Slashdot Mirror
Could That Be The Wireless Police Knocking?
netbuzz writes "Should private-property owners be required to practice safe wireless? Are the wireless police about to come a-knockin' on the front door of your castle? Network World reports on a condo complex in Arizona that will monitor your wireless signal for security. Is this the way all condos and apartment complexes should go?" From the article: "'We just kind of kicked it around the table and everybody said that's a helluva good idea, (mandatory encryption) ought to go in the declarations,' says Welch. However, a lawyer warned that wireless technology could quickly overrun any specific covenants they put to paper, 'so we decided that instead of recording (declarations) at the county that we would leave it up to the hotel manager to put it in their rules and regulations.' Why bother at all? 'We just don't want to see anybody hurt with their wireless system,' says Welch. 'If someone (unauthorized) were accessing it and an owner's information, there could be damage and a potential lawsuit.'"
FTFA: "We just don't want to see anybody hurt with their wireless system," says Welch. "If someone (unauthorized) were accessing it and an owner's information, there could be damage and a potential lawsuit."
absolutely ridiculous. maybe they should start digging through our trash to make sure we've properly shredded our monthly bank statements too.
Furthermore, this rule would be a total paper tiger, as far as enforcement goes, since wep [which i do believe is the most common security protocol in use for wifi today] is widely known NOT to be secure. It will be ironic when the first whitehat captures a few days worth of packets from outside that guy's home and then published the unencrypted contents of his web traffic.
I am Jack's complete lack of surprise.
i will never have to learn from my mistakes ever again.
You're finding a solution to a problem that doesn't exist. People aren't going to sue you because their wireless network is insecure, and if they did, they'd be laughed out of court.
Besides, maybe some people don't care if they open up their internet connection! As long as they keep their PC(s) reasonably firewalled, and perhaps use an alternate form of encryption at a higher level, it's possible to open up one's internet connection without opening up one's internal network.
It's better to vote for what you want and not get it than to vote for what you don't want and get it.
- E. Debs
This is a waste of time and money. People should secure their own networks. If you don't know how then you pay someone to do it for you. If you can't afford it, then how are you able to afford a wireless network. Period.
Why should any government, company or anyone else worry about someone else's network connection security -- unless they're being paid by that party to do so. And in the case of a government (city/state/local/federal) being responsible; don't make ME pay for it.
Xserv
"I love lamp."
get blamed when someone breaks into my house if I leave the door unlocked?
Or should I be blamed when Windows automatically connects me to open APs?
And...If we are going to go that far?
Why not get these people in trouble for using WEP to begin with?
Safe wireless? WEP is like using a condom that's been poked with holes.
Could it be that maybe, just maybe, somebody wants to actually SHARE? Sacrilege, I know.
Overall, I am worried that people these days consistently seem to say "I'm not in favor of too much regulation, but this specific piece seems pretty good."
Uh huh. You know the slippery slope has started to apply when people say that about such inane proposals as this one.
This seems silly. If you want to protect your own private property or not, that's your own business. They don't require you to lock your apartment door when you leave. They don't require you to lock your car door when you park in your parking space. How is this any different?
They shouldn't be using computers at all. No amount of rules and regulations is going to turn a computer-illiterate user into a savvy one. If someone is too dumb to figure it out or ask someone for a little help they deserve whatever they get. It really is that simple. All this "we need to protect people from themselves" stuff is nonsense. It won't work. Leave it alone. The threat of someone using your open wifi network to download kiddie porn is what, about 0.0000001? "Oh we need rules to protect unaware people from that risk!" Bull fucking shit.
That is just nuts!
I run mine wide open because that is they way I want it. I secure my machine of course, but if someone is within range and wants to use my connection, I don't have a problem with that. Hell, my SID is actually "WideOpen".
I used my neighbor's DSL for over a year, but I eventually got my own. There is no reason every house on a block should purchase their own Internet connection, and wireless network. Apartment buildings are in an even better situation. All that money that people are spending on individual connections could purchase a lot higher speed connection for everyone and still save money.
-- -- Warning. Do not stare directly at the sun.
I know several people who leave theirs open for neighbors and friends to use without encumberance. It's a nice gesture, one in which a private good becomes a public good via goodwill. Even with bittorrent running I'm not using all of my bandwidth at all times.
Besides this, do we mandate that folks lock their car and house doors? Are there laws against leaving a key under the rug, on the door frame, or below your car door?
I'm on a road shaped like a figure eight; I'm going nowhere but I'm guaranteed to be late.
In other news, it is now illegal to give money to the poor.
