There's nothing illegal in trying to be connected
to an opened network, even wirelessly.
I saw members of the "Golf Club Grand-Ducal" being surprised that they
might get connected to the Internet from the club house, by using the
golf club wireless network. What's wrong with this, if the network is
opened ? If it is opened, what law should prevents you to use it ?
If I leave money on the sidewalk, I don't expect a law to force the
discoverer to return it to me...
Now, if you try to force the access to a computer that prompts you a
legal warning like "Access to this server is strictly limited to the
authorized users", then you've been warned that you entered a private
property. But even, I'm not sure there are laws against this in
Luxembourg. There are defenitely such laws in USA and other states of
EU, but I'm not aware of such laws in Luxembourg.
Even in the UK (London), young guys are writing with chalk wireless
network characteristics on buildings and sidewalks to make easier the
connections of future unexpected users. I never read anything about an
arrest of such guys. A recent study made in the US showed that a
majority of the corporate wireless networks where opened or weakly
protected. For me, having such a wireless network at home is like
putting an unattended ethernet outlet outside your home: you just
publish to anybody all what is on your home network: advocate letters,
private e-mails, web browser cookies and history (so potentially your
sexual preferences with lot of details). I'm not yet convinced that the
new 802.11X encryption mechanism is safe, so I strickly advice for the
time being to consider wireless connection as practically unavalaible,
or equivalent to an open network, until proof of security is obtained
from other peoples than the related hardware vendors.
What is strange to me is that GSM technology is older, much more widely
used, and gives potentially interesting informations and ways to gain
money if cracked (I'll not explain you how. Just imagine yourself) and
seems to be safe up to now. I don't expect somebody to call using my
GSM credit without my chip, as I don't expect anybody unautorized to
listen to my conversations when using a GSM. (Lady Di was using a
wireless analog phone, not a GSM). It even offers strong
authentication, what wireless network does not yet (if I'm well
informed). So why the wireless vendors, that suffers strongly from
justified untrust regarding the security of their network, didn't
managed from years to secure their devices ???
Other experiences I had (through customers) was
that devices from different vendors were poorly interoperating (limited
distance, rapid performance degradation, ...) and that it was very
limited when used in a armed concrete building or even an old
traditional house, made of stone. Also, with accessible Gigabit
Ethernet devices and switches, and DSL+ technology (bringing up to 25
Mb/s Internet connection soon), I think current wireless technology
(802.11G) is really limited: the standard specify 54 Mb/s
shared
bandwidth on each of the three channels. Knowing that only three
channels is too few to garantee the usability of the technology in all
topologies, don't expect to use more than one such channel. Compare 54
Mb/s (maximum theorical shared bandwidth) with 1000 Mb/s switched,
there's no hesitation.
As already explained in this mailing-list, if you
really need this technology, consider the wireless segment as opened,
put firewalls at each connecting point, and establish VPN on this
unsecure link. Good luck.
If the people you are speaking aobut are using
Internet Explorer on Windows connected to the Internet, I don't see the
point of warning them about the dangers of wireless technology... They
are already opened to the world !
Cegecom made a PLC (Power Line Carrier) test in
Luxembourg around 2000. They connected a village through the power
outled to the Internet. No possible check about the amount of
connection using each home access point. No filtering at all. Not even
a network topology separating the homes. In this case, when you clicked
on 'Network Neighborhood", you had really a picture of your
neighborhood's network ! Amazing ! So what's wrong with opened wireless
networks ???
By the way, this mailing-list and club is not about Linux but about
free software in general, opened to other near technologies, such as
OpenSource and BSD.
Paulo Ribeiro a écrit :
Hi
everybody,
This has little to do with Linux but more with security. If this
request is off topic, simply diregard it and I won't do it again, I
promise :).
As the Lilux people seem to have legal knowledge about things in
Luxembourg and great ideas/advices on how things work with government,
I thought I could ask this here.
I happened to bump into two 15/16 year old guys who were wardriving in
my "Cite". I was quite impressed. Actually, they were by foot. One
holding the PC and the antenna, the other holding a piece of paper
probably writing the details of their discoveries.
Well, this is only my personal opinion but I cannot help myself and
think about what they would do if they found an unprotected network.
My questions are:
How to make people aware of the dangers?
Write to the city hall to ask them to produce a small piece of paper
and put it into people's brief cases?
Organize some kind of event? with whom? by whom? Maybe this was already
done?
Are there organizations that care about those awarness programs and
would be glad to help?
Does anybody know if foreign governments have such programs?
As you see, I don't know much but I was willing to try something.
Thanks for any suggestions/advices/ideas :)
Paulo
_______________________________________________
Lilux-help mailing list
Lilux-help@lilux.lu
http://lilux.lu/mailman/listinfo/lilux-help
--
Brent Frère
Private e-mail: Brent@BFrere.net
Postal address: 5, rue de Mamer
L-8280 Kehlen
Grand-Duchy of Luxembourg
European Union
Mobile: +352-021/29.05.98
Fax: +352-26.30.05.96
Home: +352-307.341
URL: http://BFrere.net
If you have problem with my digital signature, please install the appropriate authority certificate by browsing https://www.cacert.org/certs/root.crt.