Until Windows eats his data. (Sorry. Obligatory bullshit Windows flame.)
No seriously, this is some cool stuff and it's a creative way to deal with the problem. I'm curious how big the webcam in question is, since the article didn't really say unless I missed it on two read-throughs. (Early in the morning, you see.) Considering that I'm about to go out and do the same thing using $100,000+ in hardware today on a couple of patients, it's really interesting because this thing probably provides pictures that are almost as good, if not just as good.
Hey, give me some suggestions. Free is clearly preferable, and low-cost is preferable, but I'm willing to pay a reasonable amount for some of the work I do. (We're talking like $300 here for a decent CAD suite until it proves itself to me, because I've been burned in the past.) Free evaluations are especially welcome.
There's a major problem finding decent CAD software for Linux. This is something that has stuck in my craw for a few years now.
Under Windows, I can get AutoCAD and use that. Like it or not, AutoCAD is pretty much the standard when it comes to CAD software. Under Linux, I don't know of anything that really comes to the same level as AutoCAD with all its various utilities.
And again -- though this is a really tired refrain from me by now -- for security reasons (don't ask what I work on), I'd much rather run a decent CAD program in Linux than under Windows. Luckily, all the biotech software and the ease of programming under Linux more than compensates for the headache of having to use something like Varicad.
I use Linux for all "real work." That means editing documents, making spreadsheets, programming, making web environments, running any kind of server, etc.
I use Windows for playing games, because that's about all it's good for. The security is so horrible that I won't trust shit to it.
I generated a PHP script that does password managing a couple of weeks ago, and even I used a SALT in the process. I suppose that this is useful if you come across a site so horribly broken as to not use a SALT, or if you know the SALT ahead of time somehow. (Not hard to do the latter, really.)
What is really hurting them right now in terms of sales is their utterly screwed up release schedule. Everyone knows Madden '06 is coming out, but maybe not the actual day. They release the console versions and start advertising like mad. The PC version is nowhere to be found. I've been to the store four times for this, and I'm done. Even though I love Madden, the chances of me jetting across town in rush hour for it to not be there again is...well, zero.
End result? I pirate the thing when it shows up on the torrent sites. Now, in fairness, at some point when I get around to a store that has it, I'll buy it anyway because I want to support the company. So they'll lose nothing monetarily. My point, however, is that their sales figures will be skewed.
they have complete patch system to distribute it (bordering on obnoxious when it nags you to reboot after updates).
That's your opinion, which you're clearly entitled to. A lot of people (God only knows the proportion) find this to be highly obnoxious, however. First off, they could probably fix a lot of these bugs without requiring a reboot in the first place. But the fact that it nags users and doesn't play nice at all, coupled with requiring a full reboot, encourages many people to turn off the auto-install option. At that point, it might as well not be there at all.
I have a Windows machine sitting somewhere right now where this has been turned off for this reason. It's probably not been updated since at least last Monday or so, for two reasons. First, the annoyance feature which hoses all sorts of applications and generally annoy the hell out of the users. Second, the machine dual-boots into Linux, and boots into Linux by default. A random reboot without user intervention results in the machine rebooting into Linux. This is done because Linux runs the 'mission critical' crap that the machine does sometimes, and the Linux installation will recover from anything weird that happens. (This isn't a big problem at all, obviously. The catch is that I can therefore tell when Windows decides to spontaneously reboot itself, for whatever reason. Windows was rebooting and killing processes right and left in the process. Linux hasn't failed yet, except when there was a power issue; I don't know if someone tripped over the cord or what.)
So now you have a machine which runs largely unattended much of the time, with something crunching away, and which can't deal with a bullshit reboot because of what it does. This thing was doing stuff like rebooting during lunch and killing whatever was running in the process and that kind of thing, in addition to the annoyance factor and the fact that Update will start patching at some random time and shoot system performance all to hell. So the feature was turned off.
Luckily, the firewall and IDS keeps us from being burned by crap like this, at least so far. I don't know of a better way to handle it, given various applications' crappy fault tolerance. (They aren't designed for it. Consumer crap.)
For reference, on the Linux side, installing a software update usually involves just terminating and restarting the service without any problems. The only things that really require a reboot are glibc updates, kernel updates, and updates to the init process. Those are few and far between. So an equivalent exploit on the Linux machines would be transparently and automatically fixed at the time of release.
