Slashdot Mirror
Could That Be The Wireless Police Knocking?
netbuzz writes "Should private-property owners be required to practice safe wireless? Are the wireless police about to come a-knockin' on the front door of your castle? Network World reports on a condo complex in Arizona that will monitor your wireless signal for security. Is this the way all condos and apartment complexes should go?" From the article: "'We just kind of kicked it around the table and everybody said that's a helluva good idea, (mandatory encryption) ought to go in the declarations,' says Welch. However, a lawyer warned that wireless technology could quickly overrun any specific covenants they put to paper, 'so we decided that instead of recording (declarations) at the county that we would leave it up to the hotel manager to put it in their rules and regulations.' Why bother at all? 'We just don't want to see anybody hurt with their wireless system,' says Welch. 'If someone (unauthorized) were accessing it and an owner's information, there could be damage and a potential lawsuit.'"
FTFA: "We just don't want to see anybody hurt with their wireless system," says Welch. "If someone (unauthorized) were accessing it and an owner's information, there could be damage and a potential lawsuit."
absolutely ridiculous. maybe they should start digging through our trash to make sure we've properly shredded our monthly bank statements too.
Furthermore, this rule would be a total paper tiger, as far as enforcement goes, since wep [which i do believe is the most common security protocol in use for wifi today] is widely known NOT to be secure. It will be ironic when the first whitehat captures a few days worth of packets from outside that guy's home and then published the unencrypted contents of his web traffic.
I am Jack's complete lack of surprise.
i will never have to learn from my mistakes ever again.
You're finding a solution to a problem that doesn't exist. People aren't going to sue you because their wireless network is insecure, and if they did, they'd be laughed out of court.
Besides, maybe some people don't care if they open up their internet connection! As long as they keep their PC(s) reasonably firewalled, and perhaps use an alternate form of encryption at a higher level, it's possible to open up one's internet connection without opening up one's internal network.
It's better to vote for what you want and not get it than to vote for what you don't want and get it.
- E. Debs
This is a waste of time and money. People should secure their own networks. If you don't know how then you pay someone to do it for you. If you can't afford it, then how are you able to afford a wireless network. Period.
Why should any government, company or anyone else worry about someone else's network connection security -- unless they're being paid by that party to do so. And in the case of a government (city/state/local/federal) being responsible; don't make ME pay for it.
Xserv
"I love lamp."
The default for all wireless routers should be to allow traffic from anyone, but to give the owner priority.
get blamed when someone breaks into my house if I leave the door unlocked?
Or should I be blamed when Windows automatically connects me to open APs?
And...If we are going to go that far?
Why not get these people in trouble for using WEP to begin with?
Safe wireless? WEP is like using a condom that's been poked with holes.
Could it be that maybe, just maybe, somebody wants to actually SHARE? Sacrilege, I know.
Overall, I am worried that people these days consistently seem to say "I'm not in favor of too much regulation, but this specific piece seems pretty good."
Uh huh. You know the slippery slope has started to apply when people say that about such inane proposals as this one.
This seems silly. If you want to protect your own private property or not, that's your own business. They don't require you to lock your apartment door when you leave. They don't require you to lock your car door when you park in your parking space. How is this any different?
They shouldn't be using computers at all. No amount of rules and regulations is going to turn a computer-illiterate user into a savvy one. If someone is too dumb to figure it out or ask someone for a little help they deserve whatever they get. It really is that simple. All this "we need to protect people from themselves" stuff is nonsense. It won't work. Leave it alone. The threat of someone using your open wifi network to download kiddie porn is what, about 0.0000001? "Oh we need rules to protect unaware people from that risk!" Bull fucking shit.
Question... what if you lived in the middle of BFN (read nowhere) and there was 1 access road running at the very edge of WiFi)... would you require encription? My housemates do not, surpriseingly, have en. installed.
The government needs to quit protecting the stupid.
Yeah it may be "a hellova idea".. for someone to do on their own.
And how would anyone prove my network wasn't secure? You going to break in? Then I'm suing That person..
That is just nuts!
I run mine wide open because that is they way I want it. I secure my machine of course, but if someone is within range and wants to use my connection, I don't have a problem with that. Hell, my SID is actually "WideOpen".
I used my neighbor's DSL for over a year, but I eventually got my own. There is no reason every house on a block should purchase their own Internet connection, and wireless network. Apartment buildings are in an even better situation. All that money that people are spending on individual connections could purchase a lot higher speed connection for everyone and still save money.
-- -- Warning. Do not stare directly at the sun.
Most of the time the people selling the wirless products to home users don't let them know of the dangers of having an unsecured connection, i have seen people in dept. stores say "its easy just take it home and plug it in". The same goes for ISP's pushing them out to their customers.
The fact is we have salesmen taking advantage of people who don't know any better buy offering them all of the glitz and not alerting them to any basic precautions they will take.
Some of my clients did not even know of the dangers till they rang me up to get me to configure it for them.
More responsibility should be placed onto the salespeople to make sure their customers understand just what exatly they are buying.
I know several people who leave theirs open for neighbors and friends to use without encumberance. It's a nice gesture, one in which a private good becomes a public good via goodwill. Even with bittorrent running I'm not using all of my bandwidth at all times.
Besides this, do we mandate that folks lock their car and house doors? Are there laws against leaving a key under the rug, on the door frame, or below your car door?
