Forgot your password?
typodupeerror

Could That Be The Wireless Police Knocking? 322

Posted by Zonk
from the as-if-from-thin-air dept.
netbuzz writes "Should private-property owners be required to practice safe wireless? Are the wireless police about to come a-knockin' on the front door of your castle? Network World reports on a condo complex in Arizona that will monitor your wireless signal for security. Is this the way all condos and apartment complexes should go?" From the article: "'We just kind of kicked it around the table and everybody said that's a helluva good idea, (mandatory encryption) ought to go in the declarations,' says Welch. However, a lawyer warned that wireless technology could quickly overrun any specific covenants they put to paper, 'so we decided that instead of recording (declarations) at the county that we would leave it up to the hotel manager to put it in their rules and regulations.' Why bother at all? 'We just don't want to see anybody hurt with their wireless system,' says Welch. 'If someone (unauthorized) were accessing it and an owner's information, there could be damage and a potential lawsuit.'"
This discussion has been archived. No new comments can be posted.

Could That Be The Wireless Police Knocking?

Comments Filter:
  • paper tiger laws (Score:5, Insightful)

    by adam (1231) * on Friday July 21, 2006 @11:41PM (#15761635)
    FTFA: "We just don't want to see anybody hurt with their wireless system," says Welch. "If someone (unauthorized) were accessing it and an owner's information, there could be damage and a potential lawsuit."

    absolutely ridiculous. maybe they should start digging through our trash to make sure we've properly shredded our monthly bank statements too.

    Furthermore, this rule would be a total paper tiger, as far as enforcement goes, since wep [which i do believe is the most common security protocol in use for wifi today] is widely known NOT to be secure [wikipedia.org]. It will be ironic when the first whitehat captures a few days worth of packets from outside that guy's home and then published the unencrypted contents of his web traffic.
    • by ewireless (963178) on Friday July 21, 2006 @11:49PM (#15761668)
      This seems silly. If you want to protect your own private property or not, that's your own business. They don't require you to lock your apartment door when you leave. They don't require you to lock your car door when you park in your parking space. How is this any different?
      • by MichaelSmith (789609) on Saturday July 22, 2006 @12:07AM (#15761722) Homepage Journal
        They don't require you to lock your car door when you park in your parking space. How is this any different?

        It was on dumblaws.com (I can't find the link now) and its true that here in Victoria, Australia it is illegal to leave your car unattended with the keys in the ignition. I have an friend with OCD who loves to point that out to people.

        Its stupid but it keeps the stupid people happy and gives them something to talk about.

        • I'm actually OK with making it illegal to leave your keys in the car ignition because kids could get ahold of it too easily and hurt others. In the extreme, it's probably illegal to leave a loaded gun in your driveway for similar reasons. But I don't see how wireless protection falls into this category. This sounds purely like they're just trying to make you lock the door to your network when it's your own business whether you want to share or not. Of course, if it's against the law or contract to share
          • Of course, if it's against the law or contract to share your wireless connection with your neighbors (something that is true with some DSL contracts),

            You mean it is a breach of contract to share your 'DSL' connection with your neighbours but I can see no reason why a group of people cannot share a wireless network... So if I move into one of these blocks and am friends with my neighbour and want to collaborate on a project the 'management will come and shut us down? What if I get a business DSL connection
            • by Tim C (15259) on Saturday July 22, 2006 @06:07AM (#15762406)
              So if I move into one of these blocks and am friends with my neighbour and want to collaborate on a project the 'management will come and shut us down?

              No, they'll tell you to enable encryption, which you'll do, and you'll agree on a shared secret, and all will be well and you'll realise that the sky isn't falling after all. That's assuming that they have the right to impose such conditions in the first place; that'll depend on your local tenancy laws.
              • by ivan256 (17499) on Saturday July 22, 2006 @09:35AM (#15762714)
                And if I want random strangers passing by to be able to connect?

                What about systems that show you a gateway page unencrypted to help you gain encrypted access? Whould those be illegal?

                How about you go to hell and stop telling me how to live my life. I love how people are all about civil liberties until it comes to something that they like, and then it's OK to force people to behave that way.

                Here's another way for you to think about this: These rules are being put into place because the appartment complex is probably getting kickbacks from the local cable or DSL provider and they want to make sure they collect the maximum possible number of subscription fees. These rules are solely in place to protect the profits of the local monopoly. Congratulations on being a big business shill.
      • "They don't require you to lock your car door when you park in your parking space. How is this any different?"