Microsoft has a really bad job to do here, but it's at least partially due to their own mistakes of the past. Because some machines may run unattended because their user is on vacation or whatever, and poor design requires reboots for every system update, they had to make a decision, and the logical one to make was just to reboot the unattended machines and install the update. Since just rebooting the machine while the user is sitting there is, well, stupid and annoying, they have the nag screen with the countdown. Unfortunately, because this is annoying, many situations encourage the auto-update system to be disabled, which then results in "critical update" patches like this not being done. On at least a laptop, the most logical way to probably do this is to have an option that installs the update based on system load values (nice 19 the thing), and disables the nag screen. Then when the laptop _reboots_ the next time (NOT when it's turned off, when the user wants to get out of Dodge), install the update. Since laptops don't normally sit on all the time, this works. A desktop is a pain in the ass from their perspective.
Like I said, a bad situation for Microsoft to be in. It's a mess.
I brought this up a few weeks ago in another thread. The problem with Windows Update as currently implemented is that it is not a very good desktop citizen. It will download the patch (good), and then if you set it to auto-apply the patches (which we're talking about here) it will go apply the patch without any regard for the load on the machine, thus bringing any intensive applications to a screeching halt. After it does that, it goes off and repeatidly annoys the hell out of the user to reboot the machine. This crashes some applications which don't handle having the desktop yanked from them well, while at the same time causing a problem if this happens when, say, the user is at lunch with a bunch of stuff open.
This is good in theory, and I'm sure that Microsoft had good intentions. However, they need to have it install patcWhes with some respect for load (just install them at the Windows equivalent of 'nice 19'.) They also need to do something about the nag feature. As it stands now, I think many people just turn the auto-install feature off, which results in the patch just sitting there much of the time. Further, the requirement for a reboot in the first place (which many times is superfluous, unless that's changed in later Windows versions) interrupts work, and further discourages people from installing it.
So now you have a bunch of patches being downloaded, but requiring manual installation of some sort, and only when the user has the time to mess with it and isn't actively using the machine at the time.
Then again, the only thing my Windows machines are used for is playing games and the occasional hotsync of Palm software that has some Windows-dependent desktop component. Anything mission critical already runs on Linux or, in one case, OpenBSD.
Yes, it's a mess. Let's say that I make a game that uses characters, like The Sims. Let us further say that I want really realistic character modelling. Despite the fact that I have no content in the game that allows the player to strip the models naked, I go ahead and model the mounds of the breasts so that under the clothes the modelling is more realistic.
Now someone comes along and releases a mod for my game that strips the clothes off, and sticks a pink nipple on each breast. All of a sudden, the idiots in the government and the ESRB think that, since I had such "hidden" stuff in the game, I obviously must have intended for it to be discovered, and therefore my game should get an AO rating. This all aside from the fact that my game was aimed at 8-12 year olds, and involved doing good deeds for old ladies or something. In fact, to these people, that makes it worse! I'm corrupting the youth!
And like, omg, this is so useless for females. I mean like, we are born with our very own Jerk-O-Meter's anyway!
Without a doubt. That's how women manage to keep dating the biggest jerks they can find, and complain to their "nice guy friend" who "they don't think of in that way" because "he's so nice and understanding."
I was in fourth grade (I think it was) when Challenger blew up. I remember the day, or more accurately I remember hearing about it, but didn't know about it until eight hours later. (Yes, my school sucked.)
When Columbia exploded, I was at work. During a lull, I checked foxnews.com and they had a big, honking article about the shuttle exploding. I told my coworkers about it. They blew me off because none of the other news sites had it. Then the article went down, replaced with something stupid. Five minutes later it was back up and on every other news site.
In the weeks that followed, thanks in no small part to Slashdot, I learned more about rocket physics and the shuttle than I care to admit.
I'm just glad Discovery is back, back in one piece, and back with all hands. If something bad had happened this time, the space program would have likely been pretty much over once the dolts in Congress got ahold of it, and the American public started complaining about the loss of life. (Hint: All these people know they might not come back.) If you want an example of how little tolerance Americans have for big-news death, watch the reaction over the deaths in Iraq. It's a damned war! And 1800 Americans have died over there. Frankly, that's pretty good for a multi-year long war.
I wonder what the cost of landing at Edwards vs. Kennedy is. Now that have to put it on top of a 747 and truck it back to Florida. That can't be cheap, and they're not exactly rolling in dough.