I'm on a road shaped like a figure eight; I'm going nowhere but I'm guaranteed to be late.
In other news, it is now illegal to give money to the poor.
"Imagine what could happen. Someone could give someone some money, go home, and realize that they needed that money! Just imaging the potential lawsuits! Everyone is much better off this way."
Mr. Period: Nine is the one that's right by ten!
Nine: One day I will kill him. Then, I will be Ten.
I'd argue that their rules are preempted by the FCC's regulations on spectrum use. The FCC usually takes a dim view of people who trespass on their turf.
Mea navis aericumbens anguillis abundat
I do find the whole concept of mandatory encryption rather ironic though. Would that it were the case for email, VOIP or Internet connections in general...
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
Suppose a known sex offender began moving child porn over YOUR wireless network.
I would love to see you explain that away as an "oops, I forgot to turn encryption and
authentification on" to the police following the pervert. They will FIRST get you for
aiding and abetting the crime.
This stuff, security, only makes sense in today's world.
I would just like to continue the idea that some of us deliberately leave our wireless networks open to share. I do live in an apartment building, I also pay a fair amount of money to have multiple static IP's, I don't use all that bandwidth all the time so I leave my wireless network open. It costs me nothing and benefits people around me in a small way. I've met a few more of my neighbors who came by by to thank me for leaving my connection open. That last behavior is rare I know but it is nice to meet people in my building I might not normally. I am curious though, what if you limit access to your wireless network by MAC address recognition instead of encryption, are the wireless police still supposed to come knocking on your door? Getting wireless hardware from different manufacturers to cooperate while using encryption can be a hassle. Yes I am sure there are spelling and other errors in this post, and I should know better, but I am leaving them in because it is past my bed time and I am providing a public service by giving the grammar police an outlet. :)
This is just pure nanny-state-ism.
Hey guess what? I know how you should run your life and I am going to ram that down your throat.
You see I am better than all you Plebs/Proletariats. So, I'll just take over this aristocratic position and begin dictating the way you should live your life. What you have a problem with that? Well you must be an ignorant redneck bigot. See how open minded I am.
How needs democracy when I am better than you?
Next thing you know the Democrats (the Party of Tolerance) will be kicking some Jew out of their party.
If the condo association is so concerned about it, why not make wifi a service of the complex? What they have now is the equivalent of everyone having their own gas powered generator in their condo.
It sounds like the peoplt there are hip, why not toss in a couple hundred bucks per condo, get a T3 or higher to the complex and have wifi all over? Probably a lot cheaper than each one paying $50-100 a month for internet service. And then it becomes a draw to the complex as now they have "free" wifi, increasing their property values.
Many cities require property owners to clean/paint over any graffitti; uncontrolled internet access could be used to deface sites.
You can't display a corpse, or a facsimile of a corpse in public in most US counties; uncontrolled internet access could be used to spam goatse.
It's also often illegal to leave your car keys in view in/around your car unattended; You have the responsablity to control your tools.
You can't wear a ski mask into a bank, no matter how cold it is; anonymous internet access could be used to commit a crime.
As a 'public nuisance' the nuisance would have to be weighed aganist the benifit, dairy farms stink, but I do like to eat cheese.
Before the discussion slides predictably towards vague diatribe on governmental encroachment and abuses of state power, I just wanted to point out that this is not something that's being proposed or enforced by the government at any level; it's strictly a question of managers of private condo complexes making "secure" wireless one of the many (arguably draconian) regulations already in place for people who wish to live there.
We may still not think it's a good idea, of course, but the fact that it's being implemented by private individuals makes a big difference-- I'd get stroppy if my state governor said I couldn't own a dog, but I'll accept the same restriction from my apartment super with no objections.
I am sure the FCC regulations will trump all these petty dictators with too much time on their hands.
2.4 GHz is an unlicensed & unregulated band, provided you stay within certain power limits.
Well I would disagree with what seems to be the majority of comments that this is a bad thing in concept. However I do think they took it too far, mandating virtually anything usually is not the best solution. Rather the building/community would be better served by a proactive offering of assistance. Say one had an open access point, the management realize and offer their assistance to the owner to secure it if they would like. No mandatory anything, but still informing the owner of something he may not know about. Heck even some entrepreneurs could solicit their services for this. The one thing I dislike is the lack of education that is aimed for those who don't have the time to devote to computers. We just call them stupid as if they are supposed to be born with such knowledge.
you are fucking retarded
leaving a wireless point unsecured has NEVER, NOT ONCE been treated as aiding and abetting, not even close.
Snowden and Manning are heroes.
Uh, listen Judge, I was downloading all those pornz, warez, mooviez to test their wireless security!
Now where is my medal?
As long as there were a way to opt-out, with some way of showing that you are, indeed, able to manage an unencrypted network, it'd be alright with me. Plus, has not 2WIRE already practically dominated homes with WEP? I rarely find a non-encrypted 2WIRE, and the only one I have was of a fellow geeky friend who intended it that way. This is moreso the job of router manufacturers, not a matter of law.
The above is most likely humour. Slashdot foot icon goes here.
Oh no, a child molester could use your open wireless network to download kiddy porn? And? It's not as if the FBI can't check your hard drive, and see wow, I guess he probably didn't download that porn, since there isn't a trace of it. Besides, have you ever heard of an actual case of this happening? I'd love to see it, as it appears to be an urban legend, just like the FBI knocking at your door after you download stuff off of BT.