        Just like how leaving your keys in the ignition could help a criminal steal it and commit a crime, leaving your wireless internet open could let a criminal do anything they want on the internet without being traced (eg. child porn).

        I know leaving the keys in the ignition of your car isn't a crime, but it's really stupid and reckless. Same with leaving your wireless network open. Most people aren't a
        • Just like how leaving your keys in the ignition could help a criminal steal it and commit a crime, leaving your wireless internet open could let a criminal do anything they want on the internet without being traced (eg. child porn).

          Like, how long does it take an expert to break into a car and steal it WITHOUT the keys, a couple of minutes?

          Like, how long does it take an expert to break into your WEP secured access point these days, a couple of minutes?

          Note also, that somebody who uses a public wireless


        • Just like how leaving your keys in the ignition could help a criminal steal it and commit a crime, leaving your wireless internet open could let a criminal do anything they want on the internet without being traced (eg. child porn).


          The local hardware store sell crowbars. They ought to stop. Those crowbars could help a criminal commit a crime (eg, breaking & entering).

      • The real reason... (Score:4, Insightful)

        by Joce640k (829181) on Saturday July 22, 2006 @06:43AM (#15762440) Homepage
        The real reason is "plausible deniability".

        If you have an open connection then you can't be found guilty in court of any cybercrimes comitted via your Internet connection. The thought police can't bear the thought of that.

      • If I leave my car running, with the keys in it and the door open and nobody in sight, that is called enticement and punishable where I live. (Belgium)
    • 'If someone (unauthorized) were accessing it and an owner's information, there could be damage and a potential lawsuit.'

      I imagine the defense's case going something like this...

      Lawyer "Mr. Doe, you set up your own independent wireless network on my client's premises, correct?"

      Idiot "Yes."

      Lawyer "Mr. Doe, you left the SSID or 'name' of the network at the default value and didn't add any encryption or security?"

      Idiot "Yes."

      Lawyer "What could my client have done to protect you from your own actions?"

      Idiot "The
      • by gnasher719 (869701) on Saturday July 22, 2006 @03:55AM (#15762218)
        '' Lawyer "Mr. Doe, you left the SSID or 'name' of the network at the default value and didn't add any encryption or security?" ''

        Some manufacturers of wireless equipment are just clueless and make it unnecessarily hard for people to do the right thing.

        On my wireless router, there is a setup page with an html interface where all kinds of things can be changed. The problem is, it never tells you what these things are that you could change, and why you should change them, and what you could change them. One of the things to change was called "SSID" and the preset value was the name of the manufacturer.

        Now how am I supposed to know what "SSID" means? If you apply logical thinking, since it is set to the name of the manufacturer, it is probably meant to be the name of the manufacturer. So the logical assumption would be that it is used to identify the make of the router, like a processor having an ID of "IntelInside" or "AMDSomething" so you know who made it, and the only reason to change it would be to pretend to be a router made by some other manufacturer.

        If these idiots had set the preset field to "NameOfThisNetwork" or "TypeInNameOfTheNetworkHere" then it would have been much more obvious what SSID is for. One line change in the source code for the router software, and I guess 30 percent fewer people leaving the default name because they don't have a clue what SSID is supposed to mean.

        Now that is just one minor point. But consider that there are about hundred settings, and ninetyfive of them will stop the router from working properly if I change them, so how is an end user who is not a computer expert supposed to get this right?
        • by penix1 (722987) on Saturday July 22, 2006 @05:58AM (#15762395) Homepage
          "Now that is just one minor point. But consider that there are about hundred settings, and ninetyfive of them will stop the router from working properly if I change them, so how is an end user who is not a computer expert supposed to get this right?"

          Just like any other field where you are clueless....You hire an expert. I wouldn't consider doing heart surgery on my brother who had a heart attack for the same reason.

          B.
          • by walt-sjc (145127) on Saturday July 22, 2006 @06:37AM (#15762431)
            Or you call support. People are unwilling to read manuals, but perfectly happy to sit on support hold for 30 minutes. An "expert" is not needed for home setups (which is what TFA is about.)
          • by rbochan (827946)
            Unfortunately, these devices are sold like they are toasters.

