[wsfii-discuss] Fwd: [india-gii] poor WiFi encryption a security risk

Fri Sep 19 06:37:25 UTC 2008

IMHO, you are mixing things.
We do have about 6,000 thowsands of open links in Catalonia, all of that 
outdoors, which means public locations.
I assume there are some criminals at the region like any other region in 
the world.
If you see, by having open and free networks that doesn't make ant 
difference at all. Criminals would still have tons of ways to 
communicate. In fact has been used much more often mobiles for bombing 
than open wifi accesses.

"Security" in the terms of user "safety" you are referring happens when 
you have firewalls avoiding others to get into your private segments of 
the network which really requires security, or enabling VPN connections 
when you are trespassing the open networks (that's the real function of 
the VPN). Not by closing open networks/accesses.

To encrypt the network itself to close it, creates a false idea of 
safety and you loose performance and usability, and that is much more 
worst for the average user.

You must educate the users on security, not to lie them or propagate the 
paranoia that open networks do compromise the safety.

En/na wlanmac ha escrit:
> Don't get me wrong, I'm not against open WiFi... I just happen to
> believe people over simplify it's lack of security and accountability. 
>
> I think there has to be a distinction between people anonymizing by
> actively breaking the law (stealing passwords, phones, passports, cars,
> buses, etc) and those just opening up their laptop. I also think there
> is a difference when talking about individual locations vs. city wide
> coverage. 
>
> With all of Alex's tricks for avoiding surveillance, I wonder, do you
> keep your home access point open? If so, why *don't* you worry about
> those smart criminals watching your traffic. If you *do* use security at
> home, why is the security concern lessened away from home? 
>
> Btw, a lot of campuses in eduroam use 802.1x. Those who are security
> minded might use a VPN at public locations. But, what about the average
> person? You are all happy with them believing that the city wide network
> is free, safe, and secure? 
>
> David
>
> On Fri, 2008-09-19 at 00:16 +0200, Kaplan L. Aaron wrote:
>   
>> On Sep 18, 2008, at 3:16 PM, wlanmac wrote:
>>
>>     
>>> True, but your analogy isn't complete, in my opinion.
>>>
>>> Roads are patrolled by police and sometimes cctv. You need a license
>>> to drive and are subject to random inspection. The postal system puts
>>> safeguards in place to deal with threats. Cellular networks are
>>> not free and open and they also monitor and track usage.
>>>
>>> What safeguards are put into open WiFi networks?
>>> How are they patrolled and/or monitored?
>>>
>>> Closing the 'networks' you pointed out would indeed have serious
>>> implications to business, life, and liberty. Does closing down
>>> (or securing) WiFi have the same kind of consequences? hmm...
>>>
>>>       
>> the problem with securing wifi is that WEP is still crackable anyway.
>> WPA is just as good as the passwords the user chose.
>>
>> So the whole security topic should be seen more on an "internet level".
>>
>> you could just as well replace "open wifi network" in the  
>> argumentation above by
>> "internet cafe" or "university campus" or "DSL uplink". Why?
>> Because we live in times of tor or other strong crypto anonymizers.
>>
>> So...
>>
>> no reason to bash at open wifi networks in particular in my opinion.
>>
>> a.
>>
>>
>> _______________________________________________
>> wsfii-discuss mailing list
>> wsfii-discuss at lists.okfn.org
>> http://lists.okfn.org/mailman/listinfo/wsfii-discuss
>>     
>
>
> _______________________________________________
> wsfii-discuss mailing list
> wsfii-discuss at lists.okfn.org
> http://lists.okfn.org/mailman/listinfo/wsfii-discuss
>
>
>   