My first reaction was "Good Lord, how stupid can people get?" - I mean, does this mean that if you set up a wireless network in accordance with their regulations, and it still gets abused (through WEP weaknesses or whatever), they have implicitly invited you to sue them?
But then I thought back to ohhh, yesterday, when I was wrapping up a work trip to Thailand. When I arrived I had bought a SIM card at a dusty little family shop and the cashier who installed it into my phone signed me up for a bunch of promo offers including the loathsome Calling Melody (which I never figured out how to disable) and 50 free hours of GPRS (pretty good considering the card cost me US$7.50).
My hotels had free wifi so I didn't end up using that much of the GPRS time. Yesterday, at the airport, I figured I might as well use some more of it up, so I popped open the trusty iBook and turned on internet sharing with SSID name "Free Internet!"
Within 15 minutes I had 5 or 6 people on it (must have been painfully slow for them). I was too tired to do anything useful, but just for the heck of it I started up ethereal to see to what ends my largesse was being used. It was remarkable how trusting (or probably ignorant) people were - as well as how many unencrypted port-80 webmail servers and office intranets there are out there.
So maybe the real value of the rule in TFA is to protect the users from themselves, rather than protecting the AP owners. When you connect to an unknown AP you never really know what could be going on with your traffic unless you encrypt and authenticate it.
"Patriotism is your conviction that this country is superior to all other countries because you were born in it." -- GBS
Look, you cannot force people to play it safe. There are so many examples of that sort of thing failing that it should just be taken as a fact of life. Most people simply don't value safety, like they don't value natural rights, until it's too late and the evil people, criminal or government agent, are hurting them.
Wireless safety is part of that. Part of the problem is that Windows has a very clunky user interface for specifying a strong encryption key. Something as painless as PGP would be very nice.
The police have a valid concern that criminals could exploit these holes and frame ordinary people. However, technical solutions don't work except in simple cases. In fact, in non-"high tech" cases, it wouldn't be a real concern. Where are the laws requiring people to lock up their home so that someone cannot break in and use their bedroom as a sniper post? The lock is hardly a hindrance to these sort of people.
In most crimes, the wireless security is beside the point. People can crack it with enough time and dedication. Worrying about wireless security problems is akin to worrying about a hershey's kiss making you fat while you have a bucket of fried chicken, a bucket of gravy-slathered mash potatos and a 2 liter bottle of coke for your own consumption.
1) Become cable company 2) Offer high(nyuk-nyuk) speed internet at an already inflated price 3) Kick back to condo associations 4) Make it illegal to share internet access 5) Profit!
Faith: n. -- That human impulse that drives them to steal appliances when the power goes out
A condo association might legitimately go so far as to forbid individual residents from setting up wireless networks, and instead have the association itself set them up, imposing some particluar encryption regime, since interference between the wifi setups in a condo could affect everyone's ability to use them. And if you know those are the rules when you buy your unit, and agree to those rules, then presumably it's because you like it that way.
Government, OTOH, imposes rules on people against their will, so it should only be employed where someone's person or property is being transgressed (against their informed consent).
[100% ISO 646 Compliant]
SVM, ERGO MONSTRO.
Quickly, this reminds me of home-owners associations and condo associations that totally ignore rights regarding the reception of tv & satellite signals. They ban dishes and antennas when they have no right to do so and get slapped down when challenged (in the USA). Whether or not it is a good idea'r, they'd have better luck trying to stop the usage of cordless phones. But, repeat after me asshole-boardseat holders, "i am not the FCC, i am not the FCC, i am not the FCC...".
Wireless networks should not be able to be setup without encryption.
As it stands now anyone wanting to release virus's or download anything can do so by driving up to almost any hotel in the US.
Any resident with an unencrypted network is subject to their network being used for -any- purpose.
Firmware makers should be required to make encryption a default setup value.
Period.
Hackers and mal contents need not worry about their actions.
I smell coffee...
there is a law in the town neighboring mine that each household must own at least one gun.. i kid you not.
keep in mind my state is in the extreme red area of the political spectrum, but the effectiveness of such deterrance programs are hard to gage.. Needless to say though when we used to live there we never had a breakin. (then again, no breakins in this town either)
VLC FOR MAC IS DYING! IF YOU DEVELOP, PLEASE SAVE IT!!
I think we can all agree is that the last thing we need on any technology is more legalistic regulation. Laws like these make criminals out of every-day people doing every-day things.
I do not want to have to manage my own personal network based on ridiculous laws. Of course, I would secure a wireless network if I had one (I currently don't), but I want to do it because I know it's what needs to be done to protect my privacy the way I need to, and not because I'm being forced to by law.
There may be some people who want to leave their network open, perhaps for their neighbor(s) to use, or perhaps a hotel that doesn't want to bother managing network security (it's certainly obvious enough at the time of connection when a network is not secured and that its users are to connect at their own risk). This could, in some cases, violate an ISP's terms of service, but then that's a matter for this customer's ISP to deal with, and should not be a criminal offense. And then, this kind of becomes a bit of a societal issue. When technology advances as is innovated, laws and service terms should change to embrace it, not restrict it. For example, an ISP providing a DSL or cable connection to a customer who shares the line wirelessly could simply charge for more bandwidth if their fixed-price "buffer" is exceeded. That would be an example of service terms embracing technology. But, now I'm getting to a whole other discussion for another story.
