Local Politicians Say Open WiFi Should Be Illegal
from the seems-a-bit-extreme dept
It's quite well known that there are security issues with WiFi networks, but there are ways to take precautions and make yourself pretty safe. As education gets better, it the security risks shouldn't be as big a deal. However, some local politicians in Westchester County, NY have decided to go a step further. According to Guy Kewney, Westchester's County Executive is proposing a law that would basically outlaw open WiFi from any commercial business. As Kewney points out, in the description of the "problem" it appears that the politicians are a bit confused about the actual problem, mixing up a few different issues related to WiFi and security. Obviously, it's a good idea to encourage commercial WiFi providers to make their networks more secure -- but does it really need a law? Update: To clarify, since there's some confusion, by "open WiFi," we mean unsecured WiFi. They're not saying businesses can't offer WiFi, but that it has to include security. But, the examples the politicians give are all just about regular open WiFi access points.Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Reader Comments
Subscribe: RSS
View by: Time | Thread
Politicians are stupid
[ link to this | view in thread ]
back assward
[ link to this | view in thread ]
Not that bad of an idea
[ link to this | view in thread ]
Re: Not that bad of an idea
Great! Your right we must put an end to free wi-fi. (note the dripping sarcasm)
[ link to this | view in thread ]
No Subject Given
"The law, which was recently submitted to the Board of Legislators, would require Internet cafes as well as commercial businesses that use wireless networks to take basic security precautions to protect private customer information from potential data thieves and hackers."
Though I think they have the concept of what a firewall actually does a little confused.
[ link to this | view in thread ]
Re: Not that bad of an idea
[ link to this | view in thread ]
RTFA
They want open wi-fi providers to put up firewalls. Jesus H. Christ, it's the end of the Internet!! (notice the reactionary hyperbole.)
[ link to this | view in thread ]
Internet Security
[ link to this | view in thread ]
The problem is...
Think Apple, Linux, etc.
[ link to this | view in thread ]
Wi-Fi laws
[ link to this | view in thread ]
No Subject Given
[ link to this | view in thread ]
Re: The problem is...
Just because you got a grudge about OS choices doesn't mean that it is actually the root of all that is evil. Politicians are.
I have already seen how these coffee shops - when faced with a court order - refuse to divulge information about who did something illegal on their network (and I am not talking about file sharing). So they get no sympathy here. If they refuse to enforce some kind of standard on it then someone has to.
[ link to this | view in thread ]
I'm confusesd..
Surely anyone who is providing open wifi to their customers must have a firewall, or separate service to insulate their servers.
[ link to this | view in thread ]
Very Bad Idea
Sure it's a great idea that businesses don't have an 'open' wifi connection, but do we have to make a law about it?
Why don't we just ban computers? That's what's causing the problems, right?
[ link to this | view in thread ]
No Subject Given
[ link to this | view in thread ]
In other words...
[ link to this | view in thread ]
WiFi
[ link to this | view in thread ]
Crap Law
[ link to this | view in thread ]
read carefully
[ link to this | view in thread ]
Re: back assward
So there is 24hrs banking in Brazil anymore (unless is online)
[ link to this | view in thread ]
No Subject Given
.
What else would one expect?
[ link to this | view in thread ]
Wireless Mesh Communities
http://research.microsoft.com/mesh/
Got Windows XP and a wireless card? Setup a mesh.
[ link to this | view in thread ]
Spano in bed with Cablevision: Westchester Telecom
[ link to this | view in thread ]
WiFi Legislation Ramifications
[ link to this | view in thread ]
Come on people... READ.
[ link to this | view in thread ]
Re: Come on people... READ.
[ link to this | view in thread ]
Re: WiFi Legislation Ramifications
[ link to this | view in thread ]
Re: I'm confusesd..
[ link to this | view in thread ]
Most Of You Have Misinterpreted
He IS saying that businesses that hold confidential user data in their computers or network MUST enable some kind of security to protect that data if their networks are accessible through WiFi.
This seems like a basic step that should be a no-brainer, but some business owners are not savvy on tech issues.
A stupid example is: say you're a woman with grey hair and you secretly dye it blond. Your hairstylist has invoices in her PC for you with the line item "blond hair dye". If the stylist has WiFi, and no security, it is possible for someone to hack their system and find out you dye your hair. More seriously, credit card numbers might be vulnerable.
This law proposal DOES NOT apply to Wi-Fi Hotspots, which are INTENTIONALLY left open with no security.
Businesses, like dry cleaners, which offer free WiFi to customers but that WiFi is also connected to the business' PC would have to secure their PC with a firewall, while they could still leave the WiFi unsecured.
So stop complaining. This is almost irrelevant to anyone who doesn't own a business, in Westchester County, that offers unfettered WiFi access, and where that WiFi network is also connected to sensitive customer data.
The law makes sense, and just protects customer data from potentially careless business operators who don't understand the risks of the WiFi networks they installed. I, for one, like the idea.
