From: stonewall (stonewall@cavtel.net)
Date: Sun Jun 03 2007 - 17:22:04 EDT
Would it be hard for manufacturers to implement in the AP's
software a logon banner when you try to "connect" your XP
box to the AP (of course not)? "This wireless network and
Internet access are the property of Blah Blah's coffee shop,
and are for the use of our on-premises customers only. Any
other use is unauthorized and is subject to legal sanction"
(or some other suitable legal mumbo-jumbo). I thought there
was a consensus of sorts that such notification was more or
less considered "good practice", passed the "reasonable man"
test, and was a de facto standard.
Recall, it wasn't that long ago that XP was configured BY
DEFAULT to connect automatically to the strongest wireless
signal it could find. That being said, it is no more stupid
to run an open access point than it is to connect to someone
else's without authorization. The trouble is, the only ones
who know this are folks in this business. The general
public has no clue. Arresting someone for this is
horsecrap.
stonewall
-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com] On
Behalf Of Thor (Hammer of God)
Sent: Friday, June 01, 2007 10:21 PM
To: pen-test@securityfocus.com
Subject: Re: Interesting Ruling Regarding WiFi access
Or just have the SSID start with "PUBLIC" or "PRIVATE" or use the same
nomenclature for the router name. Or dictate that broadcast SSID's are
public, and hidden SSID's are private.
If it is going to be "law" then it needs to be simple enough for people to
understand. Ideally, the wifi router manufactures would build in a tag for
"private" or "public" and build the selection into the setup wizard. Hell,
that option could even drive market share.
t
----- Original Message -----
From: "Kenneth Klinzman" <kklinzman@tektegrity.com>
To: <pen-test@securityfocus.com>
Sent: Friday, June 01, 2007 11:17 AM
Subject: RE: Interesting Ruling Regarding WiFi access
Very nice find!
My office co-horts and I were having the same kind of discussion. It
seems like all it would take is a banner in the coffie shop saying
internet to customers only would be all it takes to make the argument
valid that they are informed. However, it is not like wireless stops at
the walls of the coffee shop like cabled connections would. So to know
it was for customers only would take the offender to have entered the
shop and seen the sign. Maybe some kind of portal page should be
required detailing the terms of use for wireless that users receive when
they first log in to the wireless. Either way the legality of using a
internet connection that does not belong to you and you know nothing
about is very grey area... Those of us who are mostly law abiding would
just assume it was wrong to do.
-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com]
On Behalf Of Jeffory Atkinson
Sent: Friday, June 01, 2007 10:19 AM
To: ebk_lists@hotmail.com; pen-test@securityfocus.com
Subject: RE: Interesting Ruling Regarding WiFi access
Nice find,
Really make you think. Using free wireless is illegal but not if there
is a message saying public then it is not. Maybe I am not seeing the
whole picture but I believe the burden of notification is on the
owner/access point. This is the case in most states. Using the articles
example of a radar detector, if you travel in to the state of Virginia
you will clearly see the burden of notification in black and white on
sign stating they are illegal.
I am curious to here other thoughts.
JMA
-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com]
On Behalf Of ebk_lists@hotmail.com
Sent: Friday, June 01, 2007 12:43 PM
To: pen-test@securityfocus.com
Subject: Interesting Ruling Regarding WiFi access
Given all of the discussion regarding wifi access and the legalities
surrounding it, I found this interesting:
http://www.foxnews.com/story/0,2933,276720,00.html
While I find the ruling in this circumstance a bit extreme, I think that
it is good that we are now getting some case law to back up what has
been up to this point mere speculation on what *may* happen in a court.
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic See HOW Now with our 20/20
program!
http://www.cenzic.com/c/2020
------------------------------------------------------------------------
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic See HOW Now with our 20/20
program!
http://www.cenzic.com/c/2020
------------------------------------------------------------------------
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!
http://www.cenzic.com/c/2020
------------------------------------------------------------------------
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!
http://www.cenzic.com/c/2020
------------------------------------------------------------------------
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!
http://www.cenzic.com/c/2020
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:51 EDT