The point is: let people have their technology and use it how they want it. If you get burned somehow from not understanding the risks of using it in a certain way, then you'll learn from your mistake(s).
Well I figured I'd say goodbye too everyone here... When this law passes so does my internet. Wireless Piracy- The poor man's internet
Great, so now if I'm disabling my wireless card's weak encryption, and instead using a proper firewall and OpenVPN connection behind the AP, the condo board is going to come after me because my "wireless" is allegedly insecure?
Seriously, if you don't at least know what indistinguishability under adaptive chosen-ciphertext attack is, you shouldn't be making security policy.
http://outcampaign.org/
"Nobody expects the Wireless Police!"
BAH, I know lots of people who live in apartments and condos,
all the tech types leave open Mp3 and Video folders and share in the building,
no internet reqd. technically untraceable via the net. The others are clueless
users who are open on the internet as well and dont bother to listen to the
advise of the others in the building who ARE trying to help them.
I doubt your safety is what the cops are after.
"It's what you learn after you know it all that counts", Earl Weaver - Legendary Coach of the Baltimore Orioles
In my building, there are at least two unencrypted wireless connections. One's mine; the other is a neighbor with a Belkin node. I can see 3-4 other encrypted connections. Occasionally something goes wrong with my connection (DSL flakiness or whatever) and I'll piggyback off my neighbor for a few days, and of course occasionally my laptop decides it would rather use my neighbor's signal instead of mine for no particular reason, which tends to disconnect my work VPN.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
RF is not being regulated, network access, which is not under FCC's jurisdiction, is.
The FCC does not regulate network security.
Sorry.
Lord High Crapflooder The Right Honourable Vlad Craig Esther McDavenpherson III
Destroyer of Mercatur.Net
I want to have my data encrypted, but I want my guests to be able to access the net, and if passersby want to freeload a bit, that's fine too. If I set my SSID to "password==guest" and let people log in with "guest" as the authentication system password, will my data channel still be usefully encrypted, or does knowing the access password let people eavesdrop on my connections?
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
There is a difference between laws and condominium covenants you know...
/. crowd applauding end users for not only caring about their networks but actually taking pro-active steps to prevent break ins? Sure, it's not a perfect solution, but it's certainly better than the status-quo and it keeps over zealous government types from being able to create actual laws to enforce this behavior ("Look, we've already got encryption. No need to legislate it.").
So, the owners decided to implement access point security and pool their resources to provide monitoring (I guess, the article isn't too clear on enforcement methodology). Why isn't the
Has nothing to do with this issue. But, if you want to hit up that topic, maybe you should think about what your saying before you open your mouth.
... Do you think they deserve to starve?
A lot of those "fuckers" that you think should starve are Military Vets, the guys that fought our wars for us, the guys that watched their friends die or may have even taken a bullet for us.
It's awsome that you think they should just die. Your such a great guy.
It would be really kick ass if this country took care of those who fought for it, especially those who HAD normal lives and would of really turned out to be something, except the gov't forced them into Nam
Like I said, think about what your about to say, then open your mouth. Until then, shut up and get a clue.
+++ATH0 NO CARRIER
I live in a share house, in the suburbs of Melbourne, and there's a new housemate every other month. So far, they've included a non-technical german, with a german-language OS, a guy with a windows 98 box and no clue, and so on. It's enough hassle having to get these guys on to an unsecured network, and in the six months that I've been here, nothing that shouldn't be on the network has been. If I want to take that risk rather than be a full-time network admin at home, that's my frigging business.
Just a note that my above post was supposed to attach to one of the anonymous threads below the one it attached to, just fyi...
/. put it
Looks like I'm talking out my ass where
+++ATH0 NO CARRIER
Walk around with a laptop and check to see if there are any virgin wireless connections sitting out there. If you can id them, a knock and a "hey, did you know anyone can connect to your internet?" is going to be enough.
Answer is yes? Well, a load off the owner's mind.
Answer is no? Toss them a packet on securing wireless connections. Load off the owner's mind.
Being anonymous is not cowardice.
I think if they are stupic enough to leave the wireless encryption open is fair game. I remember there is a lawsuit againts a hacker that was caught and he was able to get out of the charges because the MOTD of the router did not specifically say not to break in. It should just the people choice. But of couse goverment = many many dirty politicians. Which got paid by corporation to be there in the first place to voice not the people's opinion but the big company opinion. Don't you love American democracy.
Come and try to stop me from running my stupid piece of shit linksys wireless g router wide open!!!
I live in a boring residential neighbour hood in San Francisco, and all my neighbours have wireless too! And you know what? WE don't fuckin care! And anyone who parks on my hilly twisted street gets noticed right quick, and no fool is gonna drive up here lookin JUST LOOKIN for trouble.
So COME ON AND GET ME YOU FASCIST MOTHERFUCKERS!!!
RS
Shoes for Industry. Shoes for the Dead.
wicontrol [-i] iface -m mac_address
Set the station address for the specified interface. The
mac_address is specified as a series of six hexadecimal values
separated by colons, e.g., ``00:60:1d:12:34:56''. This programs
the new address into the card and updates the interface as well.
There are places where the networks are not touching,and there are places where they are-Boeing's Lori Gunter
What I don't quite understand is this: in a community made up almost exclusively of computer nerds, when a topic about computers comes up, no one can write a single post that is clever enough to be modded +5 Funny? Never a shortage of funny sh!t posted about Microsoft, or NASA. And this article isn't even a lob, it's like a slow-pitch rainbow. This should be like a "... secure-network overlord" homerun derby.
