Next stop, the local library. Unsurprisingly their access points were unsecured, very well you say as it's meant to be public. Yes, and, no. A public network should be accessible, but shouldn't each separate link (wifi-user) be encrypted from other users to avoid sniffing? Well I that's my take, it seems to be a question few people asking when it comes to security of intentional-open public networks accessible to everyone (e.g. libraries, major transport hubs, etc., etc.). Whilst SSL, will in most cases, help a user protect credit card details, email logins etc., all other internet bound traffic can be sniffed easily. With the advent of 4G I'm expected the ISPs and Mobile telecoms to converge somewhat, and, hopefully develop viable solutions to this problem. The mobile telecoms already did this for GSM (and presumably 3G and HPSA are also encrypted but I don't know enough about them to say for sure), albeit weak encrytion by today's standards but they did achieve it. Now the same technology is required for WiFi points.
In summary, in the past we sent information via emails and MSN messenger that we perhaps might not wish others to get their ends on, and, we (or rather those of us who are tech-savvy) did this with the knowledge it was sent in clear-text. In those days, it was an acceptable risk (as long as you weren't given your credit card details to a mate) you could see the cable to your internet modem and you were happy that no one was siphoning your data from there. Then you were happy that no-one at your ISP was that interested in your data (they should be earning enough from the $£ you send them once a month). Once it was there, you were reasonably happy that fred-next-door doesn't know you called him a c**t to your sister on MSN. The difference now-a-days is that the node closest to you is no longer secure, so those in your immediate area can snoop were they couldn't before wifi came along. Particularly because, attackers can now be yards away from you, there is an enhanced social-security issue. Vulnerable individuals, such as children, could be put at greater risk. For example given the library scenario, a child may message a friend using an IM such as MSN, if they have a photo of themselves and their IM alias is their real name, a wifi sniffer could easy intercept this through an unsecured wifi point. Once a stranger can put a name to a child's face, the child is at a much greater risk. This example is one of many, I'm sure this is one of the more convoluted examples but I hope it is understandable to most.
As for Motherwell, I know that most of my, or at least most of the younger, relatives are using Facebook. In fact, a 15yo relative posts at least three public fb messages a day, complete with scottish accent. So, I can't pass too much judgement on the town with regards to social media, but as wifi points go I think hotels should restrict wifi to patrons only, and, libraries should restrict theirs to members only. To be honest, I wouldn't be surprised if Motherwell was the UK's most gravitating internet blackhole.
Or you can ignore me completely and join the campaign beneath:
http://www.dansdata.com/gz080.htm
No comments:
Post a Comment