Think about it: How much of a difference can there be to move it from Florida to Houston versus from Edwards to Houston?
The name at least has some logical meaning. (Though the GNU version is still going to be called Gonad, no doubt.:) I agree that the name sounds kind of stupid.
"The Collaborative International Dictionary of English v.0.48" Monad Mon"ad, n. L. monas, -adis, a unit, Gr. ?, ?, fr.
mo`nos alone.
1. An ultimate atom, or simple, unextended point; something
ultimate and indivisible.
1913 Webster
2. (Philos. of Leibnitz) The elementary and indestructible
units which were conceived of as endowed with the power to
produce all the changes they undergo, and thus determine
all physical and spiritual phenomena.
1913 Webster
3. (Zool.) One of the smallest flagellate Infusoria; esp.,
the species of the genus Monas, and allied genera.
1913 Webster
4. (Biol.) A simple, minute organism; a primary cell, germ,
or plastid.
1913 Webster
5. (Chem.) An atom or radical whose valence is one, or which
can combine with, be replaced by, or exchanged for, one
atom of hydrogen.
1913 Webster
Monad deme (Biol.), in tectology, a unit of the first order
of individuality.
1913 Webster
I find it disturbing when I read a "hacker" zine and run across articles teaching people how to do ad-hoc analysis of binary files with 'string,' 'file,' and other similar utilities.
Apparently, I've evolved and become the ueberhacker if this is any indication. (Of course it isn't, but hell.)
You should be able to. My understanding is that the chip has a "certified" cryptographic key. Some hash of the software is sent to the chip, played with, and gets an approval. Or some bullshit. (IT should be obvious that I'm not clear on how this works.)
But I don't need to be. I don't see quite how this is anything more than a stumbling block to supremely piss people off.
Now, as far as OSX is concerned, I honestly might buy it and try it. Unfortunately, it won't run on any of my Intel hardware. So regardless of whether Apple is mainly in the hardware business or not, they just lost a sale. They're failing to see that they can directly compete with Microsoft ad tap into the huge market of people with x86 PCs.
Some other (more useful) comments.
on
Hacking Hotels 101
·
· Score: 5, Interesting
For what it's worth, I do the same thing sometimes when I'm stuck in traffic at this particular intersection in front of a hotel that provides free 802.11b to their guests. I haven't sniffed the traffic because I'm never there long enough and I don't care either, but I have no doubt that were I to do so I'd get all sorts of juicy cleartext passwords, usernames, network information, and God only knows what else. Oh, and by the way, it also works at my university, which is a major academic institution.
This is because in the interests of usability, these systems do not use WEP. In the case of the university, their security consists of not honoring DHCP requests if the system doesn't know your MAC, and hiding the ESSID. Again, no WEP. I have sat in conferences and watched people checking their email. (That's also good for, how shall we say, 'social intelligence.')
The bottom line is, and always will be, that people need to pay attention to how the technology they use works. If they don't know, then it is to a certain extent their own problem.
To combat this, all my wireless systems, including the ones I use at home, use a VPN to connect to my home router, and then the traffic goes out from there. The VPN uses a cryptographic key for authentication, not a password, and all traffic except for DHCP requests go over it. The best someone can really accomplish at the network level is to bump me off the network, at which point the VPN falls over too, and no data is compromised. The system at home also uses WEP, and requires that all machines connecting over wireless use a VPN to get routed from the router to, well, anywhere, even the LAN.
"But what about after the data leaves your cable modem at home?" That's a valid concern. So any data that I'm really concerned about is encrypted going out of there too. The catch is that, of course, I can't do that all the time, and it could still give someone a lot of intelligence by monitoring the traffic. At that point, though, I have a legitimate beef with the cable company, just as users who plug their computer into a hotel ethernet port (not wireless) have a beef with the hotel if someone in the adjacent room sniffs their traffic.
The sad reality is that most people have absolutely no data security at all. Often times, they give themselves the illusion of security by doing something like using some snake-oil crypto product on their Windows machine, which is still clearly open to a number of software-based attacks. And, of course, if you compromise the hardware, nothing is going to save your ass.
Sitting at home, I see six wireless networks. One of them is mine. Four of them don't have any indication of whose they are, so they get a bit of security through obscurity in terms of someone trying to attack them directly. Nevertheless, three of the four are insecure, and the fourth uses only WEP. Of those three unsecured networks, they're broadcasting all sorts of crap in the clear, and two of the three are ridden with spyware and viruses to the point that I can tell remotely using only passive means.
