Do you have a bluetooth hands-free set installed in your car? I have and I seriously think I can talk and drive at the same time. Just not to the boss or an angry girlfriend.
If it's inconvenient, then some people will try to work around it.
And no, it's not about iPods but charging your phone via USB because every single power socket is used, hidden or inaccessible.
And it's about plugging in your USB drive for exchanging data.
If any single compromised client machine residing outside strongly defined security premises can somehow take down your network, then you need to secure your network better. There are tons of possible vectors including but not limited to transparent eavesdropping devices not larger than a USB dongle, maliciously installed bugs in a cable rack somewhere and the like.
If you have cleartext, open ports and vulnerable machines going about in a large scale company ethernet, you're hosed because you rely on very hard to maintain and even harder to verfiy assumptions.
In short: a false sense of security is worse than no security.
- You assume, that all machines on your network have not been compromised unless your detection engine tells you otherwise. con: Precision-tailored eavesdropping equipment will fly below the radar while you catch iPods, Nabaztags and other innocent stuff.
- You assume that you've thought of every attack single vector and further assume you plugged it or you're monitoring it effectively. con: you've not thought of everything. Nobody does.
- You or your collegues will therefore assume the internal network to be much safer than the open Internet and invariably relax security. con: sneaky eavesdropping devices connected through vectors you forgot about may be listening to important communication that is not internally encryptiong because of relaxed security or mapping out your network for coordinated attacks later on.
If you couldn't connect your entire office workstation pool directly to the open internet without risking successful attacks, your node-based security is too low and no network-based security will help-at all.
Maybe it's because of the tendency of porn viewers to move their right or left hand a bit too much in the process.
Then again, it's pretty much the same with everything else concerning sexuality at work: you have to an asexual nobody or someone will point the finger.
Goofing off for hours every week is equally bad but almost ok, but dare to have ONE ten-minute sexual intercourse in the bathroom. Even sleeping on your desk for hours will not yield the same penalties as having unauthorized sex anywhere on company premises, even when doing it while logged-out or long after closing time.
You can waste millions of company assets without reprimands but any sex means immediate termination in almost all cases, even if it's your wife you work with.
The financial risk or loss for the company is absolutely nil, but somehow this is the single most important taboo in our corporate environment.
I don't care about any of hobbies they do while at home or in the office, if I don't have to hear, see or smell them.
They can have gang bangs after hours or during lunch breaks as long as Im not around. They can do drugs as much as they like, they can perform shamanistic rituals or pray five times a day to Mecca.
I. Just. Don't. Care. At. All.
Besides, what's the monetary difference from a company's perspective between employees spending their lunch break bonking the secretary in the bathroom or calling their kids for half an hour?
WeAbsolutely none since we're not a Catholic shop.
But if they slip two deadlines, alienate one reasonable and trusted customer or produce uncommon costs for the company it's time for a staff report - and if they slip again within one year they're let go.
They're employees, not kids and they certainly don't need or want the boss to be their daddy.
Exactly: people routinely work longer than the 40 hours in their contracts and management relies on them doing it.
Why on earth should 40 hour-work-contracts be any less or more flexible than IT workplace policies?
If they require me to obey every rule by the letter, then I will *also* obey every letter in my contract and leave my desk after 40 hours with less than one minute overtime per year. Rules are flexible in both directions or not at all. Find a cheap offshore replacement without a thick accent if you think you don't need me.
Your security model is complete and utter bunk if it requires your client machines or workstations to remain untouched.
You can't trust any machine that is not under your permanent and immediate physical control. Everything outside your firewalled, access-restricted data center must be treated as compromised or compromise-able.
This is especially true with take-home notebooks, very large premises or offices all around the country.
When your security cannot be trusted to withstand private notebooks with God-knows-what on it, you seriously need to review it. Because chances are, hundreds of your employees are already using privilege-escalated accounts as we speak without you ever knowing.