          • Experts (Score:5, Insightful)

            by Presence1 (524732) on Saturday July 22, 2006 @09:46AM (#15762737) Homepage


            "I wouldn't consider doing heart surgery on my brother who had a heart attack"

            This is not heart surgery, it is a consumer product. It performs commonly used functions in a standard way, within standard capabilities. One should not need to hire an expert for common consumer grade functions (even when there is an incredible amount of technology 'under the covers').

            In the early days of automobiles, it was necessary to hire a driver because driving was complicated and dangerous -- you could break your arm if you got it wrong starting it, and you had to manage spark advance and several other long-since-automated controls in addition to the throttle, brake and clutch. Now, hardly anyone even knows what is under the hood.

            In early networking, there were many protocols, and IP addresses were set by hand. It is now approaching the point where it is a plug-and-play product, and this is GOOD.

            Progress is not only making the previously impossible, possible -- progress is also making the previously difficult, easy.

            Technologists who understand this will have more and happier customers. Technologists who don't are almost as bad as Luddites in holding back technology.

            The GP post is absolutely right -- the top-level UI should hide functions that are not commonly changed, and make clear what should be changed ("YourNetworkNameHere" is a GREAT idea). Uncommon, expert level functions should be available, but only via deeper UI levels.
    • by Tetravus (79831) on Saturday July 22, 2006 @01:58AM (#15762003) Homepage
      There is a difference between laws and condominium covenants you know...

      So, the owners decided to implement access point security and pool their resources to provide monitoring (I guess, the article isn't too clear on enforcement methodology). Why isn't the /. crowd applauding end users for not only caring about their networks but actually taking pro-active steps to prevent break ins? Sure, it's not a perfect solution, but it's certainly better than the status-quo and it keeps over zealous government types from being able to create actual laws to enforce this behavior ("Look, we've already got encryption. No need to legislate it.").
    • Not sure what you mean by 'Paper Tiger', but this is the typical sort of interference in one's personal life that comes with living in a condo.
  • by kaufmanmoore (930593) on Friday July 21, 2006 @11:45PM (#15761646)
    i will never have to learn from my mistakes ever again.
    • Thank you. You absolutely hit the nail on the head. The most effective way to learn something (besides teaching it) is to have there be consequences for not learning it. I'm so tired of governments, companies and now landlords trying to protect me from myself. I think a recommendation should be put in place that encrypting wireless traffic makes things safer (a bad encryption is still better than no encryption) but beyond that let people make their own decisions, otherwise they'll never understand the reaso
      • > a bad encryption is still better than no encryption

        could you explain this one to me please

        • If you're given the choice between a wep connection and an open connection, which would you pick? Sure, WEP is by no means going to keep out anyone determined, but it'll deter the lazy ones who just want internet.

          The path of least resistance is usually the one taken.
        • could you explain this one to me please

          Your front door isn't very secure. It wouldn't take long to pick the lock, and even if you put a better lock on, it wouldn't take long to pop a bit of the framing off and saw through the bolt. However, the fact that it is actually locked is enough for most people to get the idea that you don't want just anybody wandering in off the street.
  • Potential lawsuit? (Score:3, Insightful)

    by TheSpoom (715771) * <slashdot@ u b e r m00.net> on Friday July 21, 2006 @11:45PM (#15761647) Homepage Journal
    You're finding a solution to a problem that doesn't exist. People aren't going to sue you because their wireless network is insecure, and if they did, they'd be laughed out of court.

    Besides, maybe some people don't care if they open up their internet connection! As long as they keep their PC(s) reasonably firewalled, and perhaps use an alternate form of encryption at a higher level, it's possible to open up one's internet connection without opening up one's internal network.
    • If you want to share your internet connection, that's why you can give out your key to whoever you want to be able to use it.

      Even assuming a person's computer is 100% protected, someone could still piggyback on their connection to do various illegal things involving the internet, as well as things that will get the **AA to drag YOU to court. Or they could always run p2p apps full blast and slow your connection to a crawl.

      • by TheSpoom (715771) *
        It's still my right to do what I want with my equipment.

        Whether or not you could say that I am responsible for what use people make of it is for the courts to decide.
      • by karmatic (776420)
        You know, this goes both ways.

        The RIAA may be able to sue you for what someone else does; however, it does provide a certain level of plausable deniability when _you_ are the one doing it in the first place.
      • Even assuming a person's computer is 100% protected, someone could still piggyback on their connection to do various illegal things involving the internet, as well as things that will get the **AA to drag YOU to court.

        But... If I let anyone use my access point, with no discrimination whatsoever, am I not a common carrier and thus not responsible for their actions ? And if not, then what additional steps would that require ?

