diagnose it and tighten things up.
Security impacts ease-of-use, and thus sales.
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
Notice that this NY Times article quotes "anonymous" government sources in their attempt to associate wifi with terrorism. This is the typical attempt to use terrorism to demonize a competitor. THe telcos and cable companies lobbies almost certainly paid off someone at the NY Times to get them to write this article. Now they will use this article when thieir lobbyists meet with state governments trying to get them to pass laws that make municipal wifi illegal. This is just the first step in manufacturing consent for shutting down cheap competition. This is American "free market" capitalism in action. Really, it is corporate socialism--socialism for the big corporations and their billionaires; free market cpapitalism for all of us peons. Or, rather, feudalism for us, as we are essentially being sold as consumers to the telcos and cable companies.
eat shiat and bark at the moon
Anonymity Sucks.
Regarding the argument that it is theft of services:
If I am in a public park, and there is a bathroom there, or a water fountain, I can drink from the fountain and use the bathroom, even if they don't say "public bathroom" or "public fountain" on them. I can assume that because they are not locked, I am allowed to enter and use them.
Regarding the argument that it is trespassing:
I can walk all over your property unless you post NO TREPASSING signs, or tell me that I am not allowed on your property. Trespassing on property is only traspassing if I know that you don't want me there. You must post a sign saying so.
In both cases, it is trivial for the person who set up their wifi to "lock the door" and "post no trespassing signs". Therefore it should be treated no differently than these other cases which have set precedent.
But what happens when someone uses your open network to steal credit card details, or hacks into NSAs systems or something?
But what happens if someone stabs you with a screw-driver?
Even with logs and all, it will take some time before police will give back your equipment...
Unreasonable searches and seizures. A ex-friend of mine once workd for the Highway Patrol cleaning the cares stol^H^H^H^Hseized. As kickbacks, he got to take anything he found that was deemed illegal. Ask for the police-y en-FORCE-ment officers Oath of office or not proceed; chances are they are dba COPS and not a legitimate police officer.
With your logic, if a farmer's crop of corn gets cross-polinated with patented corn, they'll seize his entire farm and not get into solving the dispute until he's poor and forfeits the deed -- Oh wait, FDA and DOA already does this through their favorite alphabet gang.
Notice how this NY Times articles is careful to associate each of this poisonous trio of ID Theft-ChildPorn-Terrorism with...WiFi.
And what a coincidence that just as this article is being published, that all over America, state governments are trying to decide whether to outlaw municipal wifi. Of course, this drive to outlaw municipal wifi is in NO WAY connected to this article that tends to associate wifi with THEFT, CHILD PORN, and TERRORISM. And in no way would the telco and cable TV lobbies that stand to lose BILLIONS (if municipal wifi takes off) try to get the NY Times to help make wifi look bad.
No way the media would do that! They have integrity. They would never sell out to the telco-cableTV lobby like that.
Would they?
eat shiat and bark at the moon
You've been watching X-files re-runs too much. The truth is out there, Mulder!
forgot to mention that in Win2k and XP (not sure anything older does it) these shares are enabled at boot. You can disable them, but they reenable on boot (infact windows tells you this when you disable them).
For large sets, this will be our guide even unto death, for the LORD will work for each type of data it is applied to...
It is disgusting to see someone writing FUD and bullshit like this while others are volunteering their time, efforts, and money to help build free community WiFi networks.
Instead of cultivating even more paranoia in our country what we really need is more trust, pioneers, and heroes who help build free WiFi networks.
I am running an open access point for everyone to use and I am happy to find the same whenever I am on the road.
Lets all be reasonable and not spread FUD but support the urgently needed free WiFi access.
What the hell does the FCC have to do with any of this? The FCC lets anyone do anything they want in the wifi bands.
FCC dictates the abilities of the hardware; look at the power adapter and the console's tags; FCC got root.
There's no tax, there aren't even rules like in CB. I could set up a radio station on the wifi bands and broadcast 24/7. I wouldn't, as no one has a radio that can tune it in, but I could.
The tax is payed at manufacture; and the cost is rolled onto whomever buying it. It's called VAR.
