California Passes Wi-Fi Guidance Law

MrNonchalant writes, "California's legislature has passed a law requiring Wi-Fi device manufacturers to include warnings about security. From the article: 'From 1 October 2007, manufacturers must place warning labels on all equipment capable of receiving Wi-Fi signals, according to the new state law. These can take the form of box stickers, special notification in setup software, notification during the router setup, or through automatic securing of the connection. One warning sticker must be positioned so that it must be removed by a consumer before the product can be used.'"

Considering. . .

[Anonymous Coward]

Considering that most phones, PCs, and PDAs come with some sort of wireless networking, everything must now say "Hey idiot! You just bought a computer! It's networkable! (This DUH statement required by people's republik of kalifornia)

California

[dch24]

California has more warning stickers than just about any other state. WARNING: This post may cause reproductive harm, as it has been used on a website where counter-reproductive agents known to the State of California exist.

Re:

[sfjoe]

California has more warning stickers than just about any other state.

Not to mention that it has one of the highest GDPs of any state and is the world's 7th largest economy in addition to being a leader in innovation. Too bad the rest of the states can't seem to learn from California's success.

Re:

[Anonymous Coward]

Isn't it funny how productive one can be when they're no longer worried that some corporation is poisoning them to make a quick buck?

Re:

[inviolet]

Not to mention that [sticker-happy California] has one of the highest GDPs of any state and is the world's 7th largest economy in addition to being a leader in innovation. Too bad the rest of the states can't seem to learn from California's success.

Correllation != causation.

And another thing. The cost of warning stickers is inevitably reflected in the product's price. Therefore, the actual effect of this law is to force the consumer to purchase warning stickers that may or may not be necessary, useful,

Re:

[Sillygates]

It's about time there are warnings on wireless devices, many consumers set up wireless networks with weak or no security at all, and they dont realize the legal trouble they can get into these days (with the riaa, mpaa, etc).

Re:

[Anonymous Coward]

If you took the population of CA and choose any equivelent area on the East coast, you would have the same if not larger economy. Imagine if the mid atlantic states like PA, DE, NJ and maybe even NY in one governmental drawn boundary line that made a single state. The physical size would probably be smaller then CA in size but have a much larger economy. CA is not an economic powerhouse because of some special business sense or because of some business advantage, it is because of the population due to it

Re:California

[soft_guy]

Too bad the rest of the states can't seem to learn from California's success.

Yeah, those idiots in Nevada should get a whole bunch of ocean coastline.

Re:

[Bing Tsher E]

Eventually, with any luck, they will.

Re:

[Baloo Ursidae]

Not to mention that it has one of the highest GDPs of any state and is the world's 7th largest economy in addition to being a leader in innovation. Too bad the rest of the states can't seem to learn from California's success.

So that means there's a few people in California that know how to screw over the other 32 million idiots. Like it's that hard to trick a Californian...

Re:California

[QuasiEvil]

Personally, I can't wait for the day when they find that warning sticker glue is somehow very mildly carcinogenic. Then we'll get warning stickers on warning stickers on warning stickers on...

I advocate we go down to a single warning sticker on everything - "Please know what the fuck you're doing, or else return this product."

THIS TAG MAY NOT BE REMOVED EXCEPT BY CONSUMER

[MillionthMonkey]

Hint: if it says "DO NOT REMOVE UNDER PENALTY OF LAW" instead, it's more than 15 years old and may be a "refurbished" mattress. Every so often the mattress tag threat has to be phrased differently.

I'd imagine on wireless equipment there would be a sticker like this:

"WARNING: This box contains wireless electronic equipment known to the State of California to present a risk that you might inadvertently spread your ass cheeks wide open for the world to take advantage of you."

Re:

[Darth Liberus]

With the glaring exception of Prop. 65 warnings (THIS AREA CONTAINS CHEMICALS BLAH BLAH BLAH) we're actually pretty low on the "stupid warning nanny state" scale.

Personally I think we just did the entire English-speaking world a favor... I highly doubt companies will only put on the sticker and include directions on how to secure wireless routers destined for California, they'll just slap them on everything.

Next maybe we'll clean up the video game rating system... trust me, you'd MUCH rather have us do th

Re:California

[evilviper]

California has more warning stickers than just about any other state.

Don't you hate it when there's a sticker or sign that warns you of life-threatening risks?

I mean, sure, now I know that the wood sold by my local hardware store may cause cancer, but avoiding cancer surely isn't worth having to pull little stickers off of a small percentage of the things you buy.

