[wsfii-discuss] Fwd: [india-gii] poor WiFi encryption a security risk

wlanmac wlan at mac.com
Fri Sep 19 05:10:47 UTC 2008


Don't get me wrong, I'm not against open WiFi... I just happen to
believe people over simplify it's lack of security and accountability. 

I think there has to be a distinction between people anonymizing by
actively breaking the law (stealing passwords, phones, passports, cars,
buses, etc) and those just opening up their laptop. I also think there
is a difference when talking about individual locations vs. city wide
coverage. 

With all of Alex's tricks for avoiding surveillance, I wonder, do you
keep your home access point open? If so, why *don't* you worry about
those smart criminals watching your traffic. If you *do* use security at
home, why is the security concern lessened away from home? 

Btw, a lot of campuses in eduroam use 802.1x. Those who are security
minded might use a VPN at public locations. But, what about the average
person? You are all happy with them believing that the city wide network
is free, safe, and secure? 

David

On Fri, 2008-09-19 at 00:16 +0200, Kaplan L. Aaron wrote:
> On Sep 18, 2008, at 3:16 PM, wlanmac wrote:
> 
> > True, but your analogy isn't complete, in my opinion.
> >
> > Roads are patrolled by police and sometimes cctv. You need a license
> > to drive and are subject to random inspection. The postal system puts
> > safeguards in place to deal with threats. Cellular networks are
> > not free and open and they also monitor and track usage.
> >
> > What safeguards are put into open WiFi networks?
> > How are they patrolled and/or monitored?
> >
> > Closing the 'networks' you pointed out would indeed have serious
> > implications to business, life, and liberty. Does closing down
> > (or securing) WiFi have the same kind of consequences? hmm...
> >
> 
> the problem with securing wifi is that WEP is still crackable anyway.
> WPA is just as good as the passwords the user chose.
> 
> So the whole security topic should be seen more on an "internet level".
> 
> you could just as well replace "open wifi network" in the  
> argumentation above by
> "internet cafe" or "university campus" or "DSL uplink". Why?
> Because we live in times of tor or other strong crypto anonymizers.
> 
> So...
> 
> no reason to bash at open wifi networks in particular in my opinion.
> 
> a.
> 
> 
> _______________________________________________
> wsfii-discuss mailing list
> wsfii-discuss at lists.okfn.org
> http://lists.okfn.org/mailman/listinfo/wsfii-discuss





More information about the wsfii-discuss mailing list