"Imagine what could happen. Someone could give someone some money, go home, and realize that they needed that money! Just imaging the potential lawsuits! Everyone is much better off this way."
Mr. Period: Nine is the one that's right by ten!
Nine: One day I will kill him. Then, I will be Ten.
I'd argue that their rules are preempted by the FCC's regulations on spectrum use. The FCC usually takes a dim view of people who trespass on their turf.
Mea navis aericumbens anguillis abundat
Suppose a known sex offender began moving child porn over YOUR wireless network.
I would love to see you explain that away as an "oops, I forgot to turn encryption and
authentification on" to the police following the pervert. They will FIRST get you for
aiding and abetting the crime.
This stuff, security, only makes sense in today's world.
I would just like to continue the idea that some of us deliberately leave our wireless networks open to share. I do live in an apartment building, I also pay a fair amount of money to have multiple static IP's, I don't use all that bandwidth all the time so I leave my wireless network open. It costs me nothing and benefits people around me in a small way. I've met a few more of my neighbors who came by by to thank me for leaving my connection open. That last behavior is rare I know but it is nice to meet people in my building I might not normally. I am curious though, what if you limit access to your wireless network by MAC address recognition instead of encryption, are the wireless police still supposed to come knocking on your door? Getting wireless hardware from different manufacturers to cooperate while using encryption can be a hassle. Yes I am sure there are spelling and other errors in this post, and I should know better, but I am leaving them in because it is past my bed time and I am providing a public service by giving the grammar police an outlet. :)
Before the discussion slides predictably towards vague diatribe on governmental encroachment and abuses of state power, I just wanted to point out that this is not something that's being proposed or enforced by the government at any level; it's strictly a question of managers of private condo complexes making "secure" wireless one of the many (arguably draconian) regulations already in place for people who wish to live there.
We may still not think it's a good idea, of course, but the fact that it's being implemented by private individuals makes a big difference-- I'd get stroppy if my state governor said I couldn't own a dog, but I'll accept the same restriction from my apartment super with no objections.
My first reaction was "Good Lord, how stupid can people get?" - I mean, does this mean that if you set up a wireless network in accordance with their regulations, and it still gets abused (through WEP weaknesses or whatever), they have implicitly invited you to sue them?
But then I thought back to ohhh, yesterday, when I was wrapping up a work trip to Thailand. When I arrived I had bought a SIM card at a dusty little family shop and the cashier who installed it into my phone signed me up for a bunch of promo offers including the loathsome Calling Melody (which I never figured out how to disable) and 50 free hours of GPRS (pretty good considering the card cost me US$7.50).
My hotels had free wifi so I didn't end up using that much of the GPRS time. Yesterday, at the airport, I figured I might as well use some more of it up, so I popped open the trusty iBook and turned on internet sharing with SSID name "Free Internet!"
Within 15 minutes I had 5 or 6 people on it (must have been painfully slow for them). I was too tired to do anything useful, but just for the heck of it I started up ethereal to see to what ends my largesse was being used. It was remarkable how trusting (or probably ignorant) people were - as well as how many unencrypted port-80 webmail servers and office intranets there are out there.
So maybe the real value of the rule in TFA is to protect the users from themselves, rather than protecting the AP owners. When you connect to an unknown AP you never really know what could be going on with your traffic unless you encrypt and authenticate it.
"Patriotism is your conviction that this country is superior to all other countries because you were born in it." -- GBS
Look, you cannot force people to play it safe. There are so many examples of that sort of thing failing that it should just be taken as a fact of life. Most people simply don't value safety, like they don't value natural rights, until it's too late and the evil people, criminal or government agent, are hurting them.
Wireless safety is part of that. Part of the problem is that Windows has a very clunky user interface for specifying a strong encryption key. Something as painless as PGP would be very nice.
The police have a valid concern that criminals could exploit these holes and frame ordinary people. However, technical solutions don't work except in simple cases. In fact, in non-"high tech" cases, it wouldn't be a real concern. Where are the laws requiring people to lock up their home so that someone cannot break in and use their bedroom as a sniper post? The lock is hardly a hindrance to these sort of people.
In most crimes, the wireless security is beside the point. People can crack it with enough time and dedication. Worrying about wireless security problems is akin to worrying about a hershey's kiss making you fat while you have a bucket of fried chicken, a bucket of gravy-slathered mash potatos and a 2 liter bottle of coke for your own consumption.
1) Become cable company 2) Offer high(nyuk-nyuk) speed internet at an already inflated price 3) Kick back to condo associations 4) Make it illegal to share internet access 5) Profit!
Faith: n. -- That human impulse that drives them to steal appliances when the power goes out
"Nobody expects the Wireless Police!"
