Re: Responsibility of using wireless security

yes. Its like adding deadbolts to doors... Many burglaries occur because a door w/o locked deadbolt can be quite easily go in; the doorknob lock only goes into the doorframe; the dead bolt also goes into the much stronger wall stud behind the doorframe. Whose choice is it to install deadbolts? The homowner/landlord. Duh.

Re: Responsibility of using wireless security

+1 ratdude, took the words out of my mouth.

I totally agree it should be up to the users.. but lets face it, its technology and not everyone is onboard..

I would first tell the people that security is an illusion (to cover my ass). Then i would suggest they better use security to eliminate majority of threats.

For those who think its pointless to use security only because it CAN be broken, Is like saying well a burgler can break the windows, why even lock it?

At the same time, to support japs argument, we all know how to lock a door/windows but average user probably cant fiure out how to login and change defaults. It is a big step manufacures secure devices by default, but doesnt help much when i end user doesnt know how to change it and i have a list of defaults, and i do see this as being false sense of security (but isnt it all tho?). This is where i believe that SOS/pin crap comes in. People can set a universal remote, they can use the SES stuff. I bet you manufacturers had to come up with this to avoid some sort of twisted law suit.

if someone joins my wireless without permission, then i call it fair game > and if i get bombed using someone elses without permission then i had it coming....

BTW anyone ever used shodanhq.com ?? veeery interesting IIS/4.0 WTF!!

Re: Responsibility of using wireless security

I can take my laptop through any given neighborhood and find a dozen unsecured networks.... I live in the boonies, nobody is anywhere near in my range.....but I still lock my WAP's down very well. I have 3 running.

Re: Responsibility of using wireless security

The security of a network depends on the person setting it up, not necessarily the users, except that most tech eventually gets hacked so it is the user's fault if they don't upgrade their hardware periodically and safeguard their data.

If the user sets it up or makes changes they are not competent to make then they are to blame as they should have hired a pro or at least enlisted the aid of someone more competent.

Re: Responsibility of using wireless security

I would say it falls half on the user, and half on the unauthorised user. Much like not putting deadbolts on the door Yes, the owner should have deadbolts, but not doing so doesn't make it right for someone to break in.

Re: Responsibility of using wireless security

If your signal permeates my property, and is capable of being used by my equipment, and you have an 'issue' with that, you better be the one who does anything.


Like breaking into a house w/o a deadbolt?

More like 'sniffing' a bad line leak, with a directional antenna, in the old analog cable days, and getting channels without 'paying' for them.

Re: Responsibility of using wireless security

I feel the responsibility for applying security measures in is in the hands of the broadcasting owner. I don't think its any different to leaving anything of value in the reach of those who would take advantage. Unless of course you WANT to freely share.
Same reason you take your keys out of a car and lock it, leaving ANYTHING unsecured amidst any population is an invitation to loss. Would you leave your wallet with cash in it on a street and expect no-one to take it ? Its why law is in place as a deterrant, it doesn't prevent it but it provides consequences and perhaps restitution. Ask an insurance company if they'll pay out for that theft.
WiFi theft is NO different and has been tried in the US more than once. Check it out.. http://en.wikipedia.org/wiki/Legality_of_piggybacking.

For me, I'm encrypted and MAC address filtered. If you ask nice and I invite you in then you are welcome. If someone wants to hack their way in then have at it.

Re: Responsibility of using wireless security

Sorry for necroing but this does bring up an interesting point. What if the user does not know how to "fix" the problem. Say the hardware is WEP and WEP got cracked but there is no alternative (like if WPA2 doesn't exist, either as an option or even new hardware). Then what? Expect the users to setup and use VPN? Expectations to hack their own firmware to provide something that does provide security? A lot of implications here... that could be used for other security breeches not related to networking hardware...

Re: Responsibility of using wireless security

Supposedly we are gonna have someone come in at my school and teach us how to hack - to learn how hackers break in. The point is actually to make networks more secure, and what you can do to protect them :P

Re: Responsibility of using wireless security

Its on the user. But, a lot of people dont know their security is weak or non-existent. I know my neighbors are running a WEP network. Essentially the same as open these days. I doubt they know that, or that WPA is better.

Personally, I have two SSIDs running. Colt45 is on the primary VLAN and is restricted with WPA2-Enterprise (802.1X), then I have Colt45-guest on a secondary VLAN and is restricted with WPA/WPA2-Personal. The key is two-thirds of the MD5 of a sentence.

Re: Responsibility of using wireless security

It should be on the user. With how easy to setup they are nowadays it's all step by step off the cd that comes with it, you should be able to figure it out

Re: Responsibility of using wireless security

One of these days, the security option would be WPA2 Personal or WPA2 Enterprise (both options being AES only) or No Security since WEP and WPA are going to be dropped from the Wi-Fi specification; access points being the first.
Now that would simplify setting up a wireless network with security because it reduces secure wireless network options right down to two.

As I said elsewhere, secured wireless networks with speeds faster than 54Mbit require the use of WPA2 (AES).

Re: Responsibility of using wireless security

I refuse to use the CD that comes with routers/access points. They typically don't work in my Linux machines...

Re: Responsibility of using wireless security

Good point, and the same could go for Macs too.