The last guy got interesting. He removed the confusion about whose network was whose, at least with regard to his, by putting his last name in the SSID. The network is wide open.
Re:Most Hotel TV are locked though right?
on
Hacking Hotels 101
·
· Score: 1
"Additionally, he could use hidden codes that transmitted from the remote-control device to the TV through infrared to control functions in the system...Laurie automated the process by using a program he wrote that analyzed and mapped all the possible codes in 35 minutes to see which ones were relevant for the system he was trying to crack. Laurie doesn't plan to release the program."
That's why they should use a VPN, SSL, or some other kind of security. In the case of, say, SQL requests being blown in the clear over a Ethernet hub to every room in the hotel, the liability needs to lie with the hotel. The hotel can then decide to sue the network installer or whatever the hell they want, but the fact of the matter is that someone uses a service and either:
1. The data is broadcast over the air in the clear.
2. The data is broadcast into their computer with the assumption (that neither the user nor the computer has agreed to) that it won't look at traffic that hits it if that traffic isn't targetted at its IP address.
I wasn't automatically assuming that Microsoft is going to screw me. It's just that based on my experience with these kinds of "DRM-lite" methods, inevitably what happens is that they require some token that inevitably gets lost. Years ago it used to be some code-wheel or something equally idiotic. Then it was random words out of the manual. Then it was serial numbers. Then it was CD keys that they don't print on the actual CD. Then once hard drives got really big, they decided to install everything to the drive but still require the CD for no good reason at all.
Corporate America is phenomenally good at screwing consumers by default in the computer industry.
Slashdot Mirror
I actually was referring to the resolution of the camera, but the incorrect word usage resulted in more humor than I otherwise could have managed. :)
No seriously, this is some cool stuff and it's a creative way to deal with the problem. I'm curious how big the webcam in question is, since the article didn't really say unless I missed it on two read-throughs. (Early in the morning, you see.) Considering that I'm about to go out and do the same thing using $100,000+ in hardware today on a couple of patients, it's really interesting because this thing probably provides pictures that are almost as good, if not just as good.
Hey, give me some suggestions. Free is clearly preferable, and low-cost is preferable, but I'm willing to pay a reasonable amount for some of the work I do. (We're talking like $300 here for a decent CAD suite until it proves itself to me, because I've been burned in the past.) Free evaluations are especially welcome.
Under Windows, I can get AutoCAD and use that. Like it or not, AutoCAD is pretty much the standard when it comes to CAD software. Under Linux, I don't know of anything that really comes to the same level as AutoCAD with all its various utilities.
And again -- though this is a really tired refrain from me by now -- for security reasons (don't ask what I work on), I'd much rather run a decent CAD program in Linux than under Windows. Luckily, all the biotech software and the ease of programming under Linux more than compensates for the headache of having to use something like Varicad.
I use Linux for all "real work." That means editing documents, making spreadsheets, programming, making web environments, running any kind of server, etc.
I use Windows for playing games, because that's about all it's good for. The security is so horrible that I won't trust shit to it.
All in all, this is another ho-hum kind of story.
Simple. The 31337 h4xx0r5 are all dumping their databases into it, trying to see if they can find any gold, as it were.
End result? I pirate the thing when it shows up on the torrent sites. Now, in fairness, at some point when I get around to a store that has it, I'll buy it anyway because I want to support the company. So they'll lose nothing monetarily. My point, however, is that their sales figures will be skewed.
Just something to keep in mind.
Admin: OMGWTF! I just got portscanned!
Student: Hey, they have telnetd running with no password required for root access!
Admin: OMG! OMG! OMG! I've been HAAAAAACKED!
Principal: Call the cops! Alert the media! HUZZAH!
That's your opinion, which you're clearly entitled to. A lot of people (God only knows the proportion) find this to be highly obnoxious, however. First off, they could probably fix a lot of these bugs without requiring a reboot in the first place. But the fact that it nags users and doesn't play nice at all, coupled with requiring a full reboot, encourages many people to turn off the auto-install option. At that point, it might as well not be there at all.
