Slashdot Mirror
Open Wi-Fi May Become Illegal In India
chromoZ writes with word that because of the serial blasts in Indian cities (and terrorist outfits claiming responsibility via email, often sent via Cyber Cafes and open Wi-Fi spots), sharing unsecured wireless access may get much tougher in India: "The Telecom Regulatory Authority of India (TRAI) after studying open Wifi networks is coming up with a set of guidelines and recommendations to secure them. 'All ISPs may be instructed to ensure that their subscribers using wireless devices must use effective authentication mechanisms and permit access to internet to only authorised persons using wireless devices.' An open Wi-Fi could be as much as illegal in India after this."
What about proxies or tunnels then?
DNA -- National Dyslexic Association
Wont they use the mail box down the street?.
Simple solution: authorize everyone with WiFi capability to access your network. The authentication is very strong, as anyone without WiFi capability will absolutely not be allowed to connect.
to stop the attacks in the first place. Lots of other ways to claim responsibility for attacks. As usual, it just makes the common man a criminal...
Since when does disobeying "guidelines and recommendations" mean you are breaking the law?
Just set the ESSID to "You are authorized," then everyone using it is authorized.
"Knowledge is the only instrument of production that is not subject to diminishing returns" -Journal of Political Econom
This seems like an in-line move with the recent article about the international group working towards eliminating anonymity on the internet. How is this going to make things more secure? If I want to set off a bomb, I'm going to set off a bomb, with or without an open wireless router. Given the stated problem, this seems like an asinine response.
Quiz: True or False -- On a scale of 1 to 10, what is your middle name?
I recently toured Skandinavia. In every reasonably big city
(that means "more than 15 houses" over there), you can nearly
be sure to find some open access point. Of course, some of
those are cluess users using lousy default configs - but quite
a lot are deliberately open, with SSIDs like "welcome_to_stockholm".
One even ran a guestbook on the AP's port 80, accessible only :-)
from the inside. Lots and lots of grateful people from all over
the world had left a message before mine
That's the kind of culture I would like to see encouraged in
other places as well, not this "OMG terrorists" bullshit being
used as an excuse for more and more control in way too many
parts of the world.
And just how are the ISPs supposed to be able to accomplish this? Are they going to have people wardriving all around India, sniffing out open wifi, then seeing if it traces back to one of their customers? Or is a strongly worded email sufficient?
When our name is on the back of your car, we're behind you all the way!
Even if this nonsense did anything at all to combat terrorism, which it doesn't, the idea of an personally identifiable internet connection is a pipe dream, not to mention that it's ethically preposterous. One of the greatest strengths about the internet is how easy it is to remain anonymous and that's a feature, not a bug.
Of all the countries I've traveled, India is far and away the biggest pain in the ass to get hold of a simple prepaid SIM to stick in your cellphone. Even a little hole-in-the-wall shop wants you to fill out a detailed form, provide identification to be photocopied, provide a valid address while staying in India ... all because they don't want terrorists to be able to use throwaway phones for planning and coordination of attacks.
I'm not at all surprised to see this mindset being extended into other wireless communications
One thing to keep in mind - while America received their "wake up call" in September 2001, there are other nations like India that have been battling terrorism on home soil for several decades. It's worth paying close attention to what these other nations are doing today, if you want clues to what America might be doing tomorrow.
If libertarians are so opposed to effective government, why don't they all move to Somalia?
You know, only outlaws will open wi-fi. Seriously, terrorists will use cracking techniques to open "closed" wi-fi networks. From what I understand, wi-fi security is weak and easily cracked anyway.
The current Indian government is the most ineffective and clueless one. The emails are sent after the bombs have gone off, after the victims are dead or injured. The damage is done. The terrorist will find another way of sending their message. Shutting down Open Wi-fi will achieve nothing!
where did my sig go? where's my sig at?
Traceroute tells me that it's 26 hops from me to the first computer in India I tried, and that looks like it's getting dangerously close to their default 30 hop max. Now, I don't know enough about network protocols to be sure of the best way to prune that route back if it grows to 27 hops, but I bet this new idea of singling out the guy running router number 26 and arresting him should work just fine. Clearly India's regulators know almost as much as I do about the Internets!
These knee-jerk reactions to anything terrorist related are going to continue to cost society dearly as a whole. Each time there is some attack the politicians leap forward with all kinds of measures to restrict our freedoms, instead of tackling the core issues.
We need to wake up and stop punishing our own communities for the actions of others.
For anyone wondering about the background to this move, you could start with the Wikipedia article"
AccountKiller
This is doing nothing to combat terrorism.
Sounds like the telecoms just want more people to go home and pay for badwith.
beyond this sounding odd from a US-perspective (even though this isn't a US thing), would this even be enforceable? I mean can you really force someone to not be able to just hid their SSID or mac filter or something?
I do understand that it would set a legal precedent over there, etc...but still.
Yeah exactly what I was thinking.
If they really want to catch terrorists, perhaps the government should secretly sponsor many free open wifi spots - fast access, no blocking etc.
And then log the traffic, mac addresses and rough physical locations (you can do triangulation to figure where the users are).
And also plant cameras in the vicinity.
So when the bombers log on to brag about it, there is a higher chance of the cops being able to pick them up for "investigation".
It's even great that they use email - you could automate stuff on receipt of the email.
Expensive? Yes. Effective? I don't know, but probably more effective than trying to discourage open wifi.
Good pint, cultural homogeneity may or may not be necessary but it is certainly not sufficient.
With the drink, it's "authenticate the age".
With wifi, is it "authenticate they are not a terrorist"?
Hell .. we will see this kind of policies from ISPs really soon once people start using the excuse "But my WAP was open and I don't know if someone used it for this criminal act." The *iaa will start sending their dogs down the path of forcing ISPs and their lapdogs in congress to make sure that we know exactly WHO is on WHAT IP address at all times so all actions can be accountable.
Think I am being crazy? Just wait and see.
If I own the "wireless device" can't I "authorise" EVERYONE and ANYONE who accesses it to "use" it?
Even if they ban Open WiFi,(which was alluded to in the article...) you could still throw up a splash page that welcomes them to your network and gives a username and password if they want to continue.
A number of hotels I have stayed at recently do this, the network is "closed" but all you do is open a web browser and click to agree to the TOS. Then you are good to go.
I like microcars
However, my question remained as to whether you can truly control whether someone can provide open access or not.
Have a police officer wardrive, and if he can associate to an AP without establishing intent, the owner of the house where the AP has the strongest signal doesn't enjoy the safe harbor protection.
All of this assumes that terrorists can be tracked by monitoring on-line activity. Yes, they may now be using anonymous Internet access. But terrorist cells are small and can effectively organize by communicating face to face.
This is a symptom of lazy cops. Its easier to set up a system to comb through e-mail and IMs than it is to do community policing and gt to know who the troublemakers are.
Have gnu, will travel.
Do you know how diverse and unorganised India is? Technology that connects people will also make terrorists job easier. And its not a once in a decade or millennium business, I call my friends in Bangalore asking were they OK, and they ask me the next day was I OK ( one month ago, and Im not talking about delhi blasts or jaipur blasts)!!
The government has too many troubles tracking explosives, naxalites, terrorists, riots, strikes and all that, the least Indians can do is give it a break. And if people know you well in your neighborhood, you dont need any of that stuff. I havent given this guy in ahmedabad my photo or anything, just told him Im studying at so and so place, and he trusts me.
Nobody is giving up liberties here, the government is trying to catch the unwanted(surplus) liberty from people who can afford it.
I know it is too easy to comment from far away, but a bit of research and contextual familiarity, your opinion might be considered. Or else you are just a westerner warming the chair and giving his opinion.
http://monkeynesianeconomics.blogspot.com/
In Sweden, it is common to either leave one's door unlocked so that passers-by can use the restroom, or have the house laid out such that a restroom is accessible from outside without passing through the house.
Either they have a different definition of "effective authentication", or they're essentially banning WiFi.
Like a lot of laws that are drawn up to "stop the bad guys", this will do nothing to stop them and cause internet cops to run around looking for open wifi and causing the innocent newbies to do more work and call technical support more often. Let's be real. The bad guys will get on any way they like and using false names if they must. The good guys will be forced to do more and stop offering for free what they want. Isn't this in line with the "open wifi for everyone"? What happened to that vision?
jsut athnoer menagiensls ltitle psrhae for you to dcoede. Why do we wtsae our tmie dnoig tihs?
This is exactly correct. Centering everything on "cultural homogeneity" is ludicrous when there are so many other characteristics of the societies that play a much more obvious and direct role here. Particularly when you look at the history of truly culturally homogenous cultures over time.
A much saner approach would simply to require ISPs to include in their terms of service and service contract a statement that says in signing up for service the account holder is responsible for all actions taken through use of the account.
I think you will likely find language like that already present in some, but not all service agreements today. It hasn't been enforced heavily, but it would eliminate a lot of silliness that exists today. You sign up for the account, you are responsible. Period.
Yes, this means that if you have an open WiFi service for your neighbors you take the heat for their downloading child porn, sending threatening letters to the President and so on. Unfortunately, from a law enforcement perspective there are few alternatives other than a camera that takes pictures every time the keyboard is used. And that isn't even a 100% solution, no matter how invasive it might seem.