        Is that what this is really about - make sure that everyone uses the Internet f

    • Besides, maybe some people don't care if they open up their internet connection!

      I run an open AP in my house. There might be enough range for my neighbours on the west side to use it and thats fine with me. I have a 48G/month cable connection. Traffic between my nodes runs over SSH or a different SSL application.

      These people should just get a wireless service for the entire complex and be done with it. Wireless access is rapidly becoming a free loss leader anyway.

  • Rediculous... (Score:5, Insightful)

    by Xserv (909355) on Friday July 21, 2006 @11:45PM (#15761660)
    This is a waste of time and money. People should secure their own networks. If you don't know how then you pay someone to do it for you. If you can't afford it, then how are you able to afford a wireless network. Period.

    Why should any government, company or anyone else worry about someone else's network connection security -- unless they're being paid by that party to do so. And in the case of a government (city/state/local/federal) being responsible; don't make ME pay for it.

    Xserv
    • Most of the time the people selling the wirless products to home users don't let them know of the dangers of having an unsecured connection, i have seen people in dept. stores say "its easy just take it home and plug it in". The same goes for ISP's pushing them out to their customers.

      The fact is we have salesmen taking advantage of people who don't know any better buy offering them all of the glitz and not alerting them to any basic precautions they will take.

      Some of my clients did not even know of the dang
      • While I agree, I think people merely taking the five seconds to read the big brightly-colored notice in 72pt bold saying to go into the configuration and enable security, with idiotproof instructions on the back, really should take care of this problem. I honestly don't know how much more obvious it could be made, but I'm sure the masses would find some way to ignore that too. AFAIK some wireless gear already includes something similar, if not all, and turning on some form of security on my router was the
      • Too right. I turned on encryption first thing, but I kept getting weak signals from another wireless net where I used to live, and they were unencrypted. So I took an iPAQ with a wireless card and walked down the street watching signal strength. After a few minutes I was pretty sure where the signal was strongest, so I knocked on the nearest door. I told the guy who opened it what his SSID was, which got his attention, and then explained how someone could riffle through his computer, or maybe just bring
    • This isn't a government agency, it's a condo board. Much worse. It's made up of a bunch of busybodies who have nothing better to do with their time so they go to board meetings and scheme up ways to control peoples' lives. This is the kind of thing that happens when they try to regulate something that 99% of them know nothing about.
    • If you can't afford it, then how are you able to afford a wireless network. Period.

      Oddly enough, no, a question mark would fit much better there.
    • They could make the configuration a bit easier.

      For instance, usb port in the wireless
      router. Telnet to the device to configure, have all the
      configuration data generated by the router written to a
      USB drive in a ( hopefully standard ) way. Then walk
      the drive over to each of the machines that you want to have
      connected, and have an app on the machine that is installed
      when you install the drivers suck the data off the drive
      and configure the client. Key length would be less of an
      issue. Key exchange would be e
  • should I... (Score:4, Insightful)

    by Anonymous Coward on Friday July 21, 2006 @11:48PM (#15761665)
    get blamed when someone breaks into my house if I leave the door unlocked?

    Or should I be blamed when Windows automatically connects me to open APs?

    And...If we are going to go that far?

    Why not get these people in trouble for using WEP to begin with?

    Safe wireless? WEP is like using a condom that's been poked with holes.
    • If you leave the door unlocked, you're not insured for any resulting loss of property, at least on the policies I have seen.
    • Safe wireless? WEP is like using a condom that's been poked with holes.

      I emphatically disagree. Using WEP is EXACTLY like closing your front door.

      What most people don't realize is that the security measures to protect your house are largely social. A $70 battery-powered circular saw makes your front-door deadbolt meaningless in about 45 seconds. And usually, there are easier ways to enter your house.

      What's not often considered is the considerable social expense paid when you break into somebody else's home.
  • no thanks (Score:3, Interesting)

    by eliot1785 (987810) on Friday July 21, 2006 @11:49PM (#15761667)
    Could it be that maybe, just maybe, somebody wants to actually SHARE? Sacrilege, I know.

    Overall, I am worried that people these days consistently seem to say "I'm not in favor of too much regulation, but this specific piece seems pretty good."

