The Perils Of Leaving Wi-Fi Networks Unsecured

This is tough. Im not saying you are responsible, I think it is everyone else out there that isnt taking notice.

Legal, UnFettered access is EVERYWHERE, and GROWING
————————– Jan 2009 —————————————–
Aw, come on ! ! !
Download child pornography
Download copyrighted movies and music via P2P
Download Warez and abuse your bandwidth
Send bomb hoaxes, terror or threatening emails.
Send spam (sexual aids, pharmacy or money laundering scams)

Are you for real ?
Most big cities, most towns, motels and coffee shops have, and encourage your unfettered use of their FREE access.
-
Most SUPERIOR COURTHOUSES in California provide open on-premises access. I’ll bet your state is the same.
–
Check out the emerging Google/San_Francisco partnership.
This will be *full* coverage.
http://www.sfgate.com/cgi-bin/article.cgi?f=/c/a/2006/04/08/BUGROI5S5J1.DTL
—
I want fiber speeds via wireless for FREE. Don’t You.
Come on, don’t lie to me or yourself.
—————————
I mean if you own a bank, drug store or employment agency, OK . . .turn on WEP/WAP/anything. But *knock off* the B.S. scare tactics.

Good point about the logs being flushed on reboot. Anyone choosing to offer open Wifi should be running a syslog server, which many SOHO routers support, as well as securing the admin account with a strong password.

India is considering making unsecured wireless networks illegal:
http://www.pcworld.com/businesscenter/article/151171/india_wants_to_secure_wifi_hotspots_citing_terror_threat.html

It’s all too easy to make proclamations like this, but it’s extremely unlikely that this will lead to increased security and accountability unless implemented very, very well. For example, I’m sure most people and even law enforcement personnel are unaware of how vulnerable WEP is, yet this is what most people use even today. Will the proposed law mandate the use of WAP2 instead of WEP? Unlikely.

Secondly, even if (and I mean IF) all wireless networks in the country were secured with WAP2, what is to stop terrorists from walking into an Internet Browsing Cafe (there’s one on every street corner in Indian cities)? Order all Internet Cafe owners to verify ids of all their customers? Couldn’t possibly work.

Even IF this is all done, terrorists can just use the free wireless networks provided by airports and coffee shops.

There are just too many holes to plug in securing public internet access. This money and time would be better spent funding Intelligence organizations to do real anti-terror operations.

When the fbi raids their house then they will care about wifi security

LOL

You bring up very valid points with regards to what a malicious attacker might do with an open wireless AP. All of those things should be taken into consideration by someone that consciously makes such as choice. Most importantly, I think users should be aware that their data is at risk by opening an AP. However, I’d make two points. First, wireless security sucks. WEP is trivial to break and WPA/WPA2 can usually broken fairly easily. Brad Anton. at Foundstone wrote up lots of nice attacks. So, “securing” your wifi appropriately is difficult for most home users. Second, law enforcement and the MPAA shouldn’t rely on IP addresses to establish who committed a crime (such as downloading child porn). Trying to reinforce that assumption is bad in my opinion.

I’m going to use this article to scare the shit out of our customers!!! I work for an ISP abuse department, and can’t tell you how many people have unsecured Wi-Fi’s. Thanks for a great article!!!

Tim