There is a difference between laws and condominium covenants you know...
/. crowd applauding end users for not only caring about their networks but actually taking pro-active steps to prevent break ins? Sure, it's not a perfect solution, but it's certainly better than the status-quo and it keeps over zealous government types from being able to create actual laws to enforce this behavior ("Look, we've already got encryption. No need to legislate it.").
So, the owners decided to implement access point security and pool their resources to provide monitoring (I guess, the article isn't too clear on enforcement methodology). Why isn't the
wicontrol [-i] iface -m mac_address
Set the station address for the specified interface. The
mac_address is specified as a series of six hexadecimal values
separated by colons, e.g., ``00:60:1d:12:34:56''. This programs
the new address into the card and updates the interface as well.
There are places where the networks are not touching,and there are places where they are-Boeing's Lori Gunter
Okay, who builds a multimillion dollar condo and doesn't provide free wireless and internet connections to all it's tennets? I mean come on, it's 2006 already. Why on earth did they not build the networking infrastructure into the building in the first place? Ironically, I bet you they are getting paid quite a bit to put cellphone tranceivers on the building though by a cellphone carrier. So instead of building their own network infrastructure, they are going to waste their time policing you if you provide a service they failed to offer? Maybe they should have 900MHz scanners to make sure you're not using an unencrypted cordless phone too.
And how are they going to actually figure out which tennet is running a wireless AP? With just laptop, it's almost impossible to locate an AP without sophisticated antennas and equipment. I've scanned apartment complexes with my cellphone and I often find about 8 secured, and a couple unsecured nodes from the parking lot. Good luck trying locate them physically.
Also, you are not violating any laws according to the FCC. In fact, you could totally violate the IEEE802.11 protocol on the 2.4 GHz band to create as much interferance as possible as long as you are within the FCC gidelines for power.
I fear the government will try to step in and regulate these protocols, thus freezing them and preventing any future inovation.
I don't get all this obsession with wifi security and encryption. I mean, why do we, as the average citizens, need encryption?
I mean, if we haven't done anything wrong, then we have nothing to hide, surely?
The only people who would want wifi encryption are criminals, because they have something they don't want the authorities to see.
Instead of making it illegal to have an unsecured network, why not just encourage the writers of the next wireless protocol to not support insecure or open configurations, or rather: By all defaults, you must set a password/WEP key, unless you specifically set it to run under a completely different status as an open, accessable network (such as one used in McDonalds, Starbucks, Universities etc.) Sometimes the lawmakers get much too overzealous with thier power.
I run the IT infastructure in a 200-unit building in a college town. We allow users to connect WAPs but I periodically have to go around and secure them. The problem isn't security, it's a simple financial issue. Running with 4 bonded T1s in 2 buildings costs a decent amount, but we prommised our users "High speed internet". We found at one point that we had almost double the number of registered users on our network, simply because people had open WAPs. Rather than having a bunch of non-tennants using the internet for free, we just enforced encryption policies. Mostly it just made more work for me... But if this place is at all similar, in that they provide the internet itself and users are given free access as part of the "package" then I can see this making a lot of sense. I bothered to RTFA and didn't find a mention of it one way or another - but it would explain both their vested interest, and how they plan to enforce it. Tracking down an open WAP is easy if you're running the ISP. Not so if you're just (functionally) a private 3rd party. I'd be willing to bet this is just an author that didn't bother to follow the whole story. Lots of residential units that provide free internet requuire you to not share it with non-residents. It isn't really YOUR network. You're just renting it from them.
Good job! You managed to include both "What about the children?" and the "war on terrorism" in a single post. The nebulous comment about hackers/identity theft was good for some bonus points as well. You should run for political office. Just make a few remarks about "tubes" and you're in!
The real reason is "plausible deniability".
If you have an open connection then you can't be found guilty in court of any cybercrimes comitted via your Internet connection. The thought police can't bear the thought of that.
No sig today...
First, for the pedants, I recognize that open wireless does not necessarily imply that it's connected to the Internet.
Based on the assumption (valid for the vast majority of cases) that someone who has an open wireless network is effectively providing open Internet access through the condo-provided Internet access, then they are correct and fully within their rights in implementing rules to prevent this.
Fully open, public access = a simple entry point for spammers and others up to no good, and the IP owner (the complex) should be responsibile for preventing that. It is a good thing that they are taking on that responsibility.
While a simple "no unprotected wireless networks" rule provides the necessary protections, it does not accomodate an informed resident, who may wish to provide open, but reasonably limited, access (i.e. access only to the local LAN, only to ports 80/110/443 of the Internet, etc.). That's the only issue I have with what they're trying to do.