Some l337 h4X0r needs to knock this one out of the park.
Here, I'll get you started:
In Soviet Arizona,...
[/sarcasm]
Please site any kind of evidence of this.
2. it is one of the ways terrorists can communicate safely without any chance of being tracked
Oh, that's great. With that logic I guess all prepaid cell phones should be outlawed. Again, site anthing.
3. unprotected wireless access is an open invitation to hackers to steal important personal information (including financial info)
Well, since most financial sites use SSL these web transactions would be safe.
Imagine your surprise when police knocks on your door and tells you your home phone was used to call a remote cell phone to trigger a bomb and you please ignorance saying well it is available to everyone.
So let's outlaw cars and alcohol since the combo of the two kills hundreds of people a day in the US? This law does nothing but try to protect the dying business model of net access sales.
also there was no mention of making it illegal to share a connection - share your encrytion keys for all you want.
But you're only thinking of stealing wifi from neighbors, aren't you?
'' 2. it is one of the ways terrorists can communicate safely without any chance of being tracked ''
If it were found that terrorists communicated using my wireless network, then the police could just call the manufacturer of my router, who would tell them that the terrorists must be within fifty or maybe hundred meters from my home. They should have no problem finding the terrorists.
We need to educate people with the facts, and not spout off "We need to secure our linksys wireless connection before all the terrorists park out front!!!"
Give me a break... Read a non-fiction book
Okay, who builds a multimillion dollar condo and doesn't provide free wireless and internet connections to all it's tennets? I mean come on, it's 2006 already. Why on earth did they not build the networking infrastructure into the building in the first place? Ironically, I bet you they are getting paid quite a bit to put cellphone tranceivers on the building though by a cellphone carrier. So instead of building their own network infrastructure, they are going to waste their time policing you if you provide a service they failed to offer? Maybe they should have 900MHz scanners to make sure you're not using an unencrypted cordless phone too.
And how are they going to actually figure out which tennet is running a wireless AP? With just laptop, it's almost impossible to locate an AP without sophisticated antennas and equipment. I've scanned apartment complexes with my cellphone and I often find about 8 secured, and a couple unsecured nodes from the parking lot. Good luck trying locate them physically.
Also, you are not violating any laws according to the FCC. In fact, you could totally violate the IEEE802.11 protocol on the 2.4 GHz band to create as much interferance as possible as long as you are within the FCC gidelines for power.
I fear the government will try to step in and regulate these protocols, thus freezing them and preventing any future inovation.
Points 5, 6, and 7 of my ISP's Cable Internet TOS:
5 Commercial Use. The Service is designed for personal use of the Internet and may not be used for commercial purposes. You may not resell or otherwise charge others to use the residential Service. You agree not to use the Service for operation as an Internet service provider, or for any other business enterprise, including, without limitation, IP address translation or similar facilities intended to provide additional access.
6 Servers. You may not operate, or allow others to operate, servers of any type or any other device, equipment, and/or software providing server-like functionality in connection with the Service, unless expressly authorized by Cox.
7 Misuse of Service. You are responsible for any misuse of the Service that occurs through your account. You must therefore take steps to ensure that others do not gain unauthorized access or misuse the Service.
You are responsible for any misuse. IP address translation (NAT?)....doesn't that mean even hooking up 2 computers to your wireless router (even your own computers) is already a violation?
Last but not least...point 9
9 Security. You are solely responsible for the security of any device connected to the Service, including any data stored on that device. Cox recommends that you take appropriate security precautions for any systems connected to the Service. You are responsible for securing any wireless (WiFi) networks connected to your Cox service. Any wireless network, installed by the customer or a Cox representative that is unsecured or "open" and connected to the Cox network will be deemed to be operating as an ISP and subject to the prohibition on commercial use set forth in Section 5 herein.
Emphasis mine. I bet MOST ISPs have similar TOS. (2nd slashdot comment ever...be nice;^)
Where is this free beer everyone on Slashdot keeps talking about?
I don't get all this obsession with wifi security and encryption. I mean, why do we, as the average citizens, need encryption?
I mean, if we haven't done anything wrong, then we have nothing to hide, surely?
The only people who would want wifi encryption are criminals, because they have something they don't want the authorities to see.
when somebody you didn't hire all of the sudden starts going through a tremendous effort
to "help" you. They're not doing it without some other goal in mind.
The way I see it they probably want to
a. Take away your excuse that you left your wireless unprotected because you didn't knwo
better and someone else must have leeched those mp3s
b. Make it harder to get free internet so more people have to get on the net registered
and paying.
Instead of making it illegal to have an unsecured network, why not just encourage the writers of the next wireless protocol to not support insecure or open configurations, or rather: By all defaults, you must set a password/WEP key, unless you specifically set it to run under a completely different status as an open, accessable network (such as one used in McDonalds, Starbucks, Universities etc.) Sometimes the lawmakers get much too overzealous with thier power.