There are rules in CB; they have no money to en-FORCE them upon anyone, and there isn't enough money to be collected on enforcement. Face it, everything you try to accomplish with radio-wave propogation will be hit any way by the FCC at the source: component, trademark, antenna tower height, whatever. The license agreement is a nexus, and you can never leave the license without being slandered as being "license revoked" or "license surrendered" aka surrender of right.
It's law enforcement that's complaining here, and the FCC does not investigate crimes.
A friend of mine is a HAM. And let me say to you, I think most HAM radio operators are wicked people. He says whenever someone doesn't follow strict operation, even the most absurd cruft burdened upon someone's speech, they triangulate the offender and report him to the FCC; and a many times if none can get to the station, they'll attach a chain to the base-station antenna to the back of a truck and put the car in full gear forward and not look back. Whatever is still attached is considered their property.
Although fun to watch images fly by with Driftnet, I have found it far more entertaining following chat messages and snarfing pop passwords with Ethereal. There are a suprising amount of booty calls (booty chat?) during exams. Must be the stress.
Most people, spoiled by plug and play, expect to plug it in and be just fine. From my wardriving experiences, still around 70% of APs are unsecure, and that's helped by buisnesses which have a very high secure rate (only about 5 to 10% I come across are open). About 90% of residential APs are open. It's really not that hard to secure an AP. WEP + Mac filtering ... bonus points for secure VPN.
Even though it's very weak, even just having WEP is enough for your average person... why would a 1337 h4x0r bother to take the type to break your WEP when the next idiot down the road doesn't even have that?
And please, do the world a favor... put in something for the SSID other than default, linksys, or leaving the SSID blank. Having a blank SSID is a very false sense of security... all it does is make it harder for legit users to connect, contribute to confusion (two people close together without SSIDs), and is really very easy to notice.
The Peanut Gallery, Ubergeek, Biblically Sober
NCAAbbs.com: Thousands of fans, Hundreds of teams, Just one place
recent data thefts from ChoicePoint
Nothing was stolen from ChoicePoint. They sold data to person or persons they should not have. There was no 'break in' as has been reported elsewhere. The only 'hacking' involved was social.
As a consultant, I regularly deal with this issue. Customer says: "Why dont we go wireless? Wouldnt it be easier" I says: "Do you know that there are actually people who drive around looking for wireless connections to hack into and steal data?" Call me a bit paranoid, but I actually met a couple of hard-line coders/hackers who did this, trolling for useful data. While there are security features to lock down the WiFi by MAC address and you can further challenge access with passwords, for a business with valuable data (these are accountants, lawyers, financial professionals), going wireless when your computers are in a fixed position on your desk just seems to me like a whole lot of work so you dont have to run a cable. While I hate pulling cable, I'd hate to have them try to sue me for leaving their data unsecured!
Consultant Computerology Consulting http://www.computerologyconsulting.com
The police just aren't all that interested in most illicit computer activites. Unless you're actually posting death threats or selling drugs online, the greatest thing you have to worry about is the *AA. And they don't (yet) have the power to break your door down and seize your computer.
I run an open access point, I password protected the config interface and check occasionally to see if anyone is using it - but really I don't care. I always have enough bandwidth when I need it, so why not share? If anyone uses it for something illegal I know I can't be held liable and I don't have any logs of what goes on with it, maybe someday I'll get hassled by the cops or the MPAA, but I'll deal with that if it ever comes.
I am operating a free access point and have never had any problems with "thieves" or "hackers". I wonder who paid for such a misleading article. What we really need is more decentralization to become less depended of fragile internet backbones. Free wireless community and mesh networks are crucial steps in the right direction.
If you left something valuable out in your front yard, you'd be less surpised to find it missing than if you locked it up in your house. Wireless LANs, in their current incarnation, are little better than leaving your private data out in your front yard for anybody to snag. Entering theives leave no signs of forced entry and our current system of laws can't do much to help unless the theft arises to the correct level of money.
Security technology only helps a little if the law isn't on your side (ask any identity theft victim about trying to become "whole" again) and the law can't help if there's no forensic evidence with which the perpetrator can be found. Until both Wireless LAN security technology and the law catch up to that of a locked house, a few CAT5 cables look very attractive!