Re:

[nsayer]

Except that damn near everything causes cancer. Therefore everything must have a prop 65 warning. Therefore, prop 65 warnings are made just about as useless as the Microsoft driver signature warning dialogs.

Re:

[evilviper]

Except that damn near everything causes cancer. Therefore everything must have a prop 65 warning.

I've heard others say that too, but I don't see it.

Wood was a surprise to me. The only other place I tend to see it is on signs around junkyards, garbage dumps, packages of engine oil, grease, etc.

So far, I've never seen one entering any restaurants, supermarkets, electronics stores, etc. No Prop 65 warning on my TVs, shoes, DVDs, etc., etc.

What are you doing, and what are you buying, that you're seeing these

Re:

[MasterOfDisaster]

There's a Prop 65 warning on the door of my appartment. It doesn't get any more everywhere than that. And it's not like I live in a garbage dump that became an appartment complex. It's a nice upscale facility. (that, according to the state of california, may cause cancer).

Let's hope the "warnings" are well written

[SachiCALaw]

A law like this is only as good as the warnings. If the warnings wind up being heavy on the legal boilerplate or tech jargon, not many of the people who really need them will be helped. But if they are written with the law's intended target in mind -- clueless Mom and Pop (or Ted Stevens) -- and use simple explanations and instructions for securing the WiFi connection, the law could be a good thing. That's said, I'm kind of pessimistic . . .

Re:

[elmarkitse]

This post sounds a lot like the programmers who bitch incessantly about reasonably adept computer users who nevertheless use GUI's.

"If someone really wants to use a computer they should at least be able to get in behind the little artsy GUI's and do something with the software, GUI's are for pansy's and if you can't code you lose the right to complain"

Isn't there some responsiblity on the part of the manufacturers who are advertising to these ignorant mom and pops to educate them? Isn't it the respon

Re:

[elmarkitse]

I think part of my post got interpreted as some kind of socialist wishful thinking, the 'isn't is part of their responsiblity...

in fact the point I'm going towards is that the companies are going after the ignorant consumers, not the saavy ones. These products are in best buys and walmarts, not just techie computer stores / websites. For example, I have had a few linksys routers. They all come with some crappy 'wizard' software that tries to make everything work for me, but they do a terrible job and d

Re:

[rm999]

I strongly disagree with you. The last couple wireless routers I installed did not intuitively inform me of the risks. They made it easy to setup, but without security enabled by default.

Company's goals are "easy"

[Kadin2048]

You're right, of course ... however, the manufacturers of computing equipment (and this can be extended to almost anything) have a vested interest in making their equipment as easy to use and approachable as possible, in order to sell it. Even if this means that the equipment is, in a way, too easy to use, or easy to use badly, they will do it, unless prompted otherwise by law.

Now in the case of WiFi setups, I'm not convinced that stickering is warranted. However, it's the nature of the companies selling th

Bad Idea.

[Anonymous Coward]

I hope this doesn't lead to criminalizing open access points by brainwashing peole into thinking access points should be locked down and encrypted.. I provide free wireless to one of the coffee shops at the end of my block; and a friend of mine does to the other one. Of course our own computers are safely firealled off from the wireless access point which is in a sort of DMZ/outside our firewall.

This idea that people should not share wireless (even when their ISP allows it) is just one more step in wrecking the freedom of the internet.

Re:

[GalacticCmdr]

Actually a better approach would be to completely lock down the access points that are sold. Then someone who wants to share can make the change to share. Those that simply want to plop down some wireless to connect their home laptop should have it easy. This makes this easy as a toaster for the technologically-challenged, but gives those that want to do something the ease to do it. What we currently have is crappy Windows-like security - what we want to get to is better BSD-style of security.

Re:

[LordLucless]

Not quite; the manufacturer would then need to provide the encryption keys written down somewhere, and the consumer would have to configure their computer to use those keys. Security will *always* require a bit more effort on the part of the users. Unfortunately, people in general still aren't confident enough with computers to handle configuring some simple stuff like wireless encryption keys. If a company did this, you can bet they'd have an upswing in irate customers complaining the product didn't work,

Idiot-proof security:

[megaditto]

I believe some newer linksys routers have a synch button you push to add a new device. They call it Secure Easy Setup and that sounds quite useful for customers (never tried that myself): http://www.infoworld.com/article/05/07/25/HNlinksy swlan_1.html [infoworld.com]

Re:

[LordLucless]

From that article, it seems you need to push a button in the install software, then a button the physical router, and the router will send your computer the decryption keys. The most secure way I can think of it doing this is that both the router and the software have a standard key built into them at the manufacturing stage, and that they use this default key to encrypt the signal that transmits the real key. That's fairly secure, as only someone who is listening at the same moment, and knows the default k

Re:

[ptbarnett]

Actually a better approach would be to completely lock down the access points that are sold.