I run the IT infastructure in a 200-unit building in a college town. We allow users to connect WAPs but I periodically have to go around and secure them. The problem isn't security, it's a simple financial issue. Running with 4 bonded T1s in 2 buildings costs a decent amount, but we prommised our users "High speed internet". We found at one point that we had almost double the number of registered users on our network, simply because people had open WAPs. Rather than having a bunch of non-tennants using the internet for free, we just enforced encryption policies. Mostly it just made more work for me... But if this place is at all similar, in that they provide the internet itself and users are given free access as part of the "package" then I can see this making a lot of sense. I bothered to RTFA and didn't find a mention of it one way or another - but it would explain both their vested interest, and how they plan to enforce it. Tracking down an open WAP is easy if you're running the ISP. Not so if you're just (functionally) a private 3rd party. I'd be willing to bet this is just an author that didn't bother to follow the whole story. Lots of residential units that provide free internet requuire you to not share it with non-residents. It isn't really YOUR network. You're just renting it from them.
Good job! You managed to include both "What about the children?" and the "war on terrorism" in a single post. The nebulous comment about hackers/identity theft was good for some bonus points as well. You should run for political office. Just make a few remarks about "tubes" and you're in!
The real reason is "plausible deniability".
If you have an open connection then you can't be found guilty in court of any cybercrimes comitted via your Internet connection. The thought police can't bear the thought of that.
No sig today...
Demand the industry to have encryption on as a default. That way people who have no clue will be protected and people who want it open can still open it.
Oh wait, the industry has a lobby so that won't be happening. No, let us put the burden on the consumer. They don't have fuck to say anyway.
Don't fight for your country, if your country does not fight for you.
First, for the pedants, I recognize that open wireless does not necessarily imply that it's connected to the Internet.
Based on the assumption (valid for the vast majority of cases) that someone who has an open wireless network is effectively providing open Internet access through the condo-provided Internet access, then they are correct and fully within their rights in implementing rules to prevent this.
Fully open, public access = a simple entry point for spammers and others up to no good, and the IP owner (the complex) should be responsibile for preventing that. It is a good thing that they are taking on that responsibility.
While a simple "no unprotected wireless networks" rule provides the necessary protections, it does not accomodate an informed resident, who may wish to provide open, but reasonably limited, access (i.e. access only to the local LAN, only to ports 80/110/443 of the Internet, etc.). That's the only issue I have with what they're trying to do.
"National Security is the chief cause of national insecurity." - Celine's First Law
That's okay, the thread you replied to goes below most peoples' threshhold. I know, I know, -1 flamebait sounds like a lot of posts around here, but it seems some people are just too picky with their filters.
/. put it"
"Looks like I'm talking out my ass where
Yeah, but I wouldn't worry about your post looking out of place.
Mr. Period: Nine is the one that's right by ten!
Nine: One day I will kill him. Then, I will be Ten.
All AUP issues with your ISP aside, what i if i *want* to share my connection? Why is that wrong? Internet cafes do it all the time ( not al charge you )
Ok, so it has to be encrypted, how bout i just post the encryption key everywhere i can, do they come after me then too?
---- Booth was a patriot ----
As usual, I see a lot of people have confused the issues. Lots of complaining about the "nanny state" and "telling people what they can do with their own equipment" and how they have no right.
A condiminium board is a completely different entity than a local government. They are not held to the same standard, as far as most things go (the fair housing act being a major exception), as a local government is. The developer buys and develops the property all at once, then sells it (again, all at once) to the original investors (who generally start the 'condominium board'). Since everything was transferred and later subdivided at once, any covenants and hinderances written into the original title deed (usually binding the owner to the rules and regulations of the condo board, a provision implemented through the condominium board act in that particular state) are enforceable against the owner. Another vehicle for this is that people do not actually own the entire condominium; they own the interior in fee simple, but the exterior is owned by the condominium board, so the board retains an interest in the property to create legal leverage.
This is actually one of the more sane things I've seen out of condominium boards. Compared to, say, barring pets, this is simple and actually serves a good purpose.
... should have no bussiness telling me to lock access to a wirelees access point.
IANAL but write like a drunk one.
I've just spent a year in a student flat, where the entire complex was tied down to one shitty ISP, absolutely no choices. Imagine a clause in the contract between the property owners and the ISP, stating that connection sharing is not to be allowed. In those circumstances, it would be a case of the two providers ganging up and shafting their customer.
Bear that possibility in mind when deciding whether or not this is a bad precedent.
According to the article
In summary, the condo developers are providing the broadband connection and want to make sure that the condo owners secure their endpoints. Open access points have some risks that the developers are apparently not willing to accept. As a goodwill gesture they could retain a local networking firm to help owners set up their wireless networks properly though.'The tyrant will always find pretext for his tyranny.' - Aesop's Fables
Heck, I'd be happy if the stupid farkers wouldn't try to croud onto the same friggin channel. The ones that don't? They manage to find the channel _I_ am using and settle there despite a free spectrum on the other end.
Idiots need to have their wireless EMP'ed into a pile of molten plastic I say.
"I wouldn't consider doing heart surgery on my brother who had a heart attack"
This is not heart surgery, it is a consumer product. It performs commonly used functions in a standard way, within standard capabilities. One should not need to hire an expert for common consumer grade functions (even when there is an incredible amount of technology 'under the covers').
In the early days of automobiles, it was necessary to hire a driver because driving was complicated and dangerous -- you could break your arm if you got it wrong starting it, and you had to manage spark advance and several other long-since-automated controls in addition to the throttle, brake and clutch. Now, hardly anyone even knows what is under the hood.
In early networking, there were many protocols, and IP addresses were set by hand. It is now approaching the point where it is a plug-and-play product, and this is GOOD.