While you're at it, train everyone of your employees not to be stupid.
Has anyone yet considered
- admin rights and alcotests in every company operated vehicle, so no one with a hint of alcohol can start the engine, because driving under the influence kills workers and costs the company thousands?
- admin access only to knives, scissors, screwdrivers, lawnmowers, chainsaws, drills and hammers because otherwise they could be misused and cause injuries or death among the workers?
- locks on doors and windows so no employee can open them without admin rights and fall to their death?
- tight-fitting gas masks that cannot be removed without admin rights for workers in a chemical plant so no one can accidentally breathe in fumes?
- admin rights for bathroom door locks so employees can not spend too much time in unauthorized potty breaks?
- admin rights on company stationery, stamps, pens and ink so no employee can write unauthorized company letters that management cannot review nor censor?
- mandatory security mumbo-jumbo and admin-only-everything anywhere except information technology?
I don't think so. After countless hours of trying to get online on unsecure wifi during business trips, trying to use a coworkers internet access to review train schedules or trying to get one lousy presentation or spreadsheet to another business partner's computer, I'm totally fed up with ridiculous IT policy.
Nowhere in the corporate world will you find access or usage restrictions even remotely as silly and obscene as in IT. I mean, you can use and take out construction vehicles or machinery worth several hundred thousand bucks without more than showing your license and signing a slip of paper - in the same company that forbids using USB thumbdrives under the death penalty.
Sooo ridiculous. People are expected to acknowledge and avoid tremendously complex failure modes on heavy, expensive and dangerous machinery while we forbid them to install a screensaver on their workstation "for safety reasons". Some engineers have rotating control-station- and office-duty shifts: in the control room, they are trusted to manage nuclear reactors, but in their office shifts we restrict them from installing screensavers without a second thought.
Problem is: you're dealing with real actual people that have real actual lives and interests. Your job is to secure IT infrastructure AND support your users. If you care only about your holy sanctified security, you're only doing one half of your job and if they manage to install software, you don't even perform that half properly.
People use ICQ at home all the time and somehow many of them manage to not get rootkitted and that's not out of sheer luck. So where's the problem in reproducing the same guidelines for your workplace that sane home users follow when using ICQ? There are peer-reviewed GPL'ed ICQ clients, remember?
And why is IT security on desktop machines so important? You control their web access, you control your servers and your data center is behind many layers of firewalling. The worst that could happen is a w32.Blaster outbreak among your workstations and that's going to happen only if you skimp on updates, scanners and internal firewalling.
So what? You have images to reinstall one machine in less than ten minutes. The poor little user who wrecked his machine by installing ICQ will be ashamed for weeks among his coworkers. You can BOFH them into oblivion later on, so why should anyone be fired then?
And then again this is not only about revenue-risk-tradeoffs but also because of company attitudes, company loyalty, trust between departments and an environment worth working in. After all, we all do 10 hour workdays sometimes and God help our office staff if they were confined to Word and Excel only then. We want them to actually like going to work, because that saves a ton of wage raises in the long run and reduces turnover by extreme percentages. If you annoy your users, you cost your company brownie points and raise turnovers. And high turnovers cost more than all ICQ desasters combined.
Write stuff, compile, upload and run it, it's not that hard.
Except for it being Windows and Microsoft land, no one ever shoots you in the back for writing software for your own or anyone else's phone.
And rejecting a product from a monopoly-like store and forbidding anyone to tell about it, come on, that's ridiculous and absolutely a kind of exploitation. No matter if the NDA is a valid contract or not - it is unethical, probably violates some rights on the weaker end, the developer and could very well be shot down in court.
But Windows Mobile has been around for ages, there's Java runtimes for it and you can develop and run everything you like. You just miss the wealthy Apple fanboi crowd as a target demographic:)
This is about airline security and therefore we talk about airline terrorism first and foremost. 30 years seemed to be a reasonable timespan to deduct trends from and was not specifically selected by me.