When I upgraded my Verizon FIOS service to add TV, the installer gave me a new router: an ActionTec MI424-WR [actiontec.com].

The wireless access point was enabled, but it had 64-bit WEP enabled with a password that looked like it was randomly generated. I switched it to WPA PSK and set my own password, but I was impressed that it didn't default to a wide open access point.

Re:

[Firehed]

They're not against free wireless. They're trying to stop Linksys being the biggest and cheapest ISP around. If you WANT to give away bits, great - I would assume that the goal of this law is to make sure that the people who are doing so are doing so intentionally. I secure my AP just so people don't go sniffing my packets, but I'll happily tell anyone the AP name and key if they want to use it (in fact, I'm sure I've posted it in slashdot threads at least twice). AFAIK, there's no great way to have an

Re:

[Mal-2]

There's nothing wrong with saying "don't share your Wi-Fi unwittingly, when you don't know what you are doing." The people who know enough to do it right are not the problem.

Mal-2

Freaking California

[h_jurvanen]

I wonder how many trees have been killed in the name of all those idiotic "This item contains substances known by the State of California to..." labels and stickers.

Re:

[mctk]

It's a wonder they haven't demanded that each warning sticker come with its own warning sticker.

Re:

[Jeremi]

I wonder how many trees have been killed in the name of all those idiotic "This item contains substances known by the State of California to..." labels and stickers

If we're going to start with hypotheticals, I wonder how many people have been killed due to lack of those stickers elsewhere?

If there's a known carcinogen in the area that will affect my health, I want to know it -- then I can make a (somewhat) informed decision about whether I want to take the risk or not.

And...

[Future Man 3000]

For the cost of all these stickers (physical materials, labor, employee time spent in proper implementation meetings, enforcement), will consumers be one jot safer?

Well intentioned as this might be, it's probably worse than doing nothing at all. If you don't know what wi-fi does you shouldn't be buying it, and a five page manual (even with a cautionary sticker) is hardly going to cover the fundamentals of wireless encryption and firewalling a user needs to approach the security of a wired connection.

Re:

[System.out.println()]

a five page manual (even with a cautionary sticker) is hardly going to cover the fundamentals of wireless encryption and firewalling a user needs to approach the security of a wired connection.

Not every explanation of usage of a product needs to be as thorough as a man page.

I'll do it in one paragraph:

Open the router's configuration page (found at x.x.x.x) and enable WPA. Choose a password that contains letters, numbers, and punctuation. Check the "enable firewall" box on this page, as well.

People who don't

I'm feeling cranky

[Eevee]

...and enable WPA.

Congrats. You've just given the wrong instructions for everyone with a Nintendo DS. Not to mention legacy gear with doesn't support WPA.

Choose a password...

Where's the explantion about using the password on devices trying to connect to the access point? Whoops, you mean the instructions need to cover software for Windows, MacOS, and Linux? How about people using multiple access points; where's the explanation about having seperate passwords for each AP?

Not every device understands WPA

[tepples]

Open the router's configuration page (found at x.x.x.x) and enable WPA. Choose a password that contains letters, numbers, and punctuation. Check the "enable firewall" box on this page, as well.

And have your Nintendo DS fail to connect to Nintendo Wi-Fi Connection because the DS only understands WEP.

Re:

[cgenman]

A lot of people don't even know that wireless is insecure. Telling someone "this wireless network is insecure until you set a WPA password. See manual for details." would go a long way to letting average people know there is even something to know about.

You'll never get a full, detailed knowledge of the facts from a one-line sticker. But hopefully you will spread the knowledge to the point that people say "why would you need a sticker for something so obvious?" Simply put, it's the sticker that makes it

Re:

[SeaFox]

For the cost of all these stickers (physical materials, labor, employee time spent in proper implementation meetings, enforcement), will consumers be one jot safer?

Many routers already have a bunch of stickers applied to them that aren't really needed. When I bought my Linksys router, it had stickers on box flaps, the antistatic bag, and on the router itself covering the Ethernet ports that said to make sure to install the software before plugging in the router. I don't know why. The router did not have a U

Receive?