The problem today is that for the most part, unless you brag, your exploits on the Internet cannot be tracked back to you. Sure, they have an IP address. But there is no connection between an IP address and a person. There isn't even a solid connection between an IP address and a computer. This means the Internet is a law-free zone today for people clever enough to contain their glee at describing their exploits in their personal crime blog.
Just like in the Wild West days, commerce eventually forced the elimination of widespread crime without law enforcement. Commerce and crime are pretty much polar opposites and if you are going to have one you cannot have the other - at least not in large quantities. The fact that I can steal your money, make purchases in your name, "borrow" anything digital that I want and never be held accountable is a problem. One solution is to simply enforce that the account holder is responsible for traffic on their account - certainly until proven otherwise.
There are plenty of examples of this type of accountability today.
A few months ago it became illegal to offer free access wifi in cafes, users had to obtain scratch cards and verify them the first time through the mobile phone. This way supposedly the government could link traffic to identities. Then the scratch card became for money instead of free, only one company is offering this service which makes one wonder if security was the only motive. What these fuckers don't get is that a person with ill intentions can still bypass all these stupid systems.
I was referring to the part where they say: "ll ISPs may be instructed to ensure that their subscribers using wireless devices must use effective authentication mechanisms" I figured that they were worried about tracking what people do on the internet, but this could be bypassed somewhat by tunneling through other computers or using proxies.
DNA -- National Dyslexic Association
TRAI website has shutdown due excessive traffic.
Heroes die once, cowards live longer.
Openness of ideas hits another hurdle.
Fail.
As a swedish person I can attest to that simply not being true. Sure it's true in the northern cities with very low population numbers but in Stockholm or any other major city, that would be outright false.
In Italy it's illegal to share your Internet connection with Anyone, even your neighbours, since 3-4 years, thanks to Mr Berlusconi and an Anti-Terror law by Mr Pisanu.
who use the essid 'linksys' on an open network.
Every American Citizen over the age of 16 be armed and dangerous with the government providing both the training and a standard format firearm (eg: 9mm or .45 ACP) based upon personal preferences. Throw out two thirds of the damn laws and make dueling legal with full rules and regulations/public referees to oversee such events. Hell even charge a damn fee for the privilege of dueling so that it's almost self supporting.
Now if we were to implement this simple change to our legal system, we could easily reduce the level of policing now required, criminal prosecution and jail costs by at least one half since most of the crooks would already be dead while ensuring that people are a whole lot more polite once again.
Mod me up/Mod me down: I wont frown as I've no crown
Isn't it illegal in most jurisdictions to provide third party access to wireless communications without a telco license? (not that I think it should be). It's just that many people are providing access by accident :-) Man, you used to have to study morse code just to even be allowed to say hello on CB radio.
You have never been to india.
Stringent laws that prevent a cop from sampling anything without a warrant.
Just a few months ago a huge telco spying scandal resulted in ouster of a few ministers and a few top cops.
The Telco blew the whistle that it was approached by these jokers to spy on a few political opponents, without warrants.
The press had a field day tearing into cops.
TV hosts were joking that cops were trying to overhear talks between you and your GF.
Plus the Left parties threatened to bring the government down and impeach a few,
The Indian PATRIOT Act equivalent was repealed because of human rights violations. Only that act allowed warrantless spying.
With that gone, the cops have to get a court order for spying on anything. And courts here are known for their deliberate refusals. For fun.
I don't know whether to be happy or sad.
"Doing what i can, with what i have." ~ Burt Gummer
Half of India has moved to, or is planning to move to, Southwestern Canada. We have decent (though expensive) internet connectivity here, they could post their attack shit from here where we have at least one open wifi point per block.
which I will loose once a terrorist uses my open wifi to send a terror email.
Take the case of an American citizen Ken Haywood who literally high tailed it out of India with just his family and a few personal possessions when the police discovered that his ISP connection was used to send a terror email related to the recent bomb blasts here. It was later determined that his open wifi connection was used for this purpose. But he suffered nonetheless, he was questioned, had to undergo a lie detector test etc... He got away lightly because he was an American.
Indian citizens would be immediately arrested for the same mistake.
I believe in sharing and freedom of speech. However, when my own freedom is threatened because of an insecure network, I am not going to wait for the government to pass a law to start using WPA2.
People who dont understand this have not experienced Indian police stations.
Indian police raided the Mumbai home of an American expatriate after someone used his open wireless network to send an email that took responsibility for a bomb blast that killed at least 42 people. http://www.channelregister.co.uk/2008/08/01/terrorist_email/