On 18-Jan-2006, at 15:35, Dassa wrote:
I don't see the 70% of access points being open actually. My own
figures
indicate less than 20% within the local area, information from
capital cities
tends to suggest a slightly higher figure but certainly not that high.
It depends a lot on the nature of local internet services, I think.
Where I live, flate-rate 3-5Mbit/s cable/DSL internet service is
cheaper than buying a dedicated phone line to use with a modem at
~56k, and consumer-grade 802.11g access points can be had for a
couple of dollars after mail-in rebates.
From informal wandering around my residential neighbourhood, I would
say that >98% of access points reachable from the street have no
access control.
Since there are no scary bills that arrive from ISPs at the end of
the month if someone outside has been red-lining the DSL, I suspect
that people have little incentive to keep other people out.
I also suspect that since DSL and cable internet service is so cheap
here, for most people it's far more sensible to pay for their own
rather than to stand out on the street in the snow with a laptop and
a pringles can.
I doubt that it's possible to reverse the trend of widespread,
unsecured network access. Any manufacturer of access points who turns
on security measures by default with a random, device-specific
initial password supplied in the documentation is (a) going to have
higher production costs, and (b) much higher support costs than
competitors who ship everything open and ready to run with no
configuration.
Maybe it doesn't matter. I struggle with the idea that there might be
roving gangs of organised criminals stealing internet access from
wifi-equipped black vans. There are surely much cheaper, less labour-
intensive ways to gain illicit access to the network than that.
(It has certainly been very handy for me, more than once, to be able
to use my neighbour's cable modem from my living room via 802.11
while my DSL was down.)
If there's a lesson to be learned here, maybe it's this: if you
aspire to see your protocol or service reach widespread, consumer-
level acceptance, and it is desirable that the service or protocol be
deployed securely, remember that if the security is optional nobody
will turn it on.
Joe
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf