Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Wireless Networking Government The Courts Hardware News

Unsecured Wi-Fi to Become Illegal? 418

echucker writes "News.com is carrying a story for a draft proposal for law in Westchester County in New York state that would outlaw unsecured wi-fi connections. Public internet access would require a network gateway server with a firewall and also require home/business office users to install firewalls to protect personal info, even if their connection is encrypted. Violations would carry fines of $250-$500."
This discussion has been archived. No new comments can be posted.

Unsecured Wi-Fi to Become Illegal?

Comments Filter:
  • by Anonymous Coward on Saturday November 05, 2005 @11:24AM (#13957507)
    I can see it now :)
  • This is absurd (Score:5, Insightful)

    by TFGeditor ( 737839 ) on Saturday November 05, 2005 @11:24AM (#13957511) Homepage
    It is like fining somebody for leaving their door unlocked and they get burglarized.

    This is the epitome of a YRO violation. Interesting it was posted under the Hardware banner.
    • Re:This is absurd (Score:5, Insightful)

      by remahl ( 698283 ) on Saturday November 05, 2005 @11:28AM (#13957536)
      No, it's like fining somebody for leaving their door unlocked and _not_ getting burglarized.
      • Re:This is absurd (Score:5, Insightful)

        by roystgnr ( 4015 ) <roystgnr@ticam.utex a s . e du> on Saturday November 05, 2005 @11:52AM (#13957647) Homepage
        No, it's like fining somebody for leaving their door unlocked and _not_ getting burglarized.

        No, it's like fining somebody for not having a fence around their property and not getting burglarized.

        A locked door isn't like a firewall, it's like a secure password-protected service. Firewalls easily let you limit access to "all or nothing" - but hell, if that's as "fine-grained" as you need your security to be, you can get the same effect on a good OS just by turning off the services you want inaccessible. You can use a firewall to limit access by IP, but you could do that without a separate firewall by having clients do IP (or better, asymmetric encryption key) checks themselves. What you can't do is use a firewall to forward outside connections to an inside service and expect that service to become any more secure.

        Does this have something to do with the push behind SP2? I can't imagine Microsoft wanting to widely advertise, "You need to upgrade for security reasons because pre-SP2 versions of our programs are swiss cheese!" but they did need to get the "You need to upgrade for security reasons" message out there - perhaps what got across to consumers and lawmakers was "You need to upgrade for security reasons because SP2 has the all-important magic of Firewall!"
    • They say you can't outlaw stupidity...

      Would that mean this bill is doomed?
      • Re:This is absurd (Score:3, Interesting)

        by timeOday ( 582209 )
        Stupidity? It's a choice. For instance my brother lives in a very friendly neighborhood where everybody has wifi and broadband. None of them secure it because they all get better coverage that way.
        • Re:This is absurd (Score:3, Insightful)

          by bcrowell ( 177657 )
          For instance my brother lives in a very friendly neighborhood where everybody has wifi and broadband. None of them secure it because they all get better coverage that way.
          I don't use wifi and don't know much about it. Can anyone explain this using crayons? Suppose I put a wifi card in my linux box, take it to this neighborhood, and don't take any extra special precautions. What the heck is going to happen? I'm on this network with a bunch of other people. I fire up my browser and visit Slashdot, using htt
          • Re:This is absurd (Score:3, Insightful)

            by gmack ( 197796 )
            I once talked to a USRobotics sales rep and he thought exactly the same way you do. "personally I don't have anything on my network that people would want to break into". He was completely missing the point. The issue is that someone else can come visit the neighborhood someone not so nice and doesn't belong there who can now send spam or attempt to break in to other people's servers. All those nice things that if done from their own isp connection would get them kicked off by their ISP or have the police
            • by SuperKendall ( 25149 ) * on Saturday November 05, 2005 @01:11PM (#13958068)
              All those nice things that if done from their own isp connection would get them kicked off by their ISP or have the police visit. Guess who gets the blame? All traces stop with the person who owns the internet connection.

              So when the P2P police come calling if I'd had an open wireless connection it provides an element of doubt that I am guiltiy, which is pretty handy (if you're into P2P). If I used P2P a lot I'd do it from a box that operated only through my wireless connection - then any records don't even show the MAC address of your primary computer and you could ditch the box quickly if you got The Letter.
            • someone else can come visit the neighborhood someone not so nice and doesn't belong there who can now send spam or attempt to break in to other people's servers.