Yes, there are other terrorist groups. Yes, some of them have nothing to do with any religion at all.
But they don't do planes, that's why we don't need to check against them so thoroughly on airports.
Face it, if all airline terrorists and a large part of all teerrorists in general DO have brown skin, one would be dumb to specifically EXclude such information from security checks. Justics may be blind, but demanding police work to be done without looking at the faces of people is ridiculous.
There is a known and testable association of p(airplane_terrorist)->p(male, muslim). Don't make the mistake and reverse the implication - or accuse others of doing it and try to claim p(muslim)->p(terrorist); that's not true and was never meant or intended and with you as a Slashdot reader I'm sure you know enough about logic.
If p(terrorist)->p(muslim) applies in virtually all of the cases, then p(not muslim)->p(not terrorist) must hold with the same percentage.
This is an ex-post-facto analysis, while airport security must of course make ex-ante decisions, but nevertheless it makes for a strong case.
Now if you tried to make a case in not allowing discernable patterns to be exploited by terrorists, you'd have made your point.
Common sense does not need citations. Show me ONE (1) actual airplane terrorist within the last THIRTY (30) years that was female and/or not affiliated with Islam.
As long as we don't see any terrorists that do NOT consider themselves to be Muslims, this screening would not create any false negative.
In fact, even relegating ALL Muslim men to a secondary security check would mean no potential terrorist would miss the first round of checks.
To play devils advocate: a pork and ham sandwich would be more effective primary screening than any technical measure could ever be. Why? Because every single terrorist considers themself to be Muslim - and Muslim faith prohibits pork sandwiches. As all terrorists have strong faith, no one could eat this thing.
Now, the number of false positives would be overwhelming...
Of course, terrorism is a quite unlikely event even when compared to other unlikely events as engine failures and pilot errors.
But that was not the question here, because all the hassle we go through at the airport every time is because of terrorism and because of terrorism alone. All major inconveniences for us passengers is caused by this and that's why we're talking about that.
Can you for a moment outline your reasons that make you think ethnic (or sexistic or age-istic) profiling is wrong?
Please think not only about moral but also practical issues for everyday, real-world situations including a fair trade-off between everyone's security (except for the terrorists) and everyone's inconvenience (again except for the terrorists). (For the sake of the argument let "terrorists" be "people who willfully and specifically endanger airplane passengers for whatever reason by explosives, small arms and other man-portable or small group operated weapons")
Please also consider if it would actually beneficial or detrimental to this goal if you included or excluded known results and associations from previous terrorist incidents. These would certainly include a large part of actual terrorists from past events to be male, affluent, of middle-eastern descent and who would themselves describe as being affiliated to Islam.
In hindsight - and discounting all technical failures, operators errors and violent attacks by organized military air-defense of whatever country - the major reason for loss of life in air travel is violence by terrorists. And most, if not all of these terrorists fit the description of being male and describing themselves as being affiliated to Islam. A great deal of them being also affluent, educated and of middle-eastern descent.
Please note that A->B does not imply B->A, which means that of course middle-eastern Muslim men are not all terrorists.
But A->B still holds and implies not(B ->not(A), meaning that if all airline terrorists are male and most would consider themselves to be Muslims, you could quite logically argue to relax security checks on Jewish, Christian or atheistic women of European or Asian descent.
Cleartext email, blackmail-able stuff (pr0n, dating sites, gambling), searched items, purchases, political or other forums. Everything people do on the internet is their private matter and has to be protected from Joe Sixpack around the corner who's toying around with airsnort.
There really can be such a thing as security overkill, but keeping out nosy neighbors is definetly NOT overkill. This is not stuff for tinfoil hats worrying about NSA, FBI, FEMA and alien conspiracies but real actual considerations for real actual world scenarios: the neighbor's whiz kid snooping and sharing their findings with the whole school. For this, no, thanks.