[dougmc]

Lots of gear can `receive' WiFI signals. I've got a cordless phone that uses 2.4 GHz -- it cannot decode WiFi signals, but it certainly can receive the signal. Same goes for a little low power video receiver I've got -- WiFi looks like noise on the screen, but it's clearly receiving the signal. `Receive' certainly is not the proper word.

The law seems like a good idea (or at least the idea is good, even if the fact that it's a law really isn't good), but having laws regarding technology made by people who don't really know the technology involved seems like a bad idea.

Re:Receive? No!

[SmoothTom]

As you said,

...having laws regarding technology made by people who don't really know the technology involved seems like a bad idea.

From the ariicle:

'From 1 October 2007, manufacturers must place warning labels on all equipment capable of receiving Wi-Fi signals, according to the new state law.'

This also shows how having articles made by people who don't really know the technology involved seems like a bad idea.

The actual law (link to the law text attached to the article) this has no statement that even hints at that. Instead, it clearly and plainly defines those items that will require the warning, and those definitions are not only correct, but quite adequate.

Nice to know that the writers of the law did a better job than the writers of the article.

Also nice to know that my little 'Canary' WiFi detector will continue to be quite legit, and not covered by the law, at all.

--
Tomas

Re:

[mattmacf]

My leftover burritos and uncooked ramen can "receive" the WiFi "signals" my microwave transmits very well (2.4 GHz and all that). The actual bill [ca.gov] that TFA links to spells it out a bit better though. Among other things are this wonderful nugget:

(b) This section shall only apply to devices that include an integrated and enabled wireless access point and that are used in a federally unlicensed spectrum.

Funny enough, the word "receive" isn't present in the actual bill itself. Go figure.

Re:

[Jeremi]

The law seems like a good idea (or at least the idea is good, even if the fact that it's a law really isn't good), but having laws regarding technology made by people who don't really know the technology involved seems like a bad idea.

Have you actually read the text of the law, or just the above summary of the law, written by (wait for it...) some journalist who doesn't really know law or the technology involved, and is trying to summarize the law's intent in one quick paragraph?

I'm not saying the politicia

Re:

[evilviper]

Lots of gear can `receive' WiFI signals. I've got a cordless phone that uses 2.4 GHz -- it cannot decode WiFi signals, but it certainly can receive the signal.

By that crazy definition, I've got a 3" piece of wire that can `recieve' Wifi signals.

`Receive' certainly is not the proper word.

Did you read the full text of the law, and see "recieve" in there, with no definition of it? ... Or are you just taking something some reporter wrote out of context, and acting as if it came from the pens of the lawmakers?

Is it going to be like the solder warnings?

[gameforge]

When you purchase standard solder at the hardware store, it says something like "This product contains formaldehyde, a substance which is known to the state of California to cause cancer."

So are these routers going to have little labels in front of the power connector that say "The state of California strongly advises you to take these steps to ensure your network is secure. The other forty-nine states and the manufacturer advise you need only plug and play."

Or will it be like on tobacco and liquor product

Re:

[sfjoe]

I love California to death, really. I wish to live their someday. But I think it's illegal to be Conservative(R) in public there...

We're going to build a wall and have volunteer Minutemen to keep conservatives out.

Re:

[mrraven]

This pointedly stupid yuppie safety crap isn't left or right it's stupid.

Re:

[soft_guy]

Both political parties do stupid things. When the democrats do stupid things, it is often things like this.

The stupid things republicans do are typically a little different.

Re:

[mrraven]

B.S. the OMG the world is scary protect the children by coating the world with latex safety bumpers b.s. comes from BOTH parties. Politics in the U.S. is shot to hell. Watch this little bit by George Carlin to see what time it is:

http://www.informationclearinghouse.info/article14 837.htm [informatio...house.info]

Hint the more AFRAID BOTH parties can keep us the less likely we are to question the government or the ill effects of corporate globilization.

Re:

[Dun Malg]

I love California to death, really. I wish to live their someday. But I think it's illegal to be Conservative(R) in public there...

Only in the big cities. Get out into the suburbs or the rural areas and it's like you're in the midwest.

Re:

[evilviper]

I love California to death, really. I wish to live their someday. But I think it's illegal to be Conservative(R) in public there...

Yeah, the 40%+ of the population of California, that votes Republican, is here illegally...

Or do people really not know that California != Los Angeles & San Francisco.

Ignorance

[Mr EdgEy]

Of course, these stickers will still be ignored just like EULA's, software manuals, etc.

Re:

[east coast]

Perhaps but a number of people at the facility I work at ask me about WEP on a regular basis. There are those who are interested but just don't know what it really is.

If it saves one PC it was worth the effort!

