Slashdot Mirror

← Back to Stories (view on slashdot.org)

Mumbai Police To Enforce Wi-Fi Security

Posted by Soulskill on from the taking-a-stand-against-e-loitering dept.

caffeinemessiah writes "In the wake of the recent terrorist attacks in Mumbai, India, the local police are going to be sniffing out unsecured wi-fi access points and ordering the owners to secure them. The article notes that 'terror mails were sent through unsecured Wi-Fi connections' before bomb blasts in other Indian cities. No word on if they'll be walking around using Kismet, or if people who use pathetically weak WEP encryption will be ordered to switch to more advanced protocols. Unfortunately, a gesture like this does not take into account the insidious scenario of walking into a cafe, buying a coffee and then (legally) using the cafe's wi-fi. Or the fact that terrorists might actually be able to pay to use a cybercafe, and know what VPNs are." On the other hand, the Mumbai police may still be keeping track of the mandatory keyloggers that went into the area's cybercafes in 2007.

16 of 134 comments (clear)

  1. Not enough by rite_m · · Score: 5, Interesting

    Unless this policy is applied throughout the country, the city of Mumbai getting rid of unsecured wifi access points will not solve much. A terrorist can take a 3 hour bus ride to Pune to get unsecured wifi access. Mumbai itself is too big, are they talking about only the city or the whole suburbia included? Thane? New Mumbai?

    Sounds like a scare tactic to me. A publicity stunt to make people more aware of consequences of unsecured wifi.

    1. Re:Not enough by dbolger · · Score: 4, Insightful

      Calling it a "scare tactic" is a bit harsh. I'd say its more the police wanting something to point to when their bosses ask what they've done to "make Mumbai safe from this happening again".

    2. Re:Not enough by dmomo · · Score: 4, Funny

      3 hour bus ride? That's a lot of time taken out of a terrorist plot. Do you have any idea how much evil can HAPPEN in three hours? Hot dang. That's a whole 8th of a season. Just ask Jack Bauer.

  2. Will this even help? by dmomo · · Score: 4, Insightful

    I honestly don't know. If this were in effect before the attack, what difference would it have made? I can't help but think "not a heck of a lot". Terror has a way of routing itself around obstacles. While it's good to have a secure network, should it be mandated?

    Is a network "unsecure" if you intentionally keep it open? Does this outlaw sharing access then?

  3. A very insidious scenario... by oojimaflib · · Score: 4, Insightful

    the insidious scenario of walking into a cafe, buying a coffee and then (legally) using the cafe's wi-fi

    This is the first (and I hope the last) time I have heard such a scenario described as "insidious".

  4. Lame by Idiomatick · · Score: 5, Insightful

    Unless i'm at university I always leave my network unsecured. My neighbors use it on occasion (i check logs). And I use theirs on occasion, with us being on separate ISPs we get at least 5 9s of uptime. It frustrates me that secured is become standard or in this case enforced. It was much better a few years ago when i could get wireless access in most places to check emails and such. Why do have to have such a community of locked doors? If someone has a laptop they likely have their own wireless internet which you could use, it is a perfectly fair deal. If my neighbours did a few gigs a day i'd stop it but it never went over a few megs.
    Standard security should not allow access to lan. It should be allowed to set limits for outsiders and should have a message redirect when you first open FF/IE/Opera saying the rules and so forth. Thats it. Making sharing and redundancy illegal is ridiculous and as the summary suggests it doesn't help anything.

  5. Cybercafe scenario is bogus by yelvington · · Score: 5, Informative

    Unfortunately, a gesture like this does not take into account the insidious scenario of walking into a cafe, buying a coffee and then (legally) using the cafe's wi-fi.

    Wrong. You can't just walk into a cafe in Mumbai and use the wifi. You have to show a government ID (such as a passport), which is recorded, before you even get access credentials.

    The point of this exercise is to shut down anonymous Internet access, which is illegal in India.

    Similarly, you can't legally buy a SIM card for a mobile phone in India without providing identity credentials to the seller, who is responsible for recording the information for possible police followup.

    1. Re:Cybercafe scenario is bogus by Scrameustache · · Score: 4, Insightful

      You can't just walk into a cafe in Mumbai and use the wifi. You have to show a government ID (such as a passport), which is recorded, before you even get access credentials.

