[wsfii-discuss] Fwd: [india-gii] poor WiFi encryption a security risk

• Previous message: [wsfii-discuss] Fwd: [india-gii] poor WiFi encryption a security risk
• Next message: [wsfii-discuss] Fwd: [india-gii] poor WiFi encryption a security risk
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

wlanmac wrote:
> True, but your analogy isn't complete, in my opinion. 
>
> Roads are patrolled by police and sometimes cctv. You need a license
> to drive and are subject to random inspection.
And again, I find an easy circumvention of that. CCTV is - at least in 
central Europe - only used on motorways and in cities. If you use 
national roads, you can circumvent CCTV. If you don't want to be 
monitored, you can just steal a car (bad idea, then police will actively 
search for the car, and not that I want anybody to actually try that!!) 
or take the bus. In the countries where I've been travelling, buying a 
bus or train ticket is still a totally anonymous procedure. Another 
option for using roads without registration is riding a bicycle. Or a 
horse/horse carriage.

Of course you risk random inspection, but that risk is negligible. 
Unless you cross borders or use trains that do, police inspections are 
rather rare in democratic countries... the ones I experienced in Austria 
were for searching illegal immigrants or drugs. Nobody ever searched for 
terrorists. At least, they didn't tell...


> The postal system puts
> safeguards in place to deal with threats.
What are those safeguards? Do you really want to x-ray all parcels, and 
scan all letters for possible biohazard? Sounds like total overkill, and 
an expensive one, too.

> Cellular networks are
> not free and open and they also monitor and track usage.
So, just buy a prepaid SIM, without registration. Still available in 
many countries. Or, again, steal a cellphone to cover your identity. 
(Don't! I am just giving examples how easy it is to circumvent 
surveillance. So, surveillance will only affect non-criminals... because 
criminals won't mind stealing cars or cellphones.)
> What safeguards are put into open WiFi networks?
>   
What safeguards are used in Internet cafes and public phone booths? Do 
you want them to require photo ID before granting access?

> How are they patrolled and/or monitored?
>   
Why would you want to?

> Closing the 'networks' you pointed out would indeed have serious
> implications to business, life, and liberty. Does closing down
> (or securing) WiFi have the same kind of consequences? hmm...

If Wifi is the only available means of digital communication available 
to a huge number of people at a reasonable price, yes. There are 
countries where phone lines are not available/extremely expensive...

Every open network community has to decide on its own how they handle 
possible abuse. But I wouldn't want to introduce security mechanisms 
like authenticationi or monitoring before anything happens. If something 
happens, you can still rethink the issue and eventually require 
authentication. But that will lead to authorities demanding that you log 
everything etc - maybe too much administrative overhead for a community 
network... and actually playing police is not the job of 
sysadmins/network owners. That's a function that should be performed by 
the state, and only if there's an ongoing investigation, with a warrant 
signed by a judge.

Alex

• Previous message: [wsfii-discuss] Fwd: [india-gii] poor WiFi encryption a security risk
• Next message: [wsfii-discuss] Fwd: [india-gii] poor WiFi encryption a security risk
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]