Re:Ignorance

[truthsearch]

Actually these stickers will be re-peeled.

(Sorry.)

Re:

[Technician]

Of course, these stickers will still be ignored just like EULA's, software manuals, etc.

Just like the Linksys router I just bought. It had a sticker over the CAT5 jacks that said to install the software CD before connecting.

I had already set up the PC and just wished to use the web based configuration. I didn't install the software. I pointed my browser at the router default IP address and configured from there. Too many items sold assume a Windows only environment and do not list the other options for

Well..

[FunWithKnives]

I commend the effort to increase consumer awareness regarding wireless security, but am I the only one that thinks this won't make one iota of difference? I'm willing to bet that the majority of these warnings will end up in the trashcan without even a cursory glance; And as for including the warning in router setup, the majority will probably do the same thing they do with EULAs: click 'Accept/I Agree' without reading any of it, and promptly go on about their day. Nice attempt, though..

Re:

[SSpade]

Once a few idiots whose insecure wireless access points are used to send spam, phish people or upload child porn get prosecuted and are unable to use the "I'm stupid, and I never knew that my access point was a attractive nuisance!" excuse it might start to have some effect.

Manufacturers can solve this problem easily

[thesandbender]

Telling people how to do it is not going to solve the problem. When I headed up the IT department for my old company I established a program where people could fedex in their routers and we would secure them and fedex them back... at no cost to them (I successfully argued that the cost of next day air was less than the cost of a potential breach). One person out of a company of 300 took advantage of it. As much as I hate big government/big brother there are times when you have to overcome apathy but legislation. It sucks but it's true... and there is a simple solution to this problem. Almost every piece of commercial software you buy today includes a key that is, for practical purposes, unique. The technology to create, assign and distribute these keys exists and can be done at a price point low enough to pass on to the consumer without them caring (e.g. $5 a router, most of which pays for support and not the actual technology to do it). The legislation should not mandate that users are told *how* to secure the router. It should mandate that the routers are *shipped* secured, with a pseudo-random key pre-program and stuck on the outside of the router with a label. Just like the keys you get if you buy Windows. The problem is the support costs... but good documentation can take care of must of that, along with a little $ tacked onto the cost of the router.

Re:Manufacturers can solve this problem easily

[thegrassyknowl]

Mod Parent Up.

Just shipping all routers with a pseudo-random long WPA-PSK pre-loaded into each router and a sticker in the user guide telling what the PSK is will go a long way to securing routers.

Anyone who wants to change from WPA-PSK to something else should have the experience to understand the implications of doing that, and if they don't then well... let them suffer the consequences of their actions.

Re:

[Beryllium Sphere(tm)]

Or have the WiFi equipment auto-configure [buffalotech.com].

There's supposed to be Vista support for WPS, WiFi Protected Setup [wifinetnews.com], an attempt at cross-vendor automatic setup.

Warning stickers soon to be mandated on locks...

[jordandeamattson]

Sacramento, CA (AP)
In a surprise move, the California Legislature passed and sent to the Governor that a bill which will require the placement of stickers on all locks throughout the state of California stating, "Hey, Stupid...if you don't use this thing correctly, someone can easily break into your house!"

* SARCASM OFF *
If the manufacturers of WiFi gear hadn't shipped things in an unsecured state, of course this wouldn't be necessary. My believe is that all hardware and software should be "locked down" out

shipped secure???

[www.sorehands.com]

You mean secure such as having an admin password as "pass" ?

If it is configured with encryption on, what would the password be? 1234? If that is so, inform President Skroob so he can change his luggage combination. It won't be any more secure than no password since anyone can guess the password.

Tha Nanny State

[mrsam]

The US is quickly turning into the Nanny State. We live in a dangeous world, folks, but -- have no fear -- the mighty government is here to protect you from yourself.

Next thing you know, they'll be telling you how much water you legally can use to flush your crap down the toilet. Oh, wait... [energy.gov]

Re:

[Jeff Molby]

Next thing you know, they'll be telling you how much water you legally can use to flush your crap down the toilet. Oh, wait...

Yeah, it's a stupid law and I support its repeal, but I won't really start to protest until they mandate timers that prevent me from flushing twice in a row.

Re:

[evilviper]

Next thing you know, they'll be telling you how much water you legally can use to flush your crap down the toilet.

Yeah. The government sure is awful... Making rules about how much of a limited resource people can use. Or more specifically, making rules about the device which is the #1 consumer of a limited natural resource.

Next they'll be telling me I can't put as much toxic smoke into the air as I want to. Oh wait...

Re:

[Brandybuck]

Making rules about how much of a limited resource people can use.

Water isn't a limited resource as it is fully recyclable and have oceans and oceans of it. There's no such thing as "water shortages". However, it is seasonal. While low flow toilets make sense in Las Vegas, they make no sense in Seattle.

A far better solution than nanny laws is to have water meters and charge by the gallon. Some places in the country simply don't have water meters. Even some traditionally "dry" places don't have them. When you

Re:

[evilviper]

Water isn't a limited resource as it is fully recyclable and have oceans and oceans of it.

Fresh water, is a limited resource.

The cost of desalination are extremely high, and therefore impractical. Give me enough energy, and I can make unlimited ammounts of petroleum too...

While low flow toilets make sense in Las Vegas, they make no sense in Seattle.

Instead of Washington, let me swap Colorado in there, for a more relevant example.

While CO may appear to have a significant supply of water, while NV does not,

Re:

[Brandybuck]

Fresh water, is a limited resource.

If it is, then so are all of the other "renewable" resources that depend on it. In economic terms all resources are limited. But in colloquial usage a "limited" resource is one that can't be renewed. Like petroleum, iron ore, or real estate.

Fresh water is seasonal. It comes back the next year. Really it does. Even if you have a drought, you still get back *some* water, and the drought won't last more than a few years. I'm not arguing you shouldn't conserve water, because i

*sigh*

[Lord Prox]

politicians writing laws on technology are about as helpful as looking for a gas leak with a candle.
What exactly is this law supposed to do. You can't legislate away ignorance or apathy, already we have "warning: contents may be hot after heating" or a cup of steaming coffee with "Warning: Hot beverage may be hot" and the hair dryer with the warning "Do not use in shower". May I suggest the following on the next election ballot... "Warning: Political canidates may be morons if elected"

I'm telling you the

Re:

[OECD]

politicians writing laws on technology are about as helpful as looking for a gas leak with a candle.

You've never had a gas leak. That's exactly how it's done. (Well, usually with a Bic. But the idea's the same.) I agree with your point, but the analogy is bad.

Re:

[soft_guy]

You are actually supposed to turn the gas off and then put a mixture of water and soap on the pipes, then turn the gas back on and look for bubbles.

That's less than half the problem

[elronxenu]

They should put the stickers on computers too.

Computers need to be secured too!

Re:

[guruevi]

Hmm... guess what it will read: The state of California does not recommend using Windows XP on this computer. Please contact your local dealer for a Linux distribution.

Better Yet

[Jesus IS the Devil]

Let's just require everyone to get a license before being allowed to go online. And once you get this license you are financially liable for any damagers caused, whether inadvertently or not, by your direct/indirect actions. These actions would include things like getting your computer hacked and becoming part of a botnet, not cleaning up trojans on your computer, allowing your PC to become an infectious node, constantly falling victim to scams, phishes, etc.

If there's one type of person worse than the bl

Moo

[Chacham]

Candidates for the new warnings.

SURGEON GENERAL'S WARNING: Internet Usage Causes Predators, And May Cause Pregnancy.
SURGEON GENERAL'S WARNING: Quitting Internet Usage Now Greatly Reduces Serious Risks to Your Privacy.
SURGEON GENERAL'S WARNING: Internet Usage By Women May Result in Fatal Injury and Unexpected Birth.
SURGEON GENERAL'S WARNING: Internet Usage Contains things Harmful To Minors.

Warning sticker to be posted a WiFi hotspots

[sjonke]

WARNING: If a stranger asks you to plug their USB WiFi adapter into your MacBook, tell them, "no", and immediately contact the authorities, especially if they are saying, "Mac? Fuck! Fuck Mac! Mac Fuck! Fuck! Fuck! Fuck!"

Sticker ideas...

[Saeger]

Let us count thee ways that a notification sticker MUST be removed before the router can be used:

1. Print a EULA on the sticker that reads: "By removing (or even not removing) this sticker, you agree to provide your neighbors with free wifi because you're a nice person; not because you're stupid."
2. Make the sticker conductive and place it over a waste-of-money-one-time-use-short-circuit.
3. Make it from a faraday cage-type material that's in the shape of a tube and initially installed over the antenna; market it as a security feature for tinfoil hat wearers.
   
4. or... the boring alternative: place it over the DC power input and ethernet ports (if any)

My money's on #1. :)

Re:

[klaun]

Make it from a faraday cage-type material that's in the shape of a tube and initially installed over the antenna;

a faraday cage-type material?? You mean like a, uh, conductor?