    Uh huh. You know the slippery slope has started to apply when people say that about such inane proposals as this one.
    • Re:no thanks (Score:2, Informative)

      by eliot1785 (987810)
      BTW my second sentence was in reference to the following quote:

      --> "I am generally opposed to government infringing on individual rights," offers Jim Albright. "I think Benjamin Franklin put it best when he said, 'Those who are willing to sacrifice essential liberties for temporary security deserve neither liberty nor security.' That being said, I am absolutely in favor of regulation requiring not just business-installed but all wireless networks to be secure. It is a long-standing premise that the right
    • Could it be that maybe, just maybe, somebody wants to actually SHARE? Sacrilege, I know.

      Not just sacrilege, you pinko commie subversive terrorist.


      You are giving stuff away free and destroying legitimate opportunities for businesses to profit.

  • They shouldn't be using computers at all. No amount of rules and regulations is going to turn a computer-illiterate user into a savvy one. If someone is too dumb to figure it out or ask someone for a little help they deserve whatever they get. It really is that simple. All this "we need to protect people from themselves" stuff is nonsense. It won't work. Leave it alone. The threat of someone using your open wifi network to download kiddie porn is what, about 0.0000001? "Oh we need rules to protect u
  • Ludicrous (Score:5, Insightful)

    by z_gringo (452163) <z_gringo@hotm[ ].com ['ail' in gap]> on Friday July 21, 2006 @11:56PM (#15761694)
    That is just nuts!

    I run mine wide open because that is they way I want it. I secure my machine of course, but if someone is within range and wants to use my connection, I don't have a problem with that. Hell, my SID is actually "WideOpen".

    I used my neighbor's DSL for over a year, but I eventually got my own. There is no reason every house on a block should purchase their own Internet connection, and wireless network. Apartment buildings are in an even better situation. All that money that people are spending on individual connections could purchase a lot higher speed connection for everyone and still save money.
    • Re:Ludicrous (Score:3, Interesting)

      by NotQuiteReal (608241)
      I used my neighbor's DSL for over a year... - With his permission? But probably against his TOS.

      There is no reason every house on a block should purchase their own Internet connection... Yeah, and maybe you should all share one cable TV hookup too.

      The reason is because the providers of those services are selling them for use by one household per subscription.

    • Re:Ludicrous (Score:2, Insightful)

      by erexx23 (935832)
      Awesome!

      As a potential hacker I launched 4 viruses and downloaded 4 gigs of MP3's using your network.
      All traceable back to you.
      I spoofed my mac address
      thank you.
      • Re:Ludicrous (Score:3, Interesting)

        by hackstraw (262471) *
        As a potential hacker I launched 4 viruses and downloaded 4 gigs of MP3's using your network.
        All traceable back to you.
        I spoofed my mac address


        So?

        I did the same thing from the coffee shop that had a big sign out front that said "Free Wireless Internet!"

        And I spoofed your mac address.

  • ridiculous (Score:4, Insightful)

    by thdexter (239625) <`dexter' `at' `suffusions.net'> on Saturday July 22, 2006 @12:02AM (#15761715) Journal
    I know several people who leave theirs open for neighbors and friends to use without encumberance. It's a nice gesture, one in which a private good becomes a public good via goodwill. Even with bittorrent running I'm not using all of my bandwidth at all times.

    Besides this, do we mandate that folks lock their car and house doors? Are there laws against leaving a key under the rug, on the door frame, or below your car door?
    • Are there laws against leaving a key under the rug, on the door frame, or below your car door?

      Actually, you could enforce the DMCA to protect your novel method of "secure access".
  • In other news. . . (Score:2, Insightful)

    by LunarCrisis (966179)
    In other news, it is now illegal to give money to the poor.

    "Imagine what could happen. Someone could give someone some money, go home, and realize that they needed that money! Just imaging the potential lawsuits! Everyone is much better off this way."
  • FCC (Score:4, Insightful)

    by Detritus (11846) on Saturday July 22, 2006 @12:23AM (#15761773) Homepage
    I'd argue that their rules are preempted by the FCC's regulations on spectrum use. The FCC usually takes a dim view of people who trespass on their turf.
  • You don't run WEP/WPA because you don't trust it, but do require any nodes on the wireless LAN to establish a VPN connection to a server before they can connect to the Internet? What if you want to allow people to pay you to access the Internet through your cnnection? I don't think the police or some homeowner's association would be able to tell the difference...

    I do find the whole concept of mandatory encryption rather ironic though. Would that it were the case for email, VOIP or Internet connections in

  • by zoomshorts (137587) on Saturday July 22, 2006 @12:25AM (#15761777)
    Suppose a known sex offender began moving child porn over YOUR wireless network.