"National Security is the chief cause of national insecurity." - Celine's First Law
As usual, I see a lot of people have confused the issues. Lots of complaining about the "nanny state" and "telling people what they can do with their own equipment" and how they have no right.
A condiminium board is a completely different entity than a local government. They are not held to the same standard, as far as most things go (the fair housing act being a major exception), as a local government is. The developer buys and develops the property all at once, then sells it (again, all at once) to the original investors (who generally start the 'condominium board'). Since everything was transferred and later subdivided at once, any covenants and hinderances written into the original title deed (usually binding the owner to the rules and regulations of the condo board, a provision implemented through the condominium board act in that particular state) are enforceable against the owner. Another vehicle for this is that people do not actually own the entire condominium; they own the interior in fee simple, but the exterior is owned by the condominium board, so the board retains an interest in the property to create legal leverage.
This is actually one of the more sane things I've seen out of condominium boards. Compared to, say, barring pets, this is simple and actually serves a good purpose.
According to the article
In summary, the condo developers are providing the broadband connection and want to make sure that the condo owners secure their endpoints. Open access points have some risks that the developers are apparently not willing to accept. As a goodwill gesture they could retain a local networking firm to help owners set up their wireless networks properly though.'The tyrant will always find pretext for his tyranny.' - Aesop's Fables
"I wouldn't consider doing heart surgery on my brother who had a heart attack"
This is not heart surgery, it is a consumer product. It performs commonly used functions in a standard way, within standard capabilities. One should not need to hire an expert for common consumer grade functions (even when there is an incredible amount of technology 'under the covers').
In the early days of automobiles, it was necessary to hire a driver because driving was complicated and dangerous -- you could break your arm if you got it wrong starting it, and you had to manage spark advance and several other long-since-automated controls in addition to the throttle, brake and clutch. Now, hardly anyone even knows what is under the hood.
In early networking, there were many protocols, and IP addresses were set by hand. It is now approaching the point where it is a plug-and-play product, and this is GOOD.
Progress is not only making the previously impossible, possible -- progress is also making the previously difficult, easy.
Technologists who understand this will have more and happier customers. Technologists who don't are almost as bad as Luddites in holding back technology.
The GP post is absolutely right -- the top-level UI should hide functions that are not commonly changed, and make clear what should be changed ("YourNetworkNameHere" is a GREAT idea). Uncommon, expert level functions should be available, but only via deeper UI levels.
I am amazed at the number of these networks both closed and open. I recently did a bit of war driving in my town of Casper, Wyoming a working class city of 60,000 which is not near any other city. I plotted the resutls to a google map https://home.wmcnet.org/services/wifi/ while the results are not complete, I have only covered a part of the city, they do show that it is almost impossible to find a residential location which does not have access to an open wifi network. This in a small city in an isolated corner of the United States. what must the network maps look like in bigger more prosperous communities?
Please say you're kidding. Cite any reliable source for this.
2. it is one of the ways terrorists can communicate safely without any chance of being tracked
Kind of true. But they can also do this with encryption, public payphones, prepaid cellphones, wireless networks with WEP-encryption, etc, etc.
3. unprotected wireless access is an open invitation to hackers to steal important personal information (including financial info)
Having sensitive personal info on your PC has always been an "invitation" for someone to steal it. Ever heard of malware? If you can't take care of your sensitive data, shame on you.
In this day and age, having unprotected wireless access is akin to having your home telephone line available to public. Imagine your surprise when police knocks on your door and tells you your home phone was used to call a remote cell phone to trigger a bomb and you please ignorance saying well it is available to everyone.
Again, you've gotta be braindead. Ever heard of "payphones"? Does it make the phone company liable?
Well, it's not like Lieberman is doing much for the Democrats anyways. I think he's much too kind to big business.
You say "nanny state" like it's a bad thing, but in fact, it describes exactly what our government was set up to do: promote the general welfare. People like you naively assume that all the government has to do in order to accomplish this is to get out of our collective way, and let the free market generate all the blessings of prosperity. There are times when this works, and times when it doesn't. Monopolies harm the free market. Extreme differences in wealth and power harm the free market. Unequal access to information harm the free market. When any of these things occur, it is to the benefit of the people for the government to step in.
I'll provide just one example to illustrate my position: unequal access to information. Assume that you live in a free-market utopia. You're shopping for just one of the many hundreds of things you have to make decisions about in your life: a car seat for your one year old. Assume you're at Wal-Mart, because you really don't have any alternatives within a fifty mile radius. That part isn't really relevant to the story, but I thought I'd point it out.