It is a bad idea.

[www.sorehands.com]

These nanny laws are a bad idea that are not thought through. If they required security turned on, what will they require for the password? They will assign a password like President Scroob's luggage combination.

I testified at the Texas Senate hearings that wanted to require internet filtering software included with each machine sold, saying that, "it is only $1 to add a disk." They forgot that some machines do not include an operating system, that some machines do not include an operating system, that som

Unlicensed spectrum?

[gsfprez]

How do state mandated warning stickers, people going to jail, and other government intrusions = unlicensed and open spectrum?

Lord save us all the day that 2.4 GHz becomes licensed and regulated.

Re:

[evilviper]

How do state mandated warning stickers, people going to jail, and other government intrusions = unlicensed and open spectrum?

Give me a break. Unlicensed spectrum already has numerous restrictions, such as transmit power and antenna gain. It's not electromagnetic anarchy in the 2.4GHz range.

Besides, I didn't see anything that explicitly singled-out 2.4GHz... This probably applies to consumer wireless networking equipment that uses FCC-licensed ranges as well.

Warning: This Router May Contain Peanuts

[CheeseburgerBrown]

This is a good thing. This law is not intended to protect the consumer -- it is intended to arm mild-mannered nerds such has ourselves when confronting people who claim nobody ever told them open meant open.

It is, in short, a reasonable excuse to handle oopsy-daisy! security victims with a socially acceptible level of contempt. "You say you just tore the sticker off without even reading it, ha? Well. Well, well, well."

This empowers geeks. It is a license to be snooty.

Re:

[Myself]

The question is: Does this mean that wireless networks set up after that date, and open, can be used freely under the assumption that the owner meant for them to be open, and permission is implied?

The stickers should really include a note about "If your intent is to provide open access, put )( in your SSID" or something like that.

Re:

[Gryle]

This empowers geeks. It is a license to be snooty.

Since when have we needed a licence?

WARNING!!!

[Anonymous Coward]

The State of California advises you that posting on Slashdot is irreversible, and might result in undesirable flames, and posts from people who disagree with you. After clicking SUBMIT it is impossible to revert a post, regardless of how stupid it is. In order to avoid loss of KARMA POINTS as a result of moderation, the State of California advises you to click PREVIEW prior to clicking SUBMIT in order to preview the message, to verify that it will encourage desirable responses. Also, it might be advisable to select the CHECKBOX next to the text Post Anonymously in order to completly disavow the post. It is known to the State of California that posting on Slashdot may cause stress, anger, and loss in productivity.

Are unsecured networks that bad?

[iammaxus]

Is it really so bad for home users to have unsecured wireless networks? Personally, I intentionally leave my network unsecured to allow neighbors and passerbys to share. Do unto others as you would have them do unto you, no? Perhaps I'm missing something, but aren't the security risks of having an unsecured wireless network about the same as a computer directly connected to the network (not through a router)? You should be running a firewall on each computer. As for the threat of someone using your connection to do illegal things, that is valid, but I don't think the likelihood of that is great, and if it does happen, would I really get in trouble? I find it hard to believe that I could be thrown in jail for computer fraud or something that I absolutely did not commit.

I don't mind this law much. At worst, its misleading. I think the government is mostly concerned with the last issue with unsecured networks that I mentioned. They don't want to be wrongly accusing John Taxpayer of download child pornography.

Well, couple risks

[Sycraft-fu]

One is to your data. Most Windows firewalls when set to "easy" mode have a certain level of trust for the local network they don't for the Internet. This lets people do things like filesharing without having to know how to configure their firewall. Not as secure as it should be, but you can change it and they'd just turn if off if it stopped them from doing what they want. Well anyone who doesn't want to mess with their firewall t all probably has a poor understanding that other people who can freely connec

This is a bit more sinister...

[khair]

As noted in a previous article http://www.darkreading.com/document.asp?doc_id=102 624 [darkreading.com] This is not being done to educate; it is done to control. There are two groups this shafts: 1) The ignorant "sharer" who does not understand security and gets penalized by the government after "warnings" are done away with by the penal system 2) The intentional sharer who believes in free Interent access for all. Why this needs to be legislated? Who knows... Sad state of affairs when the government tells people who is

no more open wifi

[gsn]

This will probaly lead to the criminalization of anonymous open wireless networks - it will start by simply making people legally responsible for any usage of their network even if they left it open. Dear old Tammy wouldn't get away from the RIAA by leaving her wireless network open. Oh and dearie me imagine some horrible old paedophile uses your open wireless network to find some kiddie porn and you being held responsible. If you left your network open you were not thinking about the children!!! Those anon

My poor Mother

[ovapositor]

I am just amazed at how complicated life is getting. My mother is in her 70s and would have NO clue what the heck that warning even means. She did surprise me once by asking about a firewall!