You should know and I even wrote specifically why PGP is unworkable for laypeople's mail and why MAC restrictions for home setups are a burden to maintain.
WPA and WPA2 in their PSK variants were developed for especially and specifically for this scenario and it performs incredibly well in real-world applications.
Relying on a cacophony of tools and protocols which require extensive training and bring a host of secondary issues with them needs a good reason.
As I understand, the reasons for this are the need to connect a bugged Apple product and an irrational desire to avoid a standardized, peer-reviewed, simple, proven and inexpensive method like WPA2 that has zero disadvantages except being in single-digit percentages slower compared to the toolchain you suggest.
I understand your quest for optimization, but I have to admit this proposed trade-off is pretty dumb in my view.
On the other hand, if you and your CEO are unable to collectively decide that checking emails with the new toy is sooo not worth risking company secrets and the infrastructure change required by this, then you're either incompetent (if you can't explain the disadvantages in layman's terms so CEO understands) OR you are in a doomed company anyway (CEO that doesn't understand even the most basic tenets of security and confidentiality).
If your CEO successfully forces the entire IT department into submission to unencrypt the company wifi access after consulting your educated opinion, file a memo, update your resume - and bail out when ready.
That silent fix procedure is one of the main reason we will probably see any Linux distro faster in the general business populace than software or hardware from Apple Inc.
It's hard enough to maintain a heterogenous client-server environment when all relevant vendors offer full changelogs for each update and hotfix. More often than not, they still affect areas and functions they didn't even touch.
Just imagine maintaining a network full of hard and software with updates for which only God and Steve Jobs know what they are actually changing. No one has enough time and resources to conduct full audits after each update, a thorough check of all stated changes is the absolute maximum any IT department outside NASA and NSA would be willing to commit.
Proposed solution: lock down MAC access lists to prevent unauthorized access because encryption is reducing maximum net bandwidth between AP and client.
Verdict:
a. full protection against sniffing, eavesdropping and cracking attempts is needed all the time while maximum throughput is not. I don't know about the net effect on bandwidth but the speed limit is usually between AP and ISP for anything but demanding intranet file transfers. The considered maximum use case is less than three machines watching HD-video streams simultaneously from the inhouse file server. WPA2 is able to deliver this with a healthy margin.
b. There are users on my net with entry-level IT knowledge. It is absolutely unrealistic to assume they can be trained to use SSL when needed, let alone comprehend PGP or VPNs. Although this may be considered standard procedures by some, they are clearly not, within the general internet population. I don't want to undertake large educational projects, but make the best efforts to secure my part of the transit line. WPA2 can deliver this, as it is part of all recent OS'es and requires no special knowledge other than SSID and PASS.
c. VPNs could be argued to be standard procedures, too, given recent OS'es, but require more training or support that I'm able to give. Also, I don't want to implement numerous test cases to ensure that a VPN-ed setup does not allow for out-of-tunnel connections, which at least Windows will try to do under some circumstances (VPN down but WIFI online).
d. routers may be cheap, but I am cheaper. Additional electricity consumption (+10W idle) and equipment purchases are not my style.
Conclusion: proposed solutions do not fit requirements, time and budget contraints.
Personal opinion: it is ironic to propose VPN encryption after explicitly stating that encryption generally limits available bandwidth. In this contect, proposing PGP-encrypted emails through an SSL-encrypted link to the email provider using a VPN-encrypted last mile access is pretty laughable. Purchasing 50 EUR worth of equipment that consumes 30 EUR worth of electricity per year, redesigning the local network and educate several users to offset for the shortcomings of one single device is perverse.
Slashdot Mirror
Do you have a bluetooth hands-free set installed in your car? I have and I seriously think I can talk and drive at the same time. Just not to the boss or an angry girlfriend.
I for one welcome our "grammernazi" overlords.
If it's inconvenient, then some people will try to work around it.
And no, it's not about iPods but charging your phone via USB because every single power socket is used, hidden or inaccessible.
