From: ietf-bounces(_at_)ietf(_dot_)org
[mailto:ietf-bounces(_at_)ietf(_dot_)org] On
Behalf Of Ted Faber
On Wed, Jan 18, 2006 at 02:23:49PM -0500, Steven M. Bellovin wrote:
In message <20060118185700(_dot_)GS96731(_at_)hut(_dot_)isi(_dot_)edu>, Ted
Faber writes:
On Wed, Jan 18, 2006 at 10:30:31AM -0800, Hallam-Baker,
Phillip wrote:
The result is that 70% of wireless access points are
open and can
be used by Internet criminals to achieve anonymous access.
Loaded statement? Check.
Precise statement? Check.
Supported statement? Hmmmm.....
I'm not sure which part your claiming is unsupported; my
own informal
measurements agree with the 70% number. I'm not at all
convinced that
"Internet criminals" use such access points as a major means of
access, though.
Well, none of it's supported. Your statement above about
informal measurements is support for your statement of 70%
and indirectly of his.
The figure came from a presentation at an (anti-) Internet crime
meeting. I do not remember the source.
Although I do have similar concerns about figures like that being
repeated without verification it is certainly believable and compatible
with my own experience.
Going from an open access point to anonymous criminal access
seems much more implausible to me. There are all sorts of
hurdles one could put up between "no link level protection"
and "anonymous criminal access." But again, I'm wrong all
the time and a citation for that much more damning statement
would be very welcome. Without one I feel like I'm watching
local news.
As for the use made by criminals, that has been documented and the
frequency is increasing. In one case in Toronto a pedophile was caught
surfing the Internet from his car with no trousers on... We see quite a
few script kiddie level hackers using open WiFi connections.
It would not have been difficult to design WiFi in such a way that it
was secure by default. None of the mechanisms provided to consumers has
met that requirement.
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf