Comments on: Wireless security should not be blamed for piracy http://www.digitalsociety.org/2010/02/wireless-security-should-not-be-blamed-for-piracy/?utm_source=rss&utm_medium=rss&utm_campaign=wireless-security-should-not-be-blamed-for-piracy Pro-Culture, Pro-Commerce Thu, 08 Dec 2011 00:48:15 +0000 hourly 1 http://wordpress.org/?v=3.0.3 By: Eric Svetcov http://www.digitalsociety.org/2010/02/wireless-security-should-not-be-blamed-for-piracy/comment-page-1/#comment-3280 Eric Svetcov Sun, 07 Feb 2010 15:06:20 +0000 http://www.digitalsociety.org/?p=2324#comment-3280 George is absolutely right and Bill, you are 100% wrong. WPA or WPA2 encryption is easy to setup on any wireless router purchased in the last few years. The quickstart step by step guide that is included in most packages will walk through the process for setting up a security wireless network for anyone who is capable of reading and following directions. If a home user is unable or unwilling to properly secure their perimeter, there are numerous companies with personnel willing to come onsite to the home and properly setting up the device for a reasonable fee (similar to what a plumber or dish washer repair person might charge). Incidentally, if you read the terms of your Internet contract, it is likely that you are required by contract to prevent non-household members from sharing your Internet connection (wording is different by ISP, but you can't run a free public access service with on most home connections). So, not only are you protecting yourself from illicit use, you are also making sure that you are honoring your contractual obligations and protecting your good name. Eric Svetcov, CISSP, CISA, CISM, CIPP, CHS (and a few others...) Co-Chair ABISCF George is absolutely right and Bill, you are 100% wrong. WPA or WPA2 encryption is easy to setup on any wireless router purchased in the last few years. The quickstart step by step guide that is included in most packages will walk through the process for setting up a security wireless network for anyone who is capable of reading and following directions. If a home user is unable or unwilling to properly secure their perimeter, there are numerous companies with personnel willing to come onsite to the home and properly setting up the device for a reasonable fee (similar to what a plumber or dish washer repair person might charge).

Incidentally, if you read the terms of your Internet contract, it is likely that you are required by contract to prevent non-household members from sharing your Internet connection (wording is different by ISP, but you can’t run a free public access service with on most home connections). So, not only are you protecting yourself from illicit use, you are also making sure that you are honoring your contractual obligations and protecting your good name.

Eric Svetcov, CISSP, CISA, CISM, CIPP, CHS (and a few others…)
Co-Chair ABISCF

]]> By: George Ou http://www.digitalsociety.org/2010/02/wireless-security-should-not-be-blamed-for-piracy/comment-page-1/#comment-3244 George Ou Fri, 05 Feb 2010 21:15:34 +0000 http://www.digitalsociety.org/?p=2324#comment-3244 @Bill Stewart, Did you even read my specific criticism and the quoted text? Digital Wrong was NOT claiming that it was too hard for an end user to secure their networks or not; they were claiming that it was impossible to do because the hardware doesn't support it. Furthermore, you don't need to be a "trained professional" to implement WEP. More importantly, WEP is useless. Furthermore, logging is irrelevant here if you lock your network down. It's interesting that you've chosen to ignore all of this and that you've chosen to ignore my two sentences teaching people how to implement good WPA security. It sounds more like a case of you not wanting to know how to implement good security because it's a good cover for piracy. As for sharing your network with the whole neighborhood, that's effectively the same thing as going to the buffet, buying one all you can eat meal for $10, and then bringing in 20 of your neighbors and friends to eat. It doesn't fly economically. @Bill Stewart,

Did you even read my specific criticism and the quoted text? Digital Wrong was NOT claiming that it was too hard for an end user to secure their networks or not; they were claiming that it was impossible to do because the hardware doesn’t support it.

Furthermore, you don’t need to be a “trained professional” to implement WEP. More importantly, WEP is useless. Furthermore, logging is irrelevant here if you lock your network down.

It’s interesting that you’ve chosen to ignore all of this and that you’ve chosen to ignore my two sentences teaching people how to implement good WPA security. It sounds more like a case of you not wanting to know how to implement good security because it’s a good cover for piracy.

As for sharing your network with the whole neighborhood, that’s effectively the same thing as going to the buffet, buying one all you can eat meal for $10, and then bringing in 20 of your neighbors and friends to eat. It doesn’t fly economically.

]]> By: Bill Stewart http://www.digitalsociety.org/2010/02/wireless-security-should-not-be-blamed-for-piracy/comment-page-1/#comment-3242 Bill Stewart Fri, 05 Feb 2010 19:43:44 +0000 http://www.digitalsociety.org/?p=2324#comment-3242 You're mixing up two issues - whether a trained professional can prevent future use of your wireless system vs. whether an untrained amateur can determine whether anyone used their wireless in the past and prove it to a court. Yes, with 99% of the equipment out there, a trained professional can enable at least WEP protection (I'm not sure what fraction of deployed equipment only has WEP, and you can argue about whether the neighbor's kid using WEP crackers counts here.) But what fraction of wireless ports turn logging on by default, or keep logs forever, or can be have the logs read by a non-technical amateur who's not willing to spend over L500 hiring experts to defend themselves? I'm guessing that's fairly low, though probably non-zero. And what fraction of people leave their wireless access open for guests, even though some ISPs have tried to scare them away with hype about drive-by terrorist copyright-violating illegal-porn-downloaders? Furthermore, your later blogs have caught up with the fact that at least in the US, the RIAA/MPAA aren't starting out with kinder gentler warnings or stopping at $1000 payoffs - they're much more aggressive than that. You’re mixing up two issues – whether a trained professional can prevent future use of your wireless system vs. whether an untrained amateur can determine whether anyone used their wireless in the past and prove it to a court. Yes, with 99% of the equipment out there, a trained professional can enable at least WEP protection (I’m not sure what fraction of deployed equipment only has WEP, and you can argue about whether the neighbor’s kid using WEP crackers counts here.) But what fraction of wireless ports turn logging on by default, or keep logs forever, or can be have the logs read by a non-technical amateur who’s not willing to spend over L500 hiring experts to defend themselves? I’m guessing that’s fairly low, though probably non-zero. And what fraction of people leave their wireless access open for guests, even though some ISPs have tried to scare them away with hype about drive-by terrorist copyright-violating illegal-porn-downloaders?

Furthermore, your later blogs have caught up with the fact that at least in the US, the RIAA/MPAA aren’t starting out with kinder gentler warnings or stopping at $1000 payoffs – they’re much more aggressive than that.

]]>