And it's about plugging in your USB drive for exchanging data.
If any single compromised client machine residing outside strongly defined security premises can somehow take down your network, then you need to secure your network better. There are tons of possible vectors including but not limited to transparent eavesdropping devices not larger than a USB dongle, maliciously installed bugs in a cable rack somewhere and the like.
If you have cleartext, open ports and vulnerable machines going about in a large scale company ethernet, you're hosed because you rely on very hard to maintain and even harder to verfiy assumptions.
In short: a false sense of security is worse than no security.
- You assume, that all machines on your network have not been compromised unless your detection engine tells you otherwise.
con: Precision-tailored eavesdropping equipment will fly below the radar while you catch iPods, Nabaztags and other innocent stuff.
- You assume that you've thought of every attack single vector and further assume you plugged it or you're monitoring it effectively.
con: you've not thought of everything. Nobody does.
- You or your collegues will therefore assume the internal network to be much safer than the open Internet and invariably relax security.
con: sneaky eavesdropping devices connected through vectors you forgot about may be listening to important communication that is not internally encryptiong because of relaxed security or mapping out your network for coordinated attacks later on.
If you couldn't connect your entire office workstation pool directly to the open internet without risking successful attacks, your node-based security is too low and no network-based security will help-at all.
Maybe it's because of the tendency of porn viewers to move their right or left hand a bit too much in the process.
Then again, it's pretty much the same with everything else concerning sexuality at work: you have to an asexual nobody or someone will point the finger.
Goofing off for hours every week is equally bad but almost ok, but dare to have ONE ten-minute sexual intercourse in the bathroom. Even sleeping on your desk for hours will not yield the same penalties as having unauthorized sex anywhere on company premises, even when doing it while logged-out or long after closing time.
You can waste millions of company assets without reprimands but any sex means immediate termination in almost all cases, even if it's your wife you work with.
The financial risk or loss for the company is absolutely nil, but somehow this is the single most important taboo in our corporate environment.
Cue the results-only work environment:
I don't care about any of hobbies they do while at home or in the office, if I don't have to hear, see or smell them.
They can have gang bangs after hours or during lunch breaks as long as Im not around. They can do drugs as much as they like, they can perform shamanistic rituals or pray five times a day to Mecca.
I. Just. Don't. Care. At. All.
Besides, what's the monetary difference from a company's perspective between employees spending their lunch break bonking the secretary in the bathroom or calling their kids for half an hour?
WeAbsolutely none since we're not a Catholic shop.
But if they slip two deadlines, alienate one reasonable and trusted customer or produce uncommon costs for the company it's time for a staff report - and if they slip again within one year they're let go.
They're employees, not kids and they certainly don't need or want the boss to be their daddy.
Exactly: people routinely work longer than the 40 hours in their contracts and management relies on them doing it.
Why on earth should 40 hour-work-contracts be any less or more flexible than IT workplace policies?
If they require me to obey every rule by the letter, then I will *also* obey every letter in my contract and leave my desk after 40 hours with less than one minute overtime per year. Rules are flexible in both directions or not at all. Find a cheap offshore replacement without a thick accent if you think you don't need me.
How's your company doing now? Any good staff left or have they all turned over or started their own businesses?
I'd do.
Your security model is complete and utter bunk if it requires your client machines or workstations to remain untouched.
You can't trust any machine that is not under your permanent and immediate physical control. Everything outside your firewalled, access-restricted data center must be treated as compromised or compromise-able.
This is especially true with take-home notebooks, very large premises or offices all around the country.
When your security cannot be trusted to withstand private notebooks with God-knows-what on it, you seriously need to review it. Because chances are, hundreds of your employees are already using privilege-escalated accounts as we speak without you ever knowing.
While you're at it, train everyone of your employees not to be stupid.
Has anyone yet considered
- admin rights and alcotests in every company operated vehicle, so no one with a hint of alcohol can start the engine, because driving under the influence kills workers and costs the company thousands?