              The Internet is an open global network, not a closed private network. Taking one or two feeble steps towards closing it will hurt average users much more than it will ever prevent spam or hacking.

              For instance, I like getting free WiFi at cafes. Holding the cafe responsible for whatever somebody decides to do to the Internet through their hotsp

          • Re:This is absurd (Score:4, Insightful)

            by ultranova ( 717540 ) on Saturday November 05, 2005 @04:27PM (#13958956)

            Now I go to Amazon.com and order a book over https; the packets are encrypted, nobody can get my credit card number, so what's the issue?

            The issue is that your Corporate Overlords and their Political Henchmen want to keep an eye on you, and that is easier if all the data from and to your computer goes through a single wire. In a world full of public anonymous Wi-Fi access points, anyone could connect to anything from anywhere without giving away their own identity, allowing free exchange of information without fear of legal consequences, and making things impossible to censor (since it might be impossible to find the servers the data resides in, especially if the servers are running a P2P network like Freenet [freenetproject.org]); it is Big Brothers and Big Businesses worst nightmare.

            Freedom is the worst enemy of Power, so of course powers-that-be try to crush it. This law is just another attempt of forces of darkness to crush all opposition and bring about a Digital Dark Age.

        • Re:This is absurd (Score:4, Interesting)

          by WalterSobchak ( 193686 ) * on Saturday November 05, 2005 @12:18PM (#13957783) Homepage Journal
          This is entirely absurd. While there are people who don't know better, some chose to have their WiFi open.

          And "some people" include such ignorant folks as Intel Corp., who operate a free-for-all access point on San Francisco's Union Square. Would the law outlaw this kind of marketing, too?

          Oh, and a hint: Put your phone no. or eMail in your SSID and I will personally thank you when I use your AP.

          Alex
    • If you get burglared, you're the one who loses. If somebody uses your unsecured network to break into OmniCorp's computer, OmniCorp loses because of your negligence.
      • Bad analogy. how about: if someone simply breaks into your house OmniCorp doesn't get harmed. However if the burgler uses something they gain from your house, ie a firearm/set of keys, then OmniCorp could lose something.
      • Re:This is absurd (Score:2, Insightful)

        by QuesarVII ( 904243 )
        It wouldn't be my negligence that led to OmniCorp's problem. It is OmniCorp's job to secure their data. There are many other ways besides my access point for a hacker to get to OmniCorp's server.
        You can't feasibly control every method of connecting to the internet. Besides, people with the ability to hack into OmniCorp's servers are going to have no trouble getting past a wep key!
    • Re:This is absurd (Score:5, Interesting)

      by Gulthek ( 12570 ) on Saturday November 05, 2005 @11:47AM (#13957625) Homepage Journal
      You might not think that when you discover that your mortgage office, which stores an obscene amount of personal info, has all of that personal information on desktop computers on an unsecured wireless network.

      Yes, I have worked as a mortgage loan officer for such a place. Yes, I insisted on that being changed (to extremely computer clueless management). Yes, I eventually quit for these and other questionable practices.
      • Re:This is absurd (Score:3, Interesting)

        by dthrall ( 894750 )
        In this case, the company storing this information is basically being criminally negligent.

        There are laws that address the practices of institutions & business that house these types of personal information. I currently work in IT at a large insurance company, and each company wireless router is specifically configured in a secure fashion.

        Businesses have an obligation to secure confidential information.

        The problem is that we're talking about the impact on individuals.
      • Re:This is absurd (Score:5, Insightful)

        by Pendersempai ( 625351 ) on Saturday November 05, 2005 @01:22PM (#13958127)
        This is why we need strict liability for having your customers' personal information stolen. This is not an argument for arresting/fining people with an unprotected WiFi.
    • Re:This is absurd (Score:3, Informative)

      by shish ( 588640 )
      The word is "burgled", burglarized would mean "to be turned into a burglar"...

      (...or am I missing a Simpsons reference?)

    • Re:This is absurd (Score:3, Insightful)

      by ThaFooz ( 900535 )
      It is like fining somebody for leaving their door unlocked and they get burglarized.