Progress is not only making the previously impossible, possible -- progress is also making the previously difficult, easy.
Technologists who understand this will have more and happier customers. Technologists who don't are almost as bad as Luddites in holding back technology.
The GP post is absolutely right -- the top-level UI should hide functions that are not commonly changed, and make clear what should be changed ("YourNetworkNameHere" is a GREAT idea). Uncommon, expert level functions should be available, but only via deeper UI levels.
For example, if I require that wireless clients MUST use IPSEC/ESP with is that good enough, or am I required to "upgrade" to something "stronger" like WEP?
If you read the above statement carefully, you will see why this is a bad idea.
LedgerSMB: Open source Accounting/ERP
the whole point is RF IS being regulated. they are saying that the frequency you are broadcasting on MUST have encryption. or in other words YOU CANNOT BROADCAST WITHOUT ENCRYPTION.
damn AC's don't think anymore
To err is human; effective mayhem requires the root password!
I'd rather have them checking my sewer line to make sure I've digested, I had corn last nite.
Wanna fight ? Bend over, stick your head up your ass, and fight for air.
Worst case is having them actually find kiddie porn on your computer that you didn't put there. But I see your point. However, when I worked at Microsoft, I got a call from someone who's computer had been broken into and child pornographers were using it for a drop box. I told the person to contact law enforcement before erasing the hard drive. In this case, the person was lucky-- the child porn was found by the computer owner. But in the case you describe, it could be very different if the police find it first.
And if you can't secure a wireless network, what makes you think you can secure Windows?
LedgerSMB: Open source Accounting/ERP
I know why you leave it wide open: Plausible Deniability. ;-)
However, many people decide that the risk is acceptable, or find various ways to manage it...
LedgerSMB: Open source Accounting/ERP
Are there laws that require you to lock your house? Your car?
Are there laws that require you keep certain important objects and papers in a fire-proof safe?
Are there laws that require you to store your money in an FDIC insured bank?
To my knowledge, the answer is no to all of the above. So why should we have laws that require us to secure our wireless connections?
All of those things are good ideas, yes, but if someone doesn't want to do it, then they shouldn't have to. If someone doesn't want to hassle with locks on their house, why force them? It's between them and their insurance.
Besides, if you just outright force people to do something, they won't understand why they're doing it, and most likely won't do it right in the first place.
I like laws that protect people, but Big Brother is turning into Big Mother, telling us what we can and can't do with every day things.
I am going to disable encryption on my network today, and will access my email accounts and send pricate data all over the place.
And for good measure, I'm going to download a pirated 1970's movie. Off-topic? Not really.
when I worked at Microsoft, I got a call from someone who's computer had been broken into and child pornographers were using it for a drop box. ... if you can't secure a wireless network, what makes you think you can secure Windows?
That's a great example and it shows how stupid mandatory "security" laws are.
Because you can't secure Windoze, securing your wireless is a waste of time. Your lan connects you to the entire internet, with it's hundreds of millions of users, and Windows has a twelve minute half life there. Your wireless connects you to a few dozen people at most. The odds of someone abusing your computer and it's internet connection through the wireless are about a hundred million times less likely than those for someone abusing your wireless. If you are using software that protects your privacy to begin with, you don't have to worry about "securing" your network connection and can share it as you will.
Friends don't help friends install M$ junk.
We found at one point that we had almost double the number of registered users on our network, simply because people had open WAPs. Rather than having a bunch of non-tennants using the internet for free, we just enforced encryption policies. Mostly it just made more work for me...
As far as I know, this is the point of the article, but the parent post and the company (s)he/it works for took it upon themselves to ensure their business vs going to the legislators.
My point, is that the taking care of it oneself is the proper way of doing things. I believe there should be laws and regulations out there, but I also believe that they should be as general and non-specific as possible. Laws against theft, infringement, trespass, etc are general. Securing a WAP via XYZ encryption when a.b number of people are in c.d distance from said WAP to protect business G is not a law that benefits anybody besides G for some unspecified time limit and the legislators. Basically, everybody else loses, and rinse and repeat when a new technology comes out.
I'm proudly posting this via one of many unsecured WAPs around me. About 100% of the reason I'm doing this is because my previous broadband provider screwed up and I lost my internet access when I canceled cable TV. I also pay these people extra every month for an unlisted phone number so I don't get phone spam, and these people paid a company across the country to spy on me via the phone under the guise of an independent marketing survey group, where they asked like two generic stupid questions (Have you ever had broadband internet?) and then asked me "Why did you cancel your broadband connection with company X?" I got furious and I feel 100% justified to borrow internet from the same people for free for a while at the inconvenience of a little slower access due to dropped wireless packets and having to pick the best open WAP for the weather and time of day or whatever variables make me switch around.
Business is strictly supply and demand. I demand something more at this time to pay for internet access, and I'm content doing what I'm doing at this time, and the poor broadband company is losing because of things they have done. This is a business matter, not a legal one.
I am amazed at the number of these networks both closed and open. I recently did a bit of war driving in my town of Casper, Wyoming a working class city of 60,000 which is not near any other city. I plotted the resutls to a google map https://home.wmcnet.org/services/wifi/ while the results are not complete, I have only covered a part of the city, they do show that it is almost impossible to find a residential location which does not have access to an open wifi network. This in a small city in an isolated corner of the United States. what must the network maps look like in bigger more prosperous communities?
