[AusNOG] Wifi Security and Interception
Mark Newton
newton at internode.com.au
Wed Jun 9 11:43:04 EST 2010
On 09/06/2010, at 9:14 AM, Bevan Slattery wrote:
> I can see the people on the CREDITCARD-NOG pointing out that the banks shouldn't have to re-imburse that tech-noob because he was so stupid to let his credit card out of sight. And as he was not taking the appropriate security precautions, it's his own fault.
The law actually says that the bank DOES have to reimburse the tech-noob,
who is perfectly entitled to fill out a form to organize a charge-back
on fraudulent transactions and get their own money back at the bank's
cost.
But the law also says that if the tech-noob builds up enough of a
history of being the target of fraudulent transactions, there's no
reason for the bank to continue to offer credit card services.
The noob gets a soft landing for the odd occasional transgression,
but if they consistently allow the security of their personal
finances to fall by the wayside they'll face their own set of
consequences.
The rules our society operates under are a balancing act based on
competing priorities and mutual obligations. Where's the mutuality
in the view you're elucidating about unprotected WiFi? Where's the
obligation on the person who is broadcasting their private data
to all and sundry?
While you're talking about the deliberate act (capitalized, no less)
required to exploit a homeowner with an open door and an "on holidays"
sign, you need to contrast that against the fact that Google clearly
amassed the data they captured by accident -- and the only reason they
were able to do that is because it was being broadcast in the clear.
> Maybe I'm just getting old and I'm a sentimental fool. But I used to live in a time where people respected other peoples property and understood what was right and what was wrong.
This isn't a question of whether anyone understands what was right and
what was wrong. I hope you can agree that the people who disagree
with you aren't doing so because they lack a moral compass. We're all
guided by a strong sense of right and wrong which doesn't happen to
agree with yours.
The issue for me is that electronic privacy is an issue that our
society hasn't had time to fully accommodate yet, and the understanding
about what, precisely, happens to be right and wrong varies from one
person to another.
In that environment it's insane to specify hard-and-fast rules. Where's
the consent of the Governed? How does the Government know which privacy
expectations should be backed by criminal law and which ones are
informed by laziness and poor understanding?
Just to make sure you understand where I'm coming from, and where the
confusion is: Here's an article from 2009 describing something that
the Queensland Police think is on the "right" side of right-and-wrong:
http://www.itnews.com.au/News/150387,queensland-police-plans-wardriving-mission.aspx
Why aren't they being investigated by the AFP? Why weren't you posting
messages to AusNOG last year about how terrible this was? Why is it
so awful for Google to capture unencrypted WiFi packets as an
unintended side-effect of their main aim (geolocation), yet completely
okay for THE FRIGGIN' POLICE to deliberately go out of their way to do
exactly the same thing?
There's your "creepy" right there, IMHO. Given a choice between trusting
Google and trusting the target of the Fitzgerald Enquiry, I know where
I'd invest my faith.
The Queensland Police clearly think that what Google did is okay,
otherwise they wouldn't have done it themselves. Who do we trust to
draw the line, and where will they draw it?
> I'm not saying that having a lack of Wifi security is a good thing, but I'm trying to remember the day when it became a bigger crime than the crime itself...
Last night you were coaching accusations of criminality in qualifiers
and equivocations. Have you changed your mind?
- mark
--
Mark Newton Email: newton at internode.com.au (W)
Network Engineer Email: newton at atdot.dotat.org (H)
Internode Pty Ltd Desk: +61-8-82282999
"Network Man" - Anagram of "Mark Newton" Mobile: +61-416-202-223
More information about the AusNOG
mailing list