      I'm not sure I agree with your analogy. If someone owns something which is both desirable & dangerous (ie handguns, swimming pools, etc) they are required by either laws or insurance premiums to secure it.

      I belive the same argument can be made for the internet. Sure the concequences aren't as severe (children having access to unfiltered content & computer virii instead of, well, death and injury), but neither
      • You just changed my mind. Stop that.
      • Re:This is absurd (Score:4, Interesting)

        by GuyverDH ( 232921 ) on Saturday November 05, 2005 @01:33PM (#13958182)
        "Negligence is a crime, and negligent computer users are quite responsible for the botnets/internet congestion/virus outbreaks which affect us all in some way (though some, but certainly not all, of that blame can be directed at vendors). We won't see any changes until we hold users responsible for their (in)actions."

        BULLSHIT.

        The writers of bots and viruses are responsible for those outbreaks!

        The writers of the host operating systems that were *shipped* with obscene numbers of security holes are responsible for those outbreaks!

        The users who are uninformed (ie - the box/manual doesn't say the software comes with security holes) are NOT responsible for the spread of malicious activity.

        That's like saying the people who ride public transportation are responsible for the negligent amounts of polutants that city buses put into the air.

        Let's start enforcing the laws we have.

        Jail time for those who write viruses and bots.

        Every time a new virus or bot hits the net, fine the company that sold the bug filled software that enabled the bot to run. Make the manufacturer responsible for the problems their incompetance (or negligence) caused.

        If a car manufacturer sells vehicles that crash all the time, they are forced to do a recall.

        If a hardware manufacturer sells computers / laptops that have a material defect that can cause harm or property damage, they are forced to recall.

        If a software company releases software that causes (through bugs, incompetence, negligence) damage, financial harm, or physical harm (ie bad software controls for automatic equipment) they are somehow held NOT responsible?

        If I write a piece of software designed to do a specific task, then state in the EULA that it may not be suitable for that purpose, and that in the end, it's the users responsibility to determine suitable (and in some cases, safe) functionality in that task, I get off with no responsibility or accountability?

        I believe that any member of government who says that people in general should be fined because they take a product and use it by just plugging it in and running it as it was shipped by the manufacturer is, to put it bluntly, bull shit. It's just another ploy by less than intelligent, power hungry law makers blindly trying to find a culprit (in all the wrong places - as usual) and make some money off of it.
    • In other news ...

      It is now illegal to use passwords of less than 26 characters, or those containing only letters of the alphabet
      It is now illegal to drive a car with clear-text license plates
      It is also illegal to speak on your mobile in English. Klingon is permitted until normal people learn it, at which time you'll have to switch to Esperanto.
      All medicine bottles will be made from titanium and fused shut. If you can't open it - well, you just discovered what 'survival of the fittest' means.

      I used
    • I can kinda see where they're coming from, in a way. I mean, someone COULD leave a network open, say in Manhattan somewhere, with a packet sniffer running. It could essentially be a honeypot for unsuspecting normal people to log in. An automated system could possibly infect a connected machine with spyware/keystroke recorders/etc.

      Also, what exactly constitutes secure? Encryption? Password? If this goes through, what's to stop a sleazy hardware manufacturer from putting out an access point with very poor sec
    • Re:This is absurd (Score:4, Interesting)

      by Chris Burke ( 6130 ) on Saturday November 05, 2005 @01:02PM (#13958017) Homepage
      Is this really about protecting private information or stopping computer crime?

      It seems to me this would mostly benefit ISPs who don't want people sharing their broadband connections with everyone on their block. Won't someone think of the lost monthly fees?! Not that this would necessarily prevent connection sharing; but a mere firewall won't do much to prevent information stealing either.

      I'll admit my main reason for thinking this is cynicism.
  • Firewall? Nahh.. (Score:3, Interesting)