People really need yet another nanny. I'm not saying people shouldn't be mindful of their wireless connections, but this mandate? We don't need any more thought control liberals ruining America.
A slip of the foot you may soon recover, but a slip of the tongue you may never get over. -Benjamin Franklin
Please say you're kidding. Cite any reliable source for this.
2. it is one of the ways terrorists can communicate safely without any chance of being tracked
Kind of true. But they can also do this with encryption, public payphones, prepaid cellphones, wireless networks with WEP-encryption, etc, etc.
3. unprotected wireless access is an open invitation to hackers to steal important personal information (including financial info)
Having sensitive personal info on your PC has always been an "invitation" for someone to steal it. Ever heard of malware? If you can't take care of your sensitive data, shame on you.
In this day and age, having unprotected wireless access is akin to having your home telephone line available to public. Imagine your surprise when police knocks on your door and tells you your home phone was used to call a remote cell phone to trigger a bomb and you please ignorance saying well it is available to everyone.
Again, you've gotta be braindead. Ever heard of "payphones"? Does it make the phone company liable?
WiFi uses the 2.4GHz band. The FCC has declared the 2.4GHz band open. Anyone can do anything they want with 2.4GHz. If I want to braodcast unencrypted WiFi, I have every right to do so without anyone regulating my doing so.
-Eric Kincl
...Had this been an actual emergency, we would have fled in terror, and you would not have been informed.
Christians! We know they are behind every nefarious scheme since the dawn of history.
Steve's Computer Service, Hobbs, NM
These are not end users, these are condo administrators, who feel the need to butt-in on people's private lives. These are generally the same people that prevent ham radio operators from erecting antennas. Besides, it is up to the end user to understand what they're doing when they use any kind of transmitter -- not the people they buy their houses from, their neighbors, the police, or anyone else.
Zhrodague.net - I do projects and stuff too.
You've hit the nail on the head.
Blogging because I can...
One for private use that could be encrypted and one 'public' that the parasite neighbours and mobile laptop users could enjoy. Bring an end to the telco's overpriced WiFi zones. Encourage and support free information access - reject enforced 'secure' WiFi!
The name of my router/network will be: ThePasswordIsImSurroundedByMorons
Cowards Rule
Along with allowing you to put a cap on the public access. I have open wifi for my neighbors (mostly university students in cheap apartments). Some neighbors have thanked me, brought me an occasional baked good and I've never experienced a problem with network slow down. If they are downloading ISO's or movies they're doing it when I'm not home, which is fine with me. I've paid for it, they may as well use it. But as far as I know they're checking email and reading cnn.com.
But it'd be great to have a router with firmware that allows you to put a cap, I'd set it at about 200/100k for public users and maximum of course for my own machines. I know it can be done right now but it requires multiple routers and probably a linux box. Why not make it all-in-one? I'd happily pay an extra $20-30 for a router with those capabilities.
While we're at it make it so when it detects my wired desktop or wireless laptop aren't connected it lifts the cap so my neighbors can make full use of my connection when I'm not. Then, when I turn on the desktop or connect with the laptop it automagicly reduces the public access back down to my preset level.
And create a log of when all connected MAC addresses were on so you can print it out and show it to the police to help catch, in at least a little way, those who deserve to be caught.
Before the grannie's start hemming and hawing: I use speakeasy, they encourage sharing (I suppose because it reduces the profits of their competitors).
My workstations are behind firewalls.
And if a kiddie-porn-downloadin', copyright-infringin' terrorist happens to use my access point well I'd happily stand up to the court to help set a precedent. I'm a student, I have no assets for them to take/freeze. I'll forever be self-employed so I don't have to worry about a record. I'm through with any political careers. If they take my computers I'll just use the library's for a semester. Meanwhile I'll get a lesson in civics and help set a precedent for supporters of open access points. And it's the tiniest of risks anyway and the rewards (being neighborly, helping people, sticking it to telcos, feeling-good) far outweigh it.
So bring it on.
Is life so precious or peace so sweet that we should pay for it with the price of chains and slavery?
It's almost like they want us to distrust each other. That's probably the motivation in and of itself. Divide and conquer!
NY times work?f i.html?ex=1268888400&en=51d90e7518bba5d6&ei=5090&p artner=rssuserland
http://www.nytimes.com/2005/03/19/technology/19wi
every day http://en.wikipedia.org/wiki/Special:Random
Is this the way all condos and apartment complexes should go?
Yes. Let's have everyone in condos and apartments monitored, to make sure no one is doing something stupid.
Can they watch to make sure we don't smoke cigarettes, eat junk food, drink too much, light off fireworks, grow pot, smoke that pot, watch dirty movies, etc.? And please keep us from catching any STDs.
But back in the real world, do people want to take personal responsibility for their own actions, and accept the consequences too?
Homeowners' Associations have so much power and control over your lives anyway, and some people think it's a good idea to give them more!? Outrageous!
HOAs started out as a good idea, but they have become drunk with power. Now they are evil, pure evil. I can't even put up a brand-new window A/C unit to cool my two Linux boxes in my townhouse--around the back, where nobody can see it but me--because it's in the by-laws that we cannot add more air conditioning devices without the express written consent of the board, which they won't give me.
I will not agree to give these Machiavellian maniacs more power to control my life. Never. If I want to give away my Internet access to the neighborhood passers-by, I can. Period.
Next they'll be telling me what kind of peanut butter to buy, and what sexual positions I'm allowed to engage in.