- admin access only to knives, scissors, screwdrivers, lawnmowers, chainsaws, drills and hammers because otherwise they could be misused and cause injuries or death among the workers?
- locks on doors and windows so no employee can open them without admin rights and fall to their death?
- tight-fitting gas masks that cannot be removed without admin rights for workers in a chemical plant so no one can accidentally breathe in fumes?
- admin rights for bathroom door locks so employees can not spend too much time in unauthorized potty breaks?
- admin rights on company stationery, stamps, pens and ink so no employee can write unauthorized company letters that management cannot review nor censor?
- mandatory security mumbo-jumbo and admin-only-everything anywhere except information technology?
I don't think so. After countless hours of trying to get online on unsecure wifi during business trips, trying to use a coworkers internet access to review train schedules or trying to get one lousy presentation or spreadsheet to another business partner's computer, I'm totally fed up with ridiculous IT policy.
Nowhere in the corporate world will you find access or usage restrictions even remotely as silly and obscene as in IT. I mean, you can use and take out construction vehicles or machinery worth several hundred thousand bucks without more than showing your license and signing a slip of paper - in the same company that forbids using USB thumbdrives under the death penalty.
Sooo ridiculous. People are expected to acknowledge and avoid tremendously complex failure modes on heavy, expensive and dangerous machinery while we forbid them to install a screensaver on their workstation "for safety reasons". Some engineers have rotating control-station- and office-duty shifts: in the control room, they are trusted to manage nuclear reactors, but in their office shifts we restrict them from installing screensavers without a second thought.
Problem is: you're dealing with real actual people that have real actual lives and interests. Your job is to secure IT infrastructure AND support your users. If you care only about your holy sanctified security, you're only doing one half of your job and if they manage to install software, you don't even perform that half properly.
People use ICQ at home all the time and somehow many of them manage to not get rootkitted and that's not out of sheer luck. So where's the problem in reproducing the same guidelines for your workplace that sane home users follow when using ICQ? There are peer-reviewed GPL'ed ICQ clients, remember?
And why is IT security on desktop machines so important? You control their web access, you control your servers and your data center is behind many layers of firewalling. The worst that could happen is a w32.Blaster outbreak among your workstations and that's going to happen only if you skimp on updates, scanners and internal firewalling.
So what? You have images to reinstall one machine in less than ten minutes. The poor little user who wrecked his machine by installing ICQ will be ashamed for weeks among his coworkers. You can BOFH them into oblivion later on, so why should anyone be fired then?
And then again this is not only about revenue-risk-tradeoffs but also because of company attitudes, company loyalty, trust between departments and an environment worth working in. After all, we all do 10 hour workdays sometimes and God help our office staff if they were confined to Word and Excel only then. We want them to actually like going to work, because that saves a ton of wage raises in the long run and reduces turnover by extreme percentages. If you annoy your users, you cost your company brownie points and raise turnovers. And high turnovers cost more than all ICQ desasters combined.
Some people don't have to enter CAPTCHAs. Must be the subscription everyone's talking about :)
Ignorance is bliss, I don't want to know about any large hard-on colliders in your basement, please.
So you solved the Halting Problem, eh?
Write stuff, compile, upload and run it, it's not that hard.
Except for it being Windows and Microsoft land, no one ever shoots you in the back for writing software for your own or anyone else's phone.
And rejecting a product from a monopoly-like store and forbidding anyone to tell about it, come on, that's ridiculous and absolutely a kind of exploitation. No matter if the NDA is a valid contract or not - it is unethical, probably violates some rights on the weaker end, the developer and could very well be shot down in court.
But Windows Mobile has been around for ages, there's Java runtimes for it and you can develop and run everything you like. You just miss the wealthy Apple fanboi crowd as a target demographic :)
This is about airline security and therefore we talk about airline terrorism first and foremost. 30 years seemed to be a reasonable timespan to deduct trends from and was not specifically selected by me.