I imagine a lot of people complaining right now would be more angry if they found out they were the victims of ID Theft, caused in part by their dry cleaner's sloppy IT practices.
[ link to this | view in thread ]
Re: back assward
[ link to this | view in thread ]
Setting the record straight...
The law DOES apply to public Wi-Fi hotspots, requiring them to provide a minimum level of security to ensure that confidential customer data is not also accessible via the wireless network that the public can use. It also asks that they post a sign saying they have done so, but reminding users to still exercise discretion. The last point is there to remind users of publicly available shared Wi-Fi connections that they may be sitting in a common open network and could be putting confidential information on their own computers at risk. We hope that these users take at least elementary steps to install some defenses on their computers.
While it would be nice to assume that business owners know they need to secure their wireless networks, many of them obviously don’t. In our 20-minute drive through downtown, Netstumbler showed that at least half the networks had no obvious security. OK, so some may have another layer of security not immediately visible, but --just standing outdoors on a street -- we were repeatedly able to piggyback on these networks to get to various Internet sites. We weren’t going to break the law and hack into “internal” computers on these networks to prove the point, but a variety of studies by others have shown that about a third of these networks are quite insecure.
One of the biggest reasons Spano took the legislative route was to raise public awareness – and that campaign is still to come. The risks of Wi-Fi use may be obvious to all of you, but that’s simply not the case for all the novice computer users and small business owners who are going out in droves to buy cheap Wi-Fi equipment and then firing it up without doing even the most basic security configuration. (You’d be surprised at how many these people have even left the SSID at the default name that the device came with.) We are creating a brochure that lists the steps one can take to protect their network and will distribute it through local business groups and at events.
Our hope is that people won’t look at this as just one more layer of legislation, but rather will see that this is an issue they WANT to comply with given the risks.
Finally, we too think that Wi-Fi is a great technology. But like everything else with technology, we just want it to be used wisely.
[ link to this | view in thread ]
Re: Setting the record straight...
[ link to this | view in thread ]
Re: Setting the record straight...
As far as I can piece together from your posting and the rather less cogent press release, the law would do four potentially unexceptionable things:
--mandate firewalls between public Wifi networks and networks holding customer information. I'm free to have an Internet cafe, as long as I process credit cards on a separate, secure network.
--mandate that businesses handling confidential information use an encrypted network. Does (should) WEP count or only WPA?
--mandate that businesses handling confidential information install a firewall. If this only applies to wireless networks it is stupidly underinclusive: the threat there is from the WAN and that is there for wired and wireless alike.
--try to educate users of public hotspots that they are NOT secure. God knows this is needed: half the idiots sitting at computers in Bryant Park have NO firewalls and have Windows shared drives. I have the firewall logs full of UDP=137s to prove it.
Anyway, Saint Stallman forgive me but I don't hear the muffled tread of jackboots in any of the foregoing.
[ link to this | view in thread ]
Re: Setting the record straight...
[ link to this | view in thread ]
Re: back assward
[ link to this | view in thread ]
Re: back assward
[ link to this | view in thread ]
Re: back assward
Not to worry.. This stupidity will never happen.. Here is the federal law protecting the installation of wi-fi systems..
http://www.fcc.gov/mb/facts/otard.html
Also, the Federal Communications Act of 1934 also declared the "Open Skies Policy", so the reception of open radio signals cannot be restricted in any way, and since wi-fi is "unlicensed operation", FCC rules don't really apply to wi-fi anyway, no matter how much they would like them to...
Quote from the very first paragraph in the FCC rules and Regulations...
"These rules and regulations apply to person with a license or prior written agreement with the FCC"....
That is a key statement right there.. If you do not have a license of prior written agreement with the FCC, then their rules and regulations do not apply to you as a free American Citizen in any way, shape or form.. (I know some dwebe HAM operators will argue with that, but you idiots have licenses and prior agreements, so the rules do apply to you..)
Rules and Regulations are not LAWS... Rules and regulations are optional, like wearing a tie to get into the country club... If you don't want to wear a tie, you can just stay out of the country club.. As soon as you sign and FCC license, you have contractually agreed to abide by their rules and reg's.... So don't ever sign such an agreement...
The only exception to this is the interference with emergency service communications, and that is a law, not an FCC rule.. Big difference..
So, not to worry... Anyone who thinks this is a good idea should just go ahead and move to Russia... They will welcome you there... LOL!!!
IT JUST ISN'T HAPPENING!!!
Total stupidity that isn't really even worth discussing any further....
Later....
Chuck D
[ link to this | view in thread ]
Don't you think that this applies to everything?
The deal here is that no security is good security.
Provided Uncle Sam now has access to everything you say, write, and type in your little cubicle, there is no more privacy. There is no more AMerica.
At this point, we should either fightr back, or put away the Stars & Stripes to make room for the Hammer & Sickle.
[ link to this | view in thread ]