[TCWUG] Why secure your WLAN?

Thu Aug 14 14:31:34 CDT 2003

None of this makes any difference whatsoever. Spammers are not driving
around to find open access points, they're creating worms that infect windows
machines and turn them into proxies -- all from the comfort of home.

The same goes for kiddie porn, there are lists of hundreds of thousands of
open proxies out there that have already been blacklisted in the spam RBL's
that are perfectly fine for use as anonymizers to people who wish to participate
in child pornography.

As for the startribune story, the guy was one of the following:

1) Actually viewing kiddie porn
2) Going to porn websites and randomly clicking 'Yes'
3) (Knowingly) running executables off the web, probably the ones
that say FREE PORN JUST CLICK YES
4) Infected via the multitude of bugs in Windows, MSIE, or MSOE.

I still fail to see the reason why anyone is interested in running around
annoying/scaring/threatening/blackmailing people by telling them their 
WLAN is insecure. Companies DO NOT WANT TO KNOW, they'll call it blackmail,
call their lawyers, and force you to sign an NDA before they ever consider
securing their WLAN. Joe Blow consumer is much the same, he doesn't care,
he feels that he doesn't do anything on the internet worth spying on, and
even if he does, the chance of anyone caring enough to sit outside his house
and watch is nil.

If you really want to start securing WLAN's, you're going to have to start
with securing the systems sitting on the WLAN and the LAN. This will never
happen. You're wasting your time and opening a can of worms that will land
you in a world of hurt (and possibly jail).

Please go back and see all the local TV and paper stories about evil war
drivers and how to secure your WLAN, if those hyped up pieces of trash
didn't scare people into securing their WLAN, you walking up to their
front door isn't going to either.

</rant>

On Thu, Aug 14, 2003 at 07:42:43AM -0500, Mike Ellsworth wrote:
> One good way to get people interested in securing their WLANs is to tell
> them that random people could be using their Internet connection to download
> kiddie porn. Then they could face the same fate as the guy in England
> mentioned in a news story in the Strib this week:
> 
> http://www.startribune.com/stories/484/4034940.html
> 
> Or a spammer could use their connection to send a million spam emails,
> causing their ISP to cut them off.
> 
> These things could really happen, and I think constitute a valid concern for
> the group and anyone providing free WLAN access to the Internet.
> 
> As far as coming up with a way to find open WLANs and inform their owners
> about security without weirding them out, I'd love to figure that one out
> too.
> 
> Mike Ellsworth

-- 
Matthew S. Hallacy                            FUBAR, LART, BOFH Certified
http://www.poptix.net                           GPG public key 0x01938203

_______________________________________________
Twin Cities Wireless Users Group Mailing List - Minneapolis/St. Paul, Minnesota
http://www.tcwug.org
tcwug-list at tcwug.org
https://mailman.real-time.com/mailman/listinfo/tcwug-list