Yes, there are other terrorist groups. Yes, some of them have nothing to do with any religion at all.
But they don't do planes, that's why we don't need to check against them so thoroughly on airports.
Face it, if all airline terrorists and a large part of all teerrorists in general DO have brown skin, one would be dumb to specifically EXclude such information from security checks. Justics may be blind, but demanding police work to be done without looking at the faces of people is ridiculous.
There is a known and testable association of p(airplane_terrorist)->p(male, muslim). Don't make the mistake and reverse the implication - or accuse others of doing it and try to claim p(muslim)->p(terrorist); that's not true and was never meant or intended and with you as a Slashdot reader I'm sure you know enough about logic.
If p(terrorist)->p(muslim) applies in virtually all of the cases, then p(not muslim)->p(not terrorist) must hold with the same percentage.
This is an ex-post-facto analysis, while airport security must of course make ex-ante decisions, but nevertheless it makes for a strong case.
Now if you tried to make a case in not allowing discernable patterns to be exploited by terrorists, you'd have made your point.
Common sense does not need citations. Show me ONE (1) actual airplane terrorist within the last THIRTY (30) years that was female and/or not affiliated with Islam.
Then we'll talk.
As long as we don't see any terrorists that do NOT consider themselves to be Muslims, this screening would not create any false negative.
In fact, even relegating ALL Muslim men to a secondary security check would mean no potential terrorist would miss the first round of checks.
To play devils advocate: a pork and ham sandwich would be more effective primary screening than any technical measure could ever be. Why? Because every single terrorist considers themself to be Muslim - and Muslim faith prohibits pork sandwiches. As all terrorists have strong faith, no one could eat this thing.
Now, the number of false positives would be overwhelming ...
We don't talk about airline security in general if you take a moment to read the article and the heading.
That doesn't mean terrorism is the major cause of all injuries in air travel, but it's not to be taken lightly, either.
Of course, terrorism is a quite unlikely event even when compared to other unlikely events as engine failures and pilot errors.
But that was not the question here, because all the hassle we go through at the airport every time is because of terrorism and because of terrorism alone. All major inconveniences for us passengers is caused by this and that's why we're talking about that.
Can you for a moment outline your reasons that make you think ethnic (or sexistic or age-istic) profiling is wrong?
Please think not only about moral but also practical issues for everyday, real-world situations including a fair trade-off between everyone's security (except for the terrorists) and everyone's inconvenience (again except for the terrorists). (For the sake of the argument let "terrorists" be "people who willfully and specifically endanger airplane passengers for whatever reason by explosives, small arms and other man-portable or small group operated weapons")
Please also consider if it would actually beneficial or detrimental to this goal if you included or excluded known results and associations from previous terrorist incidents. These would certainly include a large part of actual terrorists from past events to be male, affluent, of middle-eastern descent and who would themselves describe as being affiliated to Islam.
In hindsight - and discounting all technical failures, operators errors and violent attacks by organized military air-defense of whatever country - the major reason for loss of life in air travel is violence by terrorists. And most, if not all of these terrorists fit the description of being male and describing themselves as being affiliated to Islam. A great deal of them being also affluent, educated and of middle-eastern descent.
Please note that A->B does not imply B->A, which means that of course middle-eastern Muslim men are not all terrorists.
But A->B still holds and implies not(B ->not(A), meaning that if all airline terrorists are male and most would consider themselves to be Muslims, you could quite logically argue to relax security checks on Jewish, Christian or atheistic women of European or Asian descent.
Cleartext email, blackmail-able stuff (pr0n, dating sites, gambling), searched items, purchases, political or other forums. Everything people do on the internet is their private matter and has to be protected from Joe Sixpack around the corner who's toying around with airsnort.
