Slashdot Mirror

← Back to Stories (view on slashdot.org)

N.Y. County Mandates Wireless Security

Posted by ryuzaki0 on from the also-coffee-is-hot dept.

Mynister writes "CNN has an article about Westchester County NY forcing small business to use basic security on their wireless networks. From the article "The law also requires that businesses offering Internet access -- coffeehouses and hotels, for example -- post signs warning that users should have firewalls or other security measures.""

13 of 213 comments (clear)

  1. But information wants to be free! by needacoolnickname · · Score: 5, Funny

    Espescially client credit card info, home phone numberes, social security numbers, purchase history...

  2. Not really security by flooey · · Score: 5, Insightful

    From the article:

    The law requires each business to install a firewall or change the default SSID, the name that identifies a wireless network, if the personal information stored has not already been encrypted.

    Umm...changing the SSID does nothing, in terms of security. If that's all that's required to satisfy this new law, I'm amazed.

    1. Re:Not really security by Peyna · · Score: 4, Interesting

      "Minimum security measures" shall include, but not be limited to: (a) installing a network firewall; (b) changing the system's default SSID (network name); or (c) disabling SSID broadcasting.

      Any commercial business that stores, utilizes or otherwise maintains personal information electronically shall be required to take minimum security measures as defined herein to secure and prevent unauthorized access to all such information.

      So it does look like just changing the SSID would be enough to fulfill the requirements of the law; however, the real purpose of the law was just to bring wireless security to the attention of these businesses. If it inspires a few of them to take a minute to evaluate their wireless security and then do something about it, chances are they will do more than just change the SSID. The fines available aren't severe enough to compel anyone into compliance.

      --
      What?
    2. Re:Not really security by Abcd1234 · · Score: 4, Insightful

      So why pass a law in the first place?? Just start a public information campaign. Send fliers, broadcast commercials, that sort of thing. Laws should be our *last* resort when trying to deal with any sort of issue, and that includes technical ones.

  3. In other news... by HotNeedleOfInquiry · · Score: 4, Funny

    Westchester County has outlawed all glass and china dishware, knives and pencils longer than 2 inches and water over the temperature of 120 degrees F.

    --
    "Eve of Destruction", it's not just for old hippies anymore...
  4. Re:Hmmm by TubeSteak · · Score: 4, Informative

    Actually, it is super-enforceable.

    They can do it on the cheap with a few fulltime inspectors walking around with laptops & their eyes open for the notification signs.

    In addition, I imagine they'll make some noise in newspapers and whatnot to get computer nerds & other concerned citizens to report any violations of the law.

    Stuff like this is very easy to enforce. A friend of mine's father was made an honorary postal inspector and given a card saying so... because he would constantly report on people who were illegaly parked around the local Post Office. They even gave him freebie phone cards & disposable cameras to sweeten the deal and allow him to document the parking violations. And before anyone says the guy had too much free time, he was an insurance appraiser & was in the Post Office twice a day, every day.

    --
    [Fuck Beta]
    o0t!
  5. Re:Hmmm by N3TW4LK3R · · Score: 5, Insightful

    I don't think they want to enforce it.
    They're just making this law so that the courts can blame someone in case of damages

  6. Secure by default by DrXym · · Score: 4, Insightful
    The Netgears of this world should ship their devices secure by default. The device should be set up to use encryption by default, using a random key (printed on the unit underside and a slip of paper) and the appropriate instructions to let the user figure the rest out.

    It can't be hard to do and with the appropriate marketing might shift a few more devices.

  7. Text of the law by Peyna · · Score: 4, Informative

    The text of the law can be found here.

    --
    What?
  8. Stupidity. by hyfe · · Score: 4, Insightful

    Next step is to draft and enact a law making it a criminal offence not to lock your door. Won't take long 'till the whole family is gathered, together again, in prison/workcamp. It'll be fun!

    --
    "" How about taking the safety labels off everything, and let the stupidity-problem solve itself? """
  9. Re:Hmmm by bmo · · Score: 4, Interesting

    There's a name for that kind of guy...

    "Busybody"

    And it's not a good name. I'd hate to be his neighbor. Are you suggesting that Westchester county ask for vigilante^H^H^H^H^H^H^H^H^H volunteer network scanners? How about we ask that your neighbors check to see if you're violating any of the "laws of nature" in your bedroom?

    --
    BMO

  10. Is Starbuck's Secure? by nickfrommaryland · · Score: 5, Informative
    From the article:
    Some of the unprotected networks were at cafes, hotels or other establishments that offer wireless hot spots to patrons. Other networks, like those at Starbucks, were protected.
    The last time I checked, T-Mobile's service is not any more encrypted than a Netgear router taken right out of the box. Likewise, a sign will probably not protect you from much, unless you're a business. Then you can use the sign to protect yourself from liability.
  11. Shutting off Wi-Fi by HPNpilot · · Score: 4, Interesting

    I already have several calls from clients who want me to shut off open access in their places of business. Yes, they have firewalls and are protected, but the DA Jenine Pirro has come out and said how open wireless hotspots help pedophiles and stalkers and these business owners do not want to get involved with this political hot potatoe in any way whatsoever. Their feeling is that it simply is not worth the risk anymore.