I have a Windows machine sitting somewhere right now where this has been turned off for this reason. It's probably not been updated since at least last Monday or so, for two reasons. First, the annoyance feature which hoses all sorts of applications and generally annoy the hell out of the users. Second, the machine dual-boots into Linux, and boots into Linux by default. A random reboot without user intervention results in the machine rebooting into Linux. This is done because Linux runs the 'mission critical' crap that the machine does sometimes, and the Linux installation will recover from anything weird that happens. (This isn't a big problem at all, obviously. The catch is that I can therefore tell when Windows decides to spontaneously reboot itself, for whatever reason. Windows was rebooting and killing processes right and left in the process. Linux hasn't failed yet, except when there was a power issue; I don't know if someone tripped over the cord or what.)
So now you have a machine which runs largely unattended much of the time, with something crunching away, and which can't deal with a bullshit reboot because of what it does. This thing was doing stuff like rebooting during lunch and killing whatever was running in the process and that kind of thing, in addition to the annoyance factor and the fact that Update will start patching at some random time and shoot system performance all to hell. So the feature was turned off.
Luckily, the firewall and IDS keeps us from being burned by crap like this, at least so far. I don't know of a better way to handle it, given various applications' crappy fault tolerance. (They aren't designed for it. Consumer crap.)
For reference, on the Linux side, installing a software update usually involves just terminating and restarting the service without any problems. The only things that really require a reboot are glibc updates, kernel updates, and updates to the init process. Those are few and far between. So an equivalent exploit on the Linux machines would be transparently and automatically fixed at the time of release.
Microsoft has a really bad job to do here, but it's at least partially due to their own mistakes of the past. Because some machines may run unattended because their user is on vacation or whatever, and poor design requires reboots for every system update, they had to make a decision, and the logical one to make was just to reboot the unattended machines and install the update. Since just rebooting the machine while the user is sitting there is, well, stupid and annoying, they have the nag screen with the countdown. Unfortunately, because this is annoying, many situations encourage the auto-update system to be disabled, which then results in "critical update" patches like this not being done. On at least a laptop, the most logical way to probably do this is to have an option that installs the update based on system load values (nice 19 the thing), and disables the nag screen. Then when the laptop _reboots_ the next time (NOT when it's turned off, when the user wants to get out of Dodge), install the update. Since laptops don't normally sit on all the time, this works. A desktop is a pain in the ass from their perspective.
Like I said, a bad situation for Microsoft to be in. It's a mess.
Worse, my network IDS still catches the various Mickeysoft SQL worms' attempts to propogate. A year later.
This is good in theory, and I'm sure that Microsoft had good intentions. However, they need to have it install patcWhes with some respect for load (just install them at the Windows equivalent of 'nice 19'.) They also need to do something about the nag feature. As it stands now, I think many people just turn the auto-install feature off, which results in the patch just sitting there much of the time. Further, the requirement for a reboot in the first place (which many times is superfluous, unless that's changed in later Windows versions) interrupts work, and further discourages people from installing it.
So now you have a bunch of patches being downloaded, but requiring manual installation of some sort, and only when the user has the time to mess with it and isn't actively using the machine at the time.
Then again, the only thing my Windows machines are used for is playing games and the occasional hotsync of Palm software that has some Windows-dependent desktop component. Anything mission critical already runs on Linux or, in one case, OpenBSD.
Now someone comes along and releases a mod for my game that strips the clothes off, and sticks a pink nipple on each breast. All of a sudden, the idiots in the government and the ESRB think that, since I had such "hidden" stuff in the game, I obviously must have intended for it to be discovered, and therefore my game should get an AO rating. This all aside from the fact that my game was aimed at 8-12 year olds, and involved doing good deeds for old ladies or something. In fact, to these people, that makes it worse! I'm corrupting the youth!
Sometimes we all are made to feel like Socrates.
Without a doubt. That's how women manage to keep dating the biggest jerks they can find, and complain to their "nice guy friend" who "they don't think of in that way" because "he's so nice and understanding."
When Columbia exploded, I was at work. During a lull, I checked foxnews.com and they had a big, honking article about the shuttle exploding. I told my coworkers about it. They blew me off because none of the other news sites had it. Then the article went down, replaced with something stupid. Five minutes later it was back up and on every other news site.
In the weeks that followed, thanks in no small part to Slashdot, I learned more about rocket physics and the shuttle than I care to admit.