There really can be such a thing as security overkill, but keeping out nosy neighbors is definetly NOT overkill. This is not stuff for tinfoil hats worrying about NSA, FBI, FEMA and alien conspiracies but real actual considerations for real actual world scenarios: the neighbor's whiz kid snooping and sharing their findings with the whole school. For this, no, thanks.
You should know and I even wrote specifically why PGP is unworkable for laypeople's mail and why MAC restrictions for home setups are a burden to maintain.
WPA and WPA2 in their PSK variants were developed for especially and specifically for this scenario and it performs incredibly well in real-world applications.
Relying on a cacophony of tools and protocols which require extensive training and bring a host of secondary issues with them needs a good reason.
As I understand, the reasons for this are the need to connect a bugged Apple product and an irrational desire to avoid a standardized, peer-reviewed, simple, proven and inexpensive method like WPA2 that has zero disadvantages except being in single-digit percentages slower compared to the toolchain you suggest.
I understand your quest for optimization, but I have to admit this proposed trade-off is pretty dumb in my view.
Mac is soo great, it just wo
I'd be surprised if your CEO has no blackberry.
On the other hand, if you and your CEO are unable to collectively decide that checking emails with the new toy is sooo not worth risking company secrets and the infrastructure change required by this, then you're either incompetent (if you can't explain the disadvantages in layman's terms so CEO understands) OR you are in a doomed company anyway (CEO that doesn't understand even the most basic tenets of security and confidentiality).
If your CEO successfully forces the entire IT department into submission to unencrypt the company wifi access after consulting your educated opinion, file a memo, update your resume - and bail out when ready.
That silent fix procedure is one of the main reason we will probably see any Linux distro faster in the general business populace than software or hardware from Apple Inc.
It's hard enough to maintain a heterogenous client-server environment when all relevant vendors offer full changelogs for each update and hotfix. More often than not, they still affect areas and functions they didn't even touch.
Just imagine maintaining a network full of hard and software with updates for which only God and Steve Jobs know what they are actually changing. No one has enough time and resources to conduct full audits after each update, a thorough check of all stated changes is the absolute maximum any IT department outside NASA and NSA would be willing to commit.
Proposed solution: lock down MAC access lists to prevent unauthorized access because encryption is reducing maximum net bandwidth between AP and client.
Verdict:
a. full protection against sniffing, eavesdropping and cracking attempts is needed all the time while maximum throughput is not. I don't know about the net effect on bandwidth but the speed limit is usually between AP and ISP for anything but demanding intranet file transfers. The considered maximum use case is less than three machines watching HD-video streams simultaneously from the inhouse file server. WPA2 is able to deliver this with a healthy margin.
b. There are users on my net with entry-level IT knowledge. It is absolutely unrealistic to assume they can be trained to use SSL when needed, let alone comprehend PGP or VPNs. Although this may be considered standard procedures by some, they are clearly not, within the general internet population. I don't want to undertake large educational projects, but make the best efforts to secure my part of the transit line. WPA2 can deliver this, as it is part of all recent OS'es and requires no special knowledge other than SSID and PASS.
c. VPNs could be argued to be standard procedures, too, given recent OS'es, but require more training or support that I'm able to give. Also, I don't want to implement numerous test cases to ensure that a VPN-ed setup does not allow for out-of-tunnel connections, which at least Windows will try to do under some circumstances (VPN down but WIFI online).
d. routers may be cheap, but I am cheaper. Additional electricity consumption (+10W idle) and equipment purchases are not my style.
Conclusion: proposed solutions do not fit requirements, time and budget contraints.
Personal opinion: it is ironic to propose VPN encryption after explicitly stating that encryption generally limits available bandwidth. In this contect, proposing PGP-encrypted emails through an SSL-encrypted link to the email provider using a VPN-encrypted last mile access is pretty laughable. Purchasing 50 EUR worth of equipment that consumes 30 EUR worth of electricity per year, redesigning the local network and educate several users to offset for the shortcomings of one single device is perverse.