      Exact. And since terrorists would NEVER steal a passport, it means that this will keep the children safe, and not at all only serve to mess with regular citizens while being a mere inconvenience for true criminal intents.

      *sigh*

      --

      You can't take the sky from me...

    2. Re:Cybercafe scenario is bogus by Kindaian · · Score: 4, Funny

      Okie... so...

      1. Terrorists don't use satellite phones,
      2. They don't use any kind of walkies-talkies,
      3. And specially, they abide by ALL laws!

    3. Re:Cybercafe scenario is bogus by Anonymous Coward · · Score: 4, Insightful

      You're right. Nobody should ever check IDs for anything because they can all be faked.

      In fact, why even have laws? Terrorists can just go around shooting everybody anyway.

  6. Re:Easy Solution to Keyloggers by 1s44c · · Score: 3, Informative

    Don't use keys. Copying and pasting messages, usernames, and passwords from a USB stick would work perfectly well for a terrorist at a cybercafe.

    Thats just silly. The real answer is one time passwords.

    However you really can't do much with a computer you mistrust, they know everything that happens in your session and they might be able to remote control it in the middle of your session.

  7. Only fixing symptom not real problem by ldcroberts · · Score: 3, Interesting

    Surely the fact terrorists have anonymous access to physical roads and footpaths is a bigger issue? If that was restricted it would make their intentions measurably harder to pursue.

  8. This is Useless by yams · · Score: 4, Interesting

    I think this is a big waste of time for the Mumbai police. If the terrorists can't send an e-mail with their threats, they will just send it by postal mail (just as they were doing before e-mail). Stopping them from sending anonymous e-mail won't stop the acts of terror. The Mumbai police should focus on investigating the actual attacks and preventing further attacks, rather than shooting the messenger.

    Some people think that this can prevent them from coordinating their attacks, but I don't think so. Their attacks can be coordinated using various other techniques that may even be illegal - won't mention them, use your imagination.

    Fundamentally, creating new rules will not stop terrorists - remember that there are already laws that prevent people from acquiring AK-47s & explosives. New rules will only inconvenience law abiding citizens - not terrorists.

    Also, on another note - I don't like Times of India because they selectively prevent some comments from being displayed. I specifically mentioned this point in their comments and they have not published it, even after 2 days.

  9. Good Luck with that! by Adeptus_Luminati · · Score: 4, Insightful

    Newsflash: Mumbai has 17 MILLION people. Granted at most 500,000 have computers.

    But still the level of computer literacy in Mumbai in police force is complete joke. Hey, their government offices don't even have computers.

    I think the most ridiculous thing is that there's countless MILLIONS starving on the streets and now they are going to equip police with laptops to chase after unprotected WiFi signals?

    Didn't they get the memo a few months ago that even WPA2 was cracked with Nvidia CPU/GPUs?

    What are they going to do, enforce people to implement breakable security? Where's the sense in that.

    Indian stock market is down over 60%, I think the police should be focusing their efforts on preventing civil unrest. And government spending their money far more wisely. People are starving everywhere you look in Mumbai, not to say the same thing in just about every other Indian city.

    But that's just my 2 cents.

    --
    No trees were killed in the making of this post; however, many trillions of electrons were horribly inconvenienced.
  10. Re:Easy Solution to Keyloggers by Ethanol-fueled · · Score: 4, Interesting

    A computer need not be bugged and/or connected to the internet to create or decode a steganographic message.

    Create/encode on a trusty laptop, use USB key to transfer it to an internet cafe's rented computer to actually send it, have the other guy receive it at some other access point and then use a USB key to get it to his trusted computer where the message can be decoded. Simple without having to use suspicious VPNs and SSH and encryption and whatnot.

  11. It is A publicity stunt by WindBourne · · Score: 3, Insightful

    They want ppl to feel like they are doing something to help the nation. It is no different than when W has been saying that American airports, ports and harbors are secure. They are not. It is more work, but it is still possible to smuggle weapons on-board aircraft (in fact, far too easy). The same is true of Mumbai. Assume that these guys want to attack again. So what? They simply rig an encrypted wifi close by and then use it for themselves. VERY easy to do. In fact, they can even set up some systems where they are 5KM away and use an antenna to beam to the top of the hotel. From there, plug in various antenna's just prior to the attack. It is that simple.

    --
    I prefer the "u" in honour as it seems to be missing these days.