    I would love to see you explain that away as an "oops, I forgot to turn encryption and
    authentification on" to the police following the pervert. They will FIRST get you for
    aiding and abetting the crime.

    This stuff, security, only makes sense in today's world.
    • you are fucking retarded

      leaving a wireless point unsecured has NEVER, NOT ONCE been treated as aiding and abetting, not even close.
    • by karmatic (776420) on Saturday July 22, 2006 @01:41AM (#15761968)
      There's a reason the law requires "beyond a reasonable doubt" for criminal cases. Let's examine a "worst case" scenario:

      So, the cops find child porn online - what happens? They contact the ISP, perhaps get a warrant for the DHCP logs.
      The logs show it was your IP. This gives them... probable cause for a search warrant. You get a nice visit from the friendly police squad, and they take your PC(s) as evidence.
      Upon looking through your PC, they find *gasp* all kinds of porn, just no kiddie porn. Guess what, they have no case. They either drop it (likely, especially if you can demonstrate you had an open AP), or you get to rely on a judge or jury to drop it for them.

      Eventually, justice prevails (possibly after a couple appeals and a lot of money), you get your stuff back, and you aren't convicted of anything.

      Does it suck? Sure. That doesn't change the fact that you are an idiot, and "aiding and abetting" requires, among other things, mens rea (criminal intent). In other words, they have to demonstrate that you intended to violate the law. (There are civil issues, but we're talking criminal here).

      It may be _unpleasant_ when someone uses your connection for something illegal; however, that doesn't automatically mean you are liable. In fact, courts tend to be hesitant to assign liability to ISPs that do not knowingly facilitate crimes. Imagine if Cox/Comcast were responsible for every illegal action performed by their users online. It would be "death by lawyers" for the internet.
    • Eidiculous arguemtn. BEsides the fact there are worse things in this world that sex offenders. There are other ways to get onto the internet besides YOUR wireless router. And being YOUR wireless router you could always put in censoring.
    • Oh no! I better never do anything nice for anyone because of the tiny, tiny chance that someone might possibly maybe do something bad with it one day!!
  • I would just like to continue the idea that some of us deliberately leave our wireless networks open to share. I do live in an apartment building, I also pay a fair amount of money to have multiple static IP's, I don't use all that bandwidth all the time so I leave my wireless network open. It costs me nothing and benefits people around me in a small way. I've met a few more of my neighbors who came by by to thank me for leaving my connection open. That last behavior is rare I know but it is nice to meet pe
    • I speak from experience when I say that even if you do get encryption working right between multiple vendors, you could still run into trouble with performance/usability. I had an encrypted wireless net, and it actually caused me a whole bunch of headaches getting the security to work right under Vista, XP, Slackware (the only one that did exactly what I wanted it to do, actually), 2k, and NetBSD. One system would work right, but another would take 5 minutes to authenticate every time I booted. Another woul
    • A friend of mine used to leave his wireless open, figuring it was his civic duty to let the neighbors' teenagers have uncensored net access. It was fine for a while, but eventually somebody started doing too much P2P traffic and his wireless performance got unusable, so he closed it down.

      In my building, there are at least two unencrypted wireless connections. One's mine; the other is a neighbor with a Belkin node. I can see 3-4 other encrypted connections. Occasionally something goes wrong with my con

  • Many Reasons... (Score:2, Flamebait)

    by Kaenneth (82978)
    Many cities require property owners to clean/paint over any graffitti; uncontrolled internet access could be used to deface sites.

    You can't display a corpse, or a facsimile of a corpse in public in most US counties; uncontrolled internet access could be used to spam goatse.

    It's also often illegal to leave your car keys in view in/around your car unattended; You have the responsablity to control your tools.

    You can't wear a ski mask into a bank, no matter how cold it is; anonymous internet access could be us
  • Before the discussion slides predictably towards vague diatribe on governmental encroachment and abuses of state power, I just wanted to point out that this is not something that's being proposed or enforced by the government at any level; it's strictly a question of managers of private condo complexes making "secure" wireless one of the many (arguably draconian) regulations already in place for people who wish to live there.

