| Matthew Rosewarne on 10 Dec 2007 20:19:04 -0000 |
|
On Sunday 09 December 2007, Brian Vagnoni wrote: > Say you commit some type of fraud, in the process you break a locked door > to gain access to these records in a file cabinet. You may get prosecuted > for the fraud and the breaking and entering you may just get hit with the > fraud charges. Getting the ip address is like breaking and entering. On an > open access point in would be considered a home intrusion. It's theft of > service. It's not breaking and entering if you don't close the door. If you had one of these flimsy wireless encryption schemes and someone breaks it (which is quite simple for any malicious user), _THAT_ would be equivalent to breaking and entering. Using an open AP is like walking into a building with an open door, which presumably indicates that the owner doesn't mind you coming in. On Sunday 09 December 2007, Brian Vagnoni wrote: > For me it's no different that tapping into some one else phone line. When > does the crime occur, when you actually splice into the phone companies or > victims wire, or when you make a phone call. Again it's really a point of > law which doesn't always mean the spirit of the law or general reality Actually it's entirely different. It's not tapping a phone line, but more like using a public phone (if such a thing were to exist). On Sunday 09 December 2007, Brian Vagnoni wrote: > A: Wireless is certainly the way of the future. From a security > perspective, I don’t see any major additional risks. Sure, there’s a > potential for messing everything up, but there was before. Same with power > outages. Data transmitted WIRELESSLY should probably be ENCRYPTED and > AUTHENTICATED; but it should have been over wires, too. The real risk is > complexity. Complexity is the worst enemy of security; as systems become > more complex, they get less secure. It’s not the addition of wireless per > se; it’s the complexity that wireless — and everything else — adds.Which is > it Bruce? What is good at work is not good at home? Where does Bruce contradict himself? You should apply encryption and authentication to everything that where you need trust or confidentiality, regardless of medium. The complexity comes down to the fact that you can't rely on any sort of physical segmentation, which is a similar problem to proving services securely over the internet. The notions of traditional strong-border security were somewhat unrealistic in the first place., and they go out the window entirely when you need to offer services remotely or wirelessly. I want REAL security, not pretend security. WEP/WPA is pretend security. > But in the end it's up to each person, to steal or not to steal is the > question? There's no stealing going on. If you see an open bowl of mints in a restaurant, is taking a mint stealing? On Sunday 09 December 2007, Brian Vagnoni wrote: > Steven since you seem to like open networks at home, you wouldn't mine if > we all come over and splice into your phone line and make long distance > calls to Japan? :) Well, if I had a plan that allowed me to make unlimited calls to Japan and you didn't block my calls, I don't see why not. On Monday 10 December 2007, Brian Vagnoni wrote: > Just remember unlimited plans aren't unlimited. They did away with that as > a service term in the 90's. Well at least most of the big ISP and carriers. That's debatable. There are some legal wranglings over that very issue going on now. This needs to be resolved anyway, since I don't accept that someone can sell a plan as unlimited and put limits on it. > It's no different to the law Brent it's theft of service plain and simple. You can't steal something that's being given away, so it's not theft of anything, plain and simple. Attachment:
signature.asc ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|