You're faced with the decision of which of twenty car seats to buy. Each of them claims to be very safe, but since the government doesn't have a role in ensuring the safety of carseats or ensuring that product claims be truthful, these claims don't help you. The twenty models run the gamut of prices, from $20 to $400, and the $20 looks incredibly flimsy, so one down, nineteen to go. Four of the seats are certified by the "Safe Baby Coalition," five of them are certified by the "Independent Safety Auditors of America," and six are certified by the "Safe Consumer Product Association". You've never heard of any of these groups, and have no idea what it takes to get their certifications, so they're absolutely no help.
So you put off the decision, and hit the Internet. Which, being the Internet, is no help whatsoever. You find all sorts of message boards with all sorts of opinions, some obviously written for hire.
This is a case where each of the manufacturers knows exactly how safe their product is, and since consumers are willing to pay a premium for safe car seats, the unsafe ones try like hell to appear safe.
How much easier would this decision be if the government simplified the decision by saying that all car seats must pass a minimum, acceptable standard of safety before they can be sold? Infinitely easier. Now, instead of thinking, "Okay, which one won't snap my kid's neck," you can start thinking in terms of "the blue one is just darling." Less stress for the consumer, fewer dangerous products on the market, and--most important--a higher rate of crash survival. All this because the government steps in and closes the information gap between manufacturers and consumers.
No voluntary system could have the same effect, so long as there was money to be gained by gaming the system. If one group of manufacturers decides to create an independent certification board, to prove once and for all that their products are safe, then less scrupulous manufacturers can create their own certification board with lower standards.
You have the same principles in play when it comes to things like worker safety and food and water quality. Smart regulations can bring value to the market by eliminating uncertainty. If you're going to buy a house, it's a complicated enough decision without trying to figure out whether the tapwater in this neighborhoods will give you cancer, or whether you're better off going with the house that has 25% less benzene but 30% more lead. Safe food and drinking water allow people to spend their time worrying about other things, but someone has to guarantee that safety. If that's "nanny-statism," then I'd like to see more of it.
Oh, and despite what I think is a rather calm and collected rejoinder to your mindless, dittohead caricat
You want the truthiness? You can't handle the truthiness!
One for private use that could be encrypted and one 'public' that the parasite neighbours and mobile laptop users could enjoy. Bring an end to the telco's overpriced WiFi zones. Encourage and support free information access - reject enforced 'secure' WiFi!
Along with allowing you to put a cap on the public access. I have open wifi for my neighbors (mostly university students in cheap apartments). Some neighbors have thanked me, brought me an occasional baked good and I've never experienced a problem with network slow down. If they are downloading ISO's or movies they're doing it when I'm not home, which is fine with me. I've paid for it, they may as well use it. But as far as I know they're checking email and reading cnn.com.
But it'd be great to have a router with firmware that allows you to put a cap, I'd set it at about 200/100k for public users and maximum of course for my own machines. I know it can be done right now but it requires multiple routers and probably a linux box. Why not make it all-in-one? I'd happily pay an extra $20-30 for a router with those capabilities.
While we're at it make it so when it detects my wired desktop or wireless laptop aren't connected it lifts the cap so my neighbors can make full use of my connection when I'm not. Then, when I turn on the desktop or connect with the laptop it automagicly reduces the public access back down to my preset level.
And create a log of when all connected MAC addresses were on so you can print it out and show it to the police to help catch, in at least a little way, those who deserve to be caught.
Before the grannie's start hemming and hawing: I use speakeasy, they encourage sharing (I suppose because it reduces the profits of their competitors).
My workstations are behind firewalls.
And if a kiddie-porn-downloadin', copyright-infringin' terrorist happens to use my access point well I'd happily stand up to the court to help set a precedent. I'm a student, I have no assets for them to take/freeze. I'll forever be self-employed so I don't have to worry about a record. I'm through with any political careers. If they take my computers I'll just use the library's for a semester. Meanwhile I'll get a lesson in civics and help set a precedent for supporters of open access points. And it's the tiniest of risks anyway and the rewards (being neighborly, helping people, sticking it to telcos, feeling-good) far outweigh it.
So bring it on.
Is life so precious or peace so sweet that we should pay for it with the price of chains and slavery?
Is this the way all condos and apartment complexes should go?
Yes. Let's have everyone in condos and apartments monitored, to make sure no one is doing something stupid.
Can they watch to make sure we don't smoke cigarettes, eat junk food, drink too much, light off fireworks, grow pot, smoke that pot, watch dirty movies, etc.? And please keep us from catching any STDs.
But back in the real world, do people want to take personal responsibility for their own actions, and accept the consequences too?