    We may still not think it's a good idea, of course, but the fact that it's bein
    • We may still not think it's a good idea, of course, but the fact that it's being implemented by private individuals makes a big difference--

      I'm more oppressed by private entities these days than by our (increasingly oppressive) government. Nosy employers, sinister, lying HMOs (the "M" stands for "denial"), unaccountable credit-rating agencies, telcos colluding with illegal eavesdropping. Not that the distinction between business and government is all that meaningful anymore.

      I don't really care whether

    • Landlords, developers, and condo associations do not have unlimited freedom to impose rules on tenants and owners. The FCC can, and has, preempted restrictions in rental agreements, leases and deeds, when they thought it was in the public interest. The same applies to state laws, local laws and zoning restrictions.
  • by raju1kabir (251972) on Saturday July 22, 2006 @12:46AM (#15761848) Homepage

    My first reaction was "Good Lord, how stupid can people get?" - I mean, does this mean that if you set up a wireless network in accordance with their regulations, and it still gets abused (through WEP weaknesses or whatever), they have implicitly invited you to sue them?

    But then I thought back to ohhh, yesterday, when I was wrapping up a work trip to Thailand. When I arrived I had bought a SIM card at a dusty little family shop and the cashier who installed it into my phone signed me up for a bunch of promo offers including the loathsome Calling Melody (which I never figured out how to disable) and 50 free hours of GPRS (pretty good considering the card cost me US$7.50).

    My hotels had free wifi so I didn't end up using that much of the GPRS time. Yesterday, at the airport, I figured I might as well use some more of it up, so I popped open the trusty iBook and turned on internet sharing with SSID name "Free Internet!"

    Within 15 minutes I had 5 or 6 people on it (must have been painfully slow for them). I was too tired to do anything useful, but just for the heck of it I started up ethereal to see to what ends my largesse was being used. It was remarkable how trusting (or probably ignorant) people were - as well as how many unencrypted port-80 webmail servers and office intranets there are out there.

    So maybe the real value of the rule in TFA is to protect the users from themselves, rather than protecting the AP owners. When you connect to an unknown AP you never really know what could be going on with your traffic unless you encrypt and authenticate it.

    • It was remarkable ... how many unencrypted port-80 webmail servers ... there are out there.
      Not really. SMTP is unencrypted, so if you're relying on encrypted webmail to secure your e-mail communication your security model is probably wrong. The only things which should really need an SSL connection per se are changing your password and deleting messages; by implication logging in would also need SSL to set up a secure cookie for these.
  • by MikeRT (947531) on Saturday July 22, 2006 @12:47AM (#15761853) Homepage
    Look, you cannot force people to play it safe. There are so many examples of that sort of thing failing that it should just be taken as a fact of life. Most people simply don't value safety, like they don't value natural rights, until it's too late and the evil people, criminal or government agent, are hurting them.

    Wireless safety is part of that. Part of the problem is that Windows has a very clunky user interface for specifying a strong encryption key. Something as painless as PGP would be very nice.

    The police have a valid concern that criminals could exploit these holes and frame ordinary people. However, technical solutions don't work except in simple cases. In fact, in non-"high tech" cases, it wouldn't be a real concern. Where are the laws requiring people to lock up their home so that someone cannot break in and use their bedroom as a sniper post? The lock is hardly a hindrance to these sort of people.

    In most crimes, the wireless security is beside the point. People can crack it with enough time and dedication. Worrying about wireless security problems is akin to worrying about a hershey's kiss making you fat while you have a bucket of fried chicken, a bucket of gravy-slathered mash potatos and a 2 liter bottle of coke for your own consumption.
  • 1) Become cable company 2) Offer high(nyuk-nyuk) speed internet at an already inflated price 3) Kick back to condo associations 4) Make it illegal to share internet access 5) Profit!
  • Great, so now if I'm disabling my wireless card's weak encryption, and instead using a proper firewall and OpenVPN connection behind the AP, the condo board is going to come after me because my "wireless" is allegedly insecure?

    Seriously, if you don't at least know what indistinguishability under adaptive chosen-ciphertext attack is, you shouldn't be making security policy.

  • by SEWilco (27983) on Saturday July 22, 2006 @01:17AM (#15761922) Journal
    "Nobody expects the Wireless Police!"
  • I want to have my data encrypted, but I want my guests to be able to access the net, and if passersby want to freeload a bit, that's fine too. If I set my SSID to "password==guest" and let people log in with "guest" as the authentication system password, will my data channel still be usefully encrypted, or does knowing the access password let people eavesdrop on my connections?
  • I live in a share house, in the suburbs of Melbourne, and there's a new housemate every other month. So far, they've included a non-technical german, with a german-language OS, a guy with a windows 98 box and no clue, and so on. It's enough hassle having to get these guys on to an unsecured network, and in the six months that I've been here, nothing that shouldn't be on the network has been. If I want to take that risk rather than be a full-time network admin at home, that's my frigging business.
  • come on mutha fucka! come and GIT MEEEE!!!

