Slashdot Mirror
Could That Be The Wireless Police Knocking?
netbuzz writes "Should private-property owners be required to practice safe wireless? Are the wireless police about to come a-knockin' on the front door of your castle? Network World reports on a condo complex in Arizona that will monitor your wireless signal for security. Is this the way all condos and apartment complexes should go?" From the article: "'We just kind of kicked it around the table and everybody said that's a helluva good idea, (mandatory encryption) ought to go in the declarations,' says Welch. However, a lawyer warned that wireless technology could quickly overrun any specific covenants they put to paper, 'so we decided that instead of recording (declarations) at the county that we would leave it up to the hotel manager to put it in their rules and regulations.' Why bother at all? 'We just don't want to see anybody hurt with their wireless system,' says Welch. 'If someone (unauthorized) were accessing it and an owner's information, there could be damage and a potential lawsuit.'"
FTFA: "We just don't want to see anybody hurt with their wireless system," says Welch. "If someone (unauthorized) were accessing it and an owner's information, there could be damage and a potential lawsuit."
absolutely ridiculous. maybe they should start digging through our trash to make sure we've properly shredded our monthly bank statements too.
Furthermore, this rule would be a total paper tiger, as far as enforcement goes, since wep [which i do believe is the most common security protocol in use for wifi today] is widely known NOT to be secure. It will be ironic when the first whitehat captures a few days worth of packets from outside that guy's home and then published the unencrypted contents of his web traffic.
I am Jack's complete lack of surprise.
i will never have to learn from my mistakes ever again.
This is a waste of time and money. People should secure their own networks. If you don't know how then you pay someone to do it for you. If you can't afford it, then how are you able to afford a wireless network. Period.
Why should any government, company or anyone else worry about someone else's network connection security -- unless they're being paid by that party to do so. And in the case of a government (city/state/local/federal) being responsible; don't make ME pay for it.
Xserv
"I love lamp."
get blamed when someone breaks into my house if I leave the door unlocked?
Or should I be blamed when Windows automatically connects me to open APs?
And...If we are going to go that far?
Why not get these people in trouble for using WEP to begin with?
Safe wireless? WEP is like using a condom that's been poked with holes.
This seems silly. If you want to protect your own private property or not, that's your own business. They don't require you to lock your apartment door when you leave. They don't require you to lock your car door when you park in your parking space. How is this any different?
That is just nuts!
I run mine wide open because that is they way I want it. I secure my machine of course, but if someone is within range and wants to use my connection, I don't have a problem with that. Hell, my SID is actually "WideOpen".
I used my neighbor's DSL for over a year, but I eventually got my own. There is no reason every house on a block should purchase their own Internet connection, and wireless network. Apartment buildings are in an even better situation. All that money that people are spending on individual connections could purchase a lot higher speed connection for everyone and still save money.
-- -- Warning. Do not stare directly at the sun.
My first reaction was "Good Lord, how stupid can people get?" - I mean, does this mean that if you set up a wireless network in accordance with their regulations, and it still gets abused (through WEP weaknesses or whatever), they have implicitly invited you to sue them?
But then I thought back to ohhh, yesterday, when I was wrapping up a work trip to Thailand. When I arrived I had bought a SIM card at a dusty little family shop and the cashier who installed it into my phone signed me up for a bunch of promo offers including the loathsome Calling Melody (which I never figured out how to disable) and 50 free hours of GPRS (pretty good considering the card cost me US$7.50).
My hotels had free wifi so I didn't end up using that much of the GPRS time. Yesterday, at the airport, I figured I might as well use some more of it up, so I popped open the trusty iBook and turned on internet sharing with SSID name "Free Internet!"
Within 15 minutes I had 5 or 6 people on it (must have been painfully slow for them). I was too tired to do anything useful, but just for the heck of it I started up ethereal to see to what ends my largesse was being used. It was remarkable how trusting (or probably ignorant) people were - as well as how many unencrypted port-80 webmail servers and office intranets there are out there.
So maybe the real value of the rule in TFA is to protect the users from themselves, rather than protecting the AP owners. When you connect to an unknown AP you never really know what could be going on with your traffic unless you encrypt and authenticate it.
"Patriotism is your conviction that this country is superior to all other countries because you were born in it." -- GBS
There is a difference between laws and condominium covenants you know...
/. crowd applauding end users for not only caring about their networks but actually taking pro-active steps to prevent break ins? Sure, it's not a perfect solution, but it's certainly better than the status-quo and it keeps over zealous government types from being able to create actual laws to enforce this behavior ("Look, we've already got encryption. No need to legislate it.").
So, the owners decided to implement access point security and pool their resources to provide monitoring (I guess, the article isn't too clear on enforcement methodology). Why isn't the
The real reason is "plausible deniability".
If you have an open connection then you can't be found guilty in court of any cybercrimes comitted via your Internet connection. The thought police can't bear the thought of that.
No sig today...
According to the article
In summary, the condo developers are providing the broadband connection and want to make sure that the condo owners secure their endpoints. Open access points have some risks that the developers are apparently not willing to accept. As a goodwill gesture they could retain a local networking firm to help owners set up their wireless networks properly though.'The tyrant will always find pretext for his tyranny.' - Aesop's Fables
"I wouldn't consider doing heart surgery on my brother who had a heart attack"
This is not heart surgery, it is a consumer product. It performs commonly used functions in a standard way, within standard capabilities. One should not need to hire an expert for common consumer grade functions (even when there is an incredible amount of technology 'under the covers').
In the early days of automobiles, it was necessary to hire a driver because driving was complicated and dangerous -- you could break your arm if you got it wrong starting it, and you had to manage spark advance and several other long-since-automated controls in addition to the throttle, brake and clutch. Now, hardly anyone even knows what is under the hood.
In early networking, there were many protocols, and IP addresses were set by hand. It is now approaching the point where it is a plug-and-play product, and this is GOOD.
Progress is not only making the previously impossible, possible -- progress is also making the previously difficult, easy.
Technologists who understand this will have more and happier customers. Technologists who don't are almost as bad as Luddites in holding back technology.
The GP post is absolutely right -- the top-level UI should hide functions that are not commonly changed, and make clear what should be changed ("YourNetworkNameHere" is a GREAT idea). Uncommon, expert level functions should be available, but only via deeper UI levels.