Pretty soon you are going to need a staff of people in India to help you run your busy life in America.

That actually does sound like a good law

[SCHecklerX]

It solves the problem of education while not trying to criminalize those of us who know what we aredoing. It makes sense, just like all of the stickers and warnings and such that come with car stereos you install yourself, TVs, Microwaves, Etc.

Coming to a milk carton near you...

[epp_b]

Lost: Common Sense.

He has been lost for about three years to date, but a few people are still maintaining hope. Police are continuing to investigate his kidnapping by Clueless Politicians and Thoughtless Laws. He was last seen in captivity in a few various places in the U.S., but has virtually vanished from North America. Some say that his attackers have taken him across the ocean to other continents, but sightings have still been becoming continually scarce.

If you know anything of his whereabouts

Not their job

[davmoo]

While I will agree that the general public needs to be educated about wi-fi security, at the same time I feel it is *not* the job of government to protect one from one's own stupidity. While there are still people going hungry, uneducated, unclothed, unsheltered, and without proper health care in this country, wi-fi security education should not even be on government radar, much less a priority.

Impact on torts

[Infonaut]

In the long run this will benefit the tech industry. It is much more difficult to sue a manufacturer for a defect in the equipment or how the equipment functions if there is adequate warning. As long as the mythical "reasonable person" would see the warning and read it before using the equipment, nimwits whose unsecured wifi networks get hacked will not be able to sue.

Anticipating responses:

1. Yes, laywers will attempt to weasel around this, but it will be much more difficult.
2. Yes, it costs money to create and affix labels to equipment, but it's not going to spell the end of the computer industry any more than warning label requirements on microwave ovens have brought home appliance manufacturers to their knees.
3. Yes, people will ignore the labels, but over time it will seep into the larger population; just as we stopped hearing about cats in the microwave, unsecured private networks will become less prevalent.
4. Yes, it is absurd that the legislature had to weigh in on something like this, but just because Slashdotters have more tech affinity than most people doesn't mean that the population at large is retarded.
5. Yes, I'm a pompous ass.

Encryption shouldn't be in hardware

[Myria]

I really think it's a bad idea to place encryption into hardware, such as WEP/WPA/WPA2 into wireless cards. It should be the operating system's responsibility.

A big reason that WPA2 is not taking over the market yet is because wireless cards do WEP encryption in firmware, and you can't upgrade them. A regular user cannot spend the time researching to find the exact firmware update needed for their particular wireless card. Compare with putting encryption into the operating system, where you could get WPA

Best Warning Label Evar

[Baloo Ursidae]

WARNING: California contains people and ideas known to the State of Oregon to cause extreme stupidity, indecisiveness, selfishness and the inability to accept consequences for your own actions. Contact with California and it's inhabitants should be limited or eliminated if at all possible.

Re:

[Volante3192]

I've dealt with those too, but on the other hand, how many common folk will go straight to 192.168.0.1 in their browser? Users need their hands held. If the sticker says Use the CD, by gosh, they'll Use the CD.

When I'm supporting people, sometimes I'll get to a point where they have to install something with the defaults.

I'll go "ok, you'll have about 5 - 6 screens, just agree to everything it gives you" and use the time to start working on typing up the incident...and it NEVER fails that every screen the

Re:

[PsychoSlashDot]

Canadian ISP Sympatico actually distributes 802.11g routers to its customers who request them. Those routers run a customized firmware that steps the user through some basic settings. (Ie. what is your account name... what is your password...) It also mandatorily activates WEP during this process, so once you're done and the router goes fully live, you either must be using a wired connection or using the WEP key the router randomly assigns you. You can web in to the router's admin screens and disable WE

Re:

[soft_guy]

Because WEP isn't all that secure. There are many standards you could use - WEP, WPA, WPA2, and others. and unless you know the requirements for the situation, you don't know which one people need.

Re:

[guruevi]

You don't need a freaking PhD in anything to install a wireless router. What you need to do is read the freaking documentation and apply it. If people are too dumb to understand how to program a VCR, they're imho too dumb to own a computer or for that matter install and configure a WiFi access point and should be barred from the internet until they get some education. Until then (when security becomes more costly than the ad-revenue from home-based internet access) there will be no solution for this.