> Insecurity doesn't affect the user until they get burned - mainly by lower performance as their bandwidth gets leached
I share my network on purpose with several neighbors, including a heavy user who downloads like crazy. I don't get 'burned' by lower performance.
OTOH, the overhead of WEP 'burns me' pretty regularly. And really, what is the point of having WEP on to encrypt my ssl and ssh traffic?
Open by default...it's a good idea.
I have this turned on as well, using Linksys's WRT54G with the HyperWRT firmware upgrade (for the extra power output). There's a security option to allow for https, as well as deny normal http access to the router.
HyperWRT is just a derivative of the latest Linksys firmware, so the feature should be available. If not, nothin' an easy reflash won't solve.
Are you really unaware of how easy it is to change your MAC address?
Before I went to Tokyo last year, I bought a 32-bit wireless cardbus adapter, model AWLC4030, made or distributed by AirLink 101. It seems to use Aetheros or drivers related. The card is a "Total 802.11 Super G (TM) Atheros 108 Mbps" card. Mandrake 10 under various kernels did not have drivers, nor did I find any, though Mandrake knows the card exists. I tried a few sites and gave up.
From a fairly small computer store in Shinjuku, I bought a Road Lanner Wave GW-NS11H 802.11b 11Mbps wireless card. The hostel at which I state offered free access via the owner's internet connection, I think Bufffalo, but I couldn't get an IP, so I resorted to Cat-5 wire connection. Whenever the lounge got to smokey, I went to the Starbux in Roppongi (not Roppongi Hills, but a little farther north and east by foot, only 6 more minutes walking), next door to McDonalds, across from Don Quixote (no, this one didn't burn, unlike one in Urawa or Saitama and other places...) and Freshness Burger.
It appears that Starbux there indeed offers wireless access, as the floor (second is more spacious) can be seen to have some 10 or more laptop users at once, spread out. I appeared to be the only one using or boasting Linux (my oval LNX sticker is readily visible on the back of the LCD/lid).
My connection was sporadic, maybe due to weak signals or too much user saturation, but when it worked, it worked. They even let you plug into the AC, unlike the Sbux in Azabu-juban, which jams anti-use plugs into the sockets.
I am not a terribly huge fan of Sbux, but in self-contradiction, i have frequented several in Oregon and California. However, I must say that the team in Roppongi seems to be A-J on the ball. They make coffee as if it were a science. Temperature guages, level checkers, kitchen timer... the works. I can't say I recall any states-side Sbux being this quality-oriented. I know there are the snivelly little "I must have my Starbucks double-latte, with a pinch of cinnamon and a tad of vanillah" types out there, but the coffee is just coffee, particularly if your shop is rampantly inconsistent in quality.
BUt, the Roppongi location where I mentioned (there is are many, many Starbux in and around Tokyo, Roppongi, Shibuya, Shinjuku, Daimon, Yokohama, and more, and I've only drank from a few, (of course, only to pay for my electricity use a seat-occupation/displacement), but I preferred the Roppongi location. Plus, the staff are fun, funny, and cool people.
There was one little expat twit who insisted on rushing upstairs, plugging in and taking 10-20 minutes before ordering a coffee or food item. Maybe he was honest and intended to buy something, but the unspoken rule which even I feel no matter WHERE I get coffee is, "They gotta pay for electricity somehow, so BUY something more than $3.00 worth". At least twice in my sittings, this guy had to be asked politely to please buy something before coming upstairs. He got pissed off and tryed to tritefully shoo them away... "I'm busy; leave me aloe, I'll come own in a few minutes... you always bug me about this... I just want to come in, check my e-mail, and settle down first..."
He finally went downstairs, but was making a big-ass scene, denigrating the staff in his snivelly english (I couldn't tell if he came from the US, UK, Australia, or Canada, or where, even tho I spent a month among those and other accents), but the guy needed his ass whipped for bad attitude, lack of consideration, and more. He acted as if they should put up a sign, in ENGLISH, and talk to him in ENGLISH, and leave him alone when he tells them to.
I told the staff, "In the US, EVERY business that has these kind of "customers" has a large sign in the door or on the wall which says, "WE RESERVE THE RIGHT TO REFUSE SERVICE TO ANYONE"; you should tell your manager to make one and post it... But, I understand: we're in Japan, and confrontation with others is to be avoided, especially public rows."