    Come and try to stop me from running my stupid piece of shit linksys wireless g router wide open!!!

    I live in a boring residential neighbour hood in San Francisco, and all my neighbours have wireless too! And you know what? WE don't fuckin care! And anyone who parks on my hilly twisted street gets noticed right quick, and no fool is gonna drive up here lookin JUST LOOKIN for trouble.

    So COME ON AND GET ME YOU FASCIST MOTHERFUCKERS!!!

    RS

  • by Doppler00 (534739) on Saturday July 22, 2006 @05:08AM (#15762323) Homepage Journal
    Okay, who builds a multimillion dollar condo and doesn't provide free wireless and internet connections to all it's tennets? I mean come on, it's 2006 already. Why on earth did they not build the networking infrastructure into the building in the first place? Ironically, I bet you they are getting paid quite a bit to put cellphone tranceivers on the building though by a cellphone carrier. So instead of building their own network infrastructure, they are going to waste their time policing you if you provide a service they failed to offer? Maybe they should have 900MHz scanners to make sure you're not using an unencrypted cordless phone too.

    And how are they going to actually figure out which tennet is running a wireless AP? With just laptop, it's almost impossible to locate an AP without sophisticated antennas and equipment. I've scanned apartment complexes with my cellphone and I often find about 8 secured, and a couple unsecured nodes from the parking lot. Good luck trying locate them physically.

    Also, you are not violating any laws according to the FCC. In fact, you could totally violate the IEEE802.11 protocol on the 2.4 GHz band to create as much interferance as possible as long as you are within the FCC gidelines for power.

    I fear the government will try to step in and regulate these protocols, thus freezing them and preventing any future inovation.
  • by Tim Browse (9263) on Saturday July 22, 2006 @05:48AM (#15762381)

    I don't get all this obsession with wifi security and encryption. I mean, why do we, as the average citizens, need encryption?

    I mean, if we haven't done anything wrong, then we have nothing to hide, surely?

    The only people who would want wifi encryption are criminals, because they have something they don't want the authorities to see.

  • Legal Clarification (Score:3, Informative)

    by Rydia (556444) on Saturday July 22, 2006 @08:55AM (#15762635)
    As usual, I see a lot of people have confused the issues. Lots of complaining about the "nanny state" and "telling people what they can do with their own equipment" and how they have no right.

    A condiminium board is a completely different entity than a local government. They are not held to the same standard, as far as most things go (the fair housing act being a major exception), as a local government is. The developer buys and develops the property all at once, then sells it (again, all at once) to the original investors (who generally start the 'condominium board'). Since everything was transferred and later subdivided at once, any covenants and hinderances written into the original title deed (usually binding the owner to the rules and regulations of the condo board, a provision implemented through the condominium board act in that particular state) are enforceable against the owner. Another vehicle for this is that people do not actually own the entire condominium; they own the interior in fee simple, but the exterior is owned by the condominium board, so the board retains an interest in the property to create legal leverage.

    This is actually one of the more sane things I've seen out of condominium boards. Compared to, say, barring pets, this is simple and actually serves a good purpose.
  • Some Perspective (Score:5, Insightful)

    by Fnord666 (889225) on Saturday July 22, 2006 @09:37AM (#15762716) Journal
    Let's get some perspective on this please. Despite the gratuitous use of the word "police" in the posting headline, this has nothing to do with the police or the law. No one is trying to pass any laws. This is one condo association setting up the covenants under which purchasers of the condos must live. This isn't any different than a restriction that condo owners can't put a fence in their front yards.

    According to the article

    "Bryan Welch is sales manager and designated broker for Canoa Ranch and he takes credit for first broaching the wireless security mandate with the developers of the project, which will provide each condo unit/hotel room with wired broadband, telephony and cable TV service."
    In summary, the condo developers are providing the broadband connection and want to make sure that the condo owners secure their endpoints. Open access points have some risks that the developers are apparently not willing to accept. As a goodwill gesture they could retain a local networking firm to help owners set up their wireless networks properly though.

3500 Calories = 1 Food Pound

Working...