I'm just glad Discovery is back, back in one piece, and back with all hands. If something bad had happened this time, the space program would have likely been pretty much over once the dolts in Congress got ahold of it, and the American public started complaining about the loss of life. (Hint: All these people know they might not come back.) If you want an example of how little tolerance Americans have for big-news death, watch the reaction over the deaths in Iraq. It's a damned war! And 1800 Americans have died over there. Frankly, that's pretty good for a multi-year long war.
Mod me (-5, Dumbass).
Slashdot interview! (No, I'm serious. Good publicity for them among people who want to see the space program continue.)
The name at least has some logical meaning. (Though the GNU version is still going to be called Gonad, no doubt. :) I agree that the name sounds kind of stupid.
"The Collaborative International Dictionary of English v.0.48"
Monad Mon"ad, n. L. monas, -adis, a unit, Gr. ?, ?, fr.
mo`nos alone.
1. An ultimate atom, or simple, unextended point; something
ultimate and indivisible.
1913 Webster
2. (Philos. of Leibnitz) The elementary and indestructible
units which were conceived of as endowed with the power to
produce all the changes they undergo, and thus determine
all physical and spiritual phenomena.
1913 Webster
3. (Zool.) One of the smallest flagellate Infusoria; esp.,
the species of the genus Monas, and allied genera.
1913 Webster
4. (Biol.) A simple, minute organism; a primary cell, germ,
or plastid.
1913 Webster
5. (Chem.) An atom or radical whose valence is one, or which
can combine with, be replaced by, or exchanged for, one
atom of hydrogen.
1913 Webster
Monad deme (Biol.), in tectology, a unit of the first order
of individuality.
1913 Webster
Apparently, I've evolved and become the ueberhacker if this is any indication. (Of course it isn't, but hell.)
But I don't need to be. I don't see quite how this is anything more than a stumbling block to supremely piss people off.
Now, as far as OSX is concerned, I honestly might buy it and try it. Unfortunately, it won't run on any of my Intel hardware. So regardless of whether Apple is mainly in the hardware business or not, they just lost a sale. They're failing to see that they can directly compete with Microsoft ad tap into the huge market of people with x86 PCs.
This is because in the interests of usability, these systems do not use WEP. In the case of the university, their security consists of not honoring DHCP requests if the system doesn't know your MAC, and hiding the ESSID. Again, no WEP. I have sat in conferences and watched people checking their email. (That's also good for, how shall we say, 'social intelligence.')
The bottom line is, and always will be, that people need to pay attention to how the technology they use works. If they don't know, then it is to a certain extent their own problem.
To combat this, all my wireless systems, including the ones I use at home, use a VPN to connect to my home router, and then the traffic goes out from there. The VPN uses a cryptographic key for authentication, not a password, and all traffic except for DHCP requests go over it. The best someone can really accomplish at the network level is to bump me off the network, at which point the VPN falls over too, and no data is compromised. The system at home also uses WEP, and requires that all machines connecting over wireless use a VPN to get routed from the router to, well, anywhere, even the LAN.
"But what about after the data leaves your cable modem at home?" That's a valid concern. So any data that I'm really concerned about is encrypted going out of there too. The catch is that, of course, I can't do that all the time, and it could still give someone a lot of intelligence by monitoring the traffic. At that point, though, I have a legitimate beef with the cable company, just as users who plug their computer into a hotel ethernet port (not wireless) have a beef with the hotel if someone in the adjacent room sniffs their traffic.
The sad reality is that most people have absolutely no data security at all. Often times, they give themselves the illusion of security by doing something like using some snake-oil crypto product on their Windows machine, which is still clearly open to a number of software-based attacks. And, of course, if you compromise the hardware, nothing is going to save your ass.
Sitting at home, I see six wireless networks. One of them is mine. Four of them don't have any indication of whose they are, so they get a bit of security through obscurity in terms of someone trying to attack them directly. Nevertheless, three of the four are insecure, and the fourth uses only WEP. Of those three unsecured networks, they're broadcasting all sorts of crap in the clear, and two of the three are ridden with spyware and viruses to the point that I can tell remotely using only passive means.
The last guy got interesting. He removed the confusion about whose network was whose, at least with regard to his, by putting his last name in the SSID. The network is wide open.
What a wimp. Information wants to be FREEEEEE! :)
1. The data is broadcast over the air in the clear.
2. The data is broadcast into their computer with the assumption (that neither the user nor the computer has agreed to) that it won't look at traffic that hits it if that traffic isn't targetted at its IP address.
Corporate America is phenomenally good at screwing consumers by default in the computer industry.