Twit, everybody else followed the convention, but he thought he was
Previously: "Linux... Toward the Sunrise..." Now: "Linux... Toward the-- No, now, part of Every Sunrise"
I consider leaving on open AP free for any laptop owner to use part of my "Christian duty". It costs me nothing, and it might help my neighbor. (not the guy who lives next door, he should have his own access, the Samaritan visiting from far away who stops is car for a moment to check email!)
I depending on you in turn not abusing this service. I set it up to help you out for little things. (I do of course keep my machine secure)
To take the other side...
What's with open, public roads that anyone is allowed to use? My friends were tied up and robbed the other day, and the thieves used public roads to do it!
We really need to crack down on usage of public roads.
Seriously, as if getting on the internet anonymously was EVER hard.. sure, wifi makes it a bit easier, but it's far, far from a new thing.
It seems wholly possible, even likely, that open WiFis pose opportunities for people to commit crimes while making it harder for law enforcement to stop them. Is this worth the benefit of free, widely available Internet access? Are there technical or legal steps we can take to tighten the holes these networks open to maximize their potential? These are real questions that deserve thoughtful consideration, rather than just screaming "FUD!".
Lets all be reasonable and not spread FUD but support the urgently needed free WiFi access. Yes, let's be reasonable. Cheap AIDS medication in the third world is "urgently needed". Cheap Internet access in the US is not "urgently needed".
Provide a path of least resistance.
I recently did a quick scan in my neighborhood. My AP was the only secure one that I found within the area of my house. I only searched around my immediate property. (What... I had go outside to do this, and we all know the sun is evil.) In this time I found 2-3 different unsecured networks.
Basically, if I was a regular wardriver, I would use the open networks, and not waste my time trying to get into the one secure one.
If you get the chance, check around you, chances are someone has an open AP. Even the simplest security settings on your own AP would probably be enough to keep 99.9% of the people off your network.
Amen!
Could someone put this in simpler terms for me? I imagine many people are in this same situation. I have an access point with 128-bit WEP security on a windows box. Is this actually secure? Am I kidding myself? Personally, I only plug in the access when I'm using it, then I unplug it out of paranoia. I hear this and that about WEP being insecure...what's the truth?
Posted by yintercept - "...science...[is] the study of the 'divine creation.' "
EtherWatch (http://www.etherwatch.com/) is Windows software that can do the same stuff. It's comercial software, but there's a free crippleware version that just shows images and google search terms, the pay version ($29 personal, $129 corporate) some other stuff (create html logs, show IPs, etc...).
Please try to keep posts on topic.
Oh, well. It said try
I'm starting to use LocustWorld meshbox distroand having a bitch of a time finding a good PCI card that is
a: Prism54 compatible
and/or
b: avaliable as a commodity card.
Best I found so far is a SMC 2802 W-CA which is better than this poo poo and this poo poo and a host of others. (I know they are USB it's just what I had kicking around)
One of the big problems with these adapters is the manufacturer screwing around with the revs of the card and undoing all of the work that has been done in open source to support their product for free.
I hate the goofy PC-Card to PCI adapter thingys although I aknowledge they usually work best. I'd like to keep the cost of a card under $100
Can anyone tell me a decent 802.11g PCI card that works good maybe with HostAP that I can get at Best Buy?
My SMC does work, but chokes with when under load. I can't transfer more than 10 meg of data before it dies.
On topic, sorta. You wouldn't be reading this if you weren't into wireless. Put me on your foes list, I dont care. This is pissing me off.
This doesn't address security, but if the manufacturers used the MAC (which is supposed to be globally unique, and typically printed on a sticker on the router) as the SSID, then a user would have some assurance that his client was talking to the right access point. Prefix the MAC with the manufacturer and model name to make the SSID a little more user-friendly. (What's the limit for the number of characters in the SSID?)
Lots of info about 3rd party firmware based on the original Linksys Linux code can be found at Linksysinfo.org. (I'm using the Sveasoft Satori release and am planning on upgrading shortly to get more port forward entries.)