[dundee] Open Wi-Fi 'outlawed' in Digital Economy Bill

Arron M Finnon finux at finux.co.uk
Wed Mar 3 22:10:39 UTC 2010 

Iain Barnett wrote:
> Sorry for the slow reply, I didn't have any internet access! :D
>
> On 2 Mar 2010, at 09:41, Lee Hughes wrote:
>
>> Correction Iain, reading the thread (that my email client manged beyond
>> belief) that you do understand wifi and encryption etc etc,
>>
>> I'll take those comments back! sorry! :-)
>>
>
> Well, your karma was that after the first line I didn't read your
> comments either :-)
>
>
> On 2 Mar 2010, at 01:22, Rick Moynihan wrote:
>
>>
>> Equating "crap network security" with open hotspots is a sweeping
>> generalisation, and I find it hard to believe that legislation is
>> going to improve the security of the average household.
>>
>> Networking is not a crime any more than building roads is, and we all
>> know bank robbers use Roads for their get-aways!  The world needs more
>> free, open registration-less WiFi, not less.
>
> I _do_ equate anonymous access with a bad setup. If you can give me
> one good reason to run a network that allows entirely anonymous access
> (at the local level) that would make sense to anyone who spends their
> time running a network, you go for it! I can't see "Completely Open
> and Anonymous Networks 101" reaching a (good) network security course
> any time soon :-p
No one said that, its an argument at an the termination of the
connection.  Offering free wireless at uni's and libraries does not
imply that A) they are badly managed, B) that those users some how
penetrate the inner sanctums of grades or housing records, C) that
having any form of wireless protection will stop you from being
attacked, D) That the network doesn't suffer from crappy network issues.

Side issue on this is i wonder how many companies are a little like
armadilos, you know tough outside but once your in crack the skin they
are all soft.  How many companies have anything once your past the doors
and plugged in, a wireless network broadcasts a door to a gateway.  How
the gateway is managed is the issue.  Personally i don't run a wireless
AP on the gateway, i also don't have an unsecured network.  From time to
time i do however suffer from crappy network issues
>
> I could only come up with avoiding the long arm of a totalitarian
> regime, but that stretched the point into a new one. Or the "Sex And
> The City meets the Spice Girls" argument - because we want to! :-p
> Always a poor one for me.
Sorry but it seems your saying because "we want to" is a valid point,
which in fairness means because "we don't want it" is fair as well. 
I've harped on about the term debate before on this thread.  I feel more
so justified.
>
> However, due to this discussion I had a look and I did find an article
> in which Bruce Schneier advocated it (for himself, at least).
> Schneier's arguments rely on the practical aspect of (and I
> paraphrase) "it doesn't matter to me" or "it's bad elsewhere so why
> bother, better to focus on other aspects", because the technical
> reasons are so weak, which, to his credit, he admits.
>
> http://www.schneier.com/blog/archives/2008/01/my_open_wireles.html
>
> It didn't convince me at all. Comments section was quite good though.
Schneier is always a good read, and defo has some good insight.  Off
topic David Hoelzer from SANS was doing a great webinar on WIRELESS
AUDITING: SECURITY ISSUES WITH DEMONSTRATIONS.  I missed it
unfortunately however if i see the video come up anywhere i'll drop a
post about it, he's a rather good instructor.
>
>
> On 1 Mar 2010, at 19:34, Arron M Finnon wrote:
>
>> Under the DPA your only allowed data which your have a right to have,
>> not data you wish you had.  A forum requires interaction via email,
>> not too hard of an argument to make, not quite the same for wifi. 
>> either way what small business need is a little more red tape in
>> supplying services to its customers, and an increase in insurance for
>> the risk i mean that seems the way to encourage a digital britan
>
> That's not right and never has been. For a start, it's the person
> giving the data who has rights, not the service. A service can ask for
> whatever they say they require to set up a contract, not what is
> needed to actually run the service. Quick search... ah!
> http://en.wikipedia.org/wiki/Data_Protection_Act_1998#Conditions_relevant_to_the_first_principle
Maybe we're at ends but isn't the necessary part, being the word of the
day here, and thanks for the ah that helped loads.

Now translate this anyway you want but my point was pretty clear that
you can just hold data because you want it.  Or just because you think
that its necessary to limit your liability to mad mandy and digital
dismantlement team


>
> Furthermore, you can run forums with anonymous access, they're not
> some sort of special service apart from everything else, and neither
> is wifi. The logic, therefore, didn't hold.
You raised forums, but the point i made is that they user to user
interactive, a communications table/board so on and so forth. 
>
> I increasingly lost the will to keep reading after that*, as you were
> arguing against points I hadn't made, having characterised them as
> black and white thinking, which only really showed up in your own
> responses as they set up a false dilemma. When dealing with humans
> there are things like "reasonable" and "mitigation". Things like
> leeway exist, or demonstration of having made a decent effort. Making
> somebody legally responsible for a road doesn't make them responsible
> for every bad piece of driving on it - that's obvious and _implied_ by
> use of the word "responsibility" - its use begs further definition,
> agreement or examination. Otherwise we all slip into the whirlpool of
> doom that is the Perfection Fallacy. But I'm not going to answer every
> point because it would be fighting a strawman.
Funny i was thinking the same about the black and white, but maybe at
different ends.  I bow to your superior knowledge on fighting strawman,
i'm a little bit of a n00b at that
>
> I'm not saying you set that up deliberately, but it just seemed to me
> you missed the point of what I was trying to say. Maybe I put it
> across badly, or maybe you're suffering from the same
> non-reading/mis-characterisation disease as Lee? :-p
Motive points raise emotive answers, i mean its a point of perception. 
TBH i find the concept that the DEB will sort out a lot of crappy
network issues just plain right ludicrous.  It would seem that i'm not
alone.

I declare an interest here, i'm count Lee as a good friend.  When he
makes errors he tends to make apologise for those mistakes.  To me its a
sign of good character and honest motives, the characterisation seems to
be one way here.  I make no apology for saying that, cut the boy some
slack.  We make mistakes, you picked on a topic that you knew a lot of
people on this list where motive about, had already posted about and you
picked a alter argument to everyone else.  Not saying that is a bad
think mind you.  They maybe good motives for it, it maybe you truly
believe that this will fix the ills of crappy networks, or you may just
like trolling and getting into debates, either way its all gravy.  I
just think its a little unfair to be down right aggressive with you
slating of lee there, i don't know if you meaning it jokingly or if its
intended to cause a reaction.
>
> Regards,
> Iain
Always a pleasure to receive an email from you on this subject,
>
> *I did read it though ;)
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> dundee GNU/Linux Users Group mailing list
> dundee at lists.lug.org.uk  http://dundeelug.org.uk
> https://mailman.lug.org.uk/mailman/listinfo/dundee
> Chat on IRC, #tlug on irc.lug.org.uk


-- 
Arron "finux" Finnon

Finux.co.uk/blog - Twitter.com/f1nux - facebook.com/finux

Podcasting for HPR and TRACsec, shows can be found at;
http://hackerpublicradio.org/correspondents.php?hostid=85
http://www.tracsec.com 




-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.lug.org.uk/pipermail/dundee/attachments/20100303/85f8abff/attachment-0001.htm

More information about the dundee mailing list