    by JoostSchuttelaar ( 863737 ) on Saturday November 05, 2005 @11:24AM (#13957517)
    I can imagine the requirement for encryption and perhaps for some form of logging, but a firewall? Isn't that the responsibility of the users who connect?
  • by koan ( 80826 ) on Saturday November 05, 2005 @11:25AM (#13957521)
    Is this a response to the Google plans and various other implimentations of free wireless?
    These legislators have gotten downright dangerous, I also wonder, how uesful is an open network for hacking?
    If you were up to no good is an open AP the way to do it?
  • by Nichotin ( 794369 ) on Saturday November 05, 2005 @11:26AM (#13957525)
    This law would be impossible to enforce anyway. You would have to send a task around to track down all unsecured access points, then bust in the doors of a whole lot of white middle class people.
  • by Tuqui ( 96668 ) on Saturday November 05, 2005 @11:26AM (#13957526) Homepage
    Make Unsecured OS Illegal too!!!
  • by Gothmolly ( 148874 ) on Saturday November 05, 2005 @11:26AM (#13957527)
    Um, just making something illegal doesn't stop it. Try doing the speed limit, in Westchester county of all places.
    To me, this sounds like one of those "I'm protecting your children from Teh Internets" moves that politicians do periodically when they have to remind the masses that its time to vote.
    How about holding someone responsible (gasp) for any malicious activity that originates FROM their network?
    • Finding open WIFI is easier then catching speeders.

      The speeders are a moving target and you have to be there at the same point in time, while the WIFI sitting in your bedroom is not. The cops have plenty of time to slowly ( and quietly ) cruise around town finding them. Then triangulating them down to the street address, with a warrant to search in hand.

    • They are not going to go wardriving and fining people because the technology you need to figure which house is sending the unsecured waves out would be pretty tough. But they probably are sick and tired of child porn and other stuff being done online, then having the suspects say, "Oh, someone must have stolen my wireless connection." The cops are just going to use this law to say, "Well, sucks for you. You should have secured this instrumentality to a crime."
    • ``How about holding someone responsible (gasp) for any malicious activity that originates FROM their network?''

      Now there's a good idea. Actually, don't we have that already?
  • In related news... (Score:3, Insightful)

    by M555 ( 897819 ) on Saturday November 05, 2005 @11:27AM (#13957531)
    Leaving you front door unlocked is now illegal
  • by Morky ( 577776 ) on Saturday November 05, 2005 @11:28AM (#13957535)
    If being an idiot were illegal, most of my company would be in prison.
    • If being an idiot were illegal, most of my company would be in prison.

      If that was the case, you'd be be better off doing like Wonko the Sane from So long, and thanks for all the fish and build a house called The Outside of the Prison. It'd be a helluva lot easier than getting all the idiots into prison.
  • by tinrobot ( 314936 ) on Saturday November 05, 2005 @11:29AM (#13957541)
    What ever happened to personal choice?

    If I want to leave my data connection open for any number of reasons, that's my business. If I want to leave my front door open or not lock my car, that's my business too...

    Ridiculous.
  • by Matey-O ( 518004 ) <michaeljohnmiller@mSPAMsSPAMnSPAM.com> on Saturday November 05, 2005 @11:30AM (#13957543) Homepage Journal
    We've got a public access wifi point in the building for visiting salsefolks and people from other government departments.

    Open you laptop and you'll get 'do you want to attach to PublicWifi?'

    It's firewalled off, URL filtered, and aside from http(s), DHCP, DNS, SSH and VPN, nothing else can get through. Further, those ports will only attach to outside IPs. All traffic is monitored, and there are notices in all meeting rooms that Your security is Your problem.

    This is a solution that protects OUR network, has zero admin overhead, and still permits the resource...So that's now illegal?

  • ... seatbelt is illegal, too. So why not make a "digital seatbelt" mandatory? I'm just curious how many users that can barely turn on their computer will become criminals with such a law...
  • default passwords (Score:3, Interesting)

    by capoccia ( 312092 ) on Saturday November 05, 2005 @11:31AM (#13957550) Journal
    if this law passes, people will be buying routers that automatically configure themselves to be "secure" with default passwords.
  • by thewiz ( 24994 ) *
    There goes the free internet access my neighbor provides!
    Fortunately, he doesn't seem to mind the amount of pr0n I download.
  • All provider TOS limitations taken into account, the government does not have a right to tell me i cant share something i *PAID* for with my neighbors.

    What is next, banning of the neighborhood BBQ? Cant share that meat and beer you bought with your friends that live across the street. noooo
  • by mrmaster ( 535266 ) on Saturday November 05, 2005 @11:34AM (#13957569) Homepage
    When I read this article I was thinking that I wouldn't mind having the job of enforcing this. Then I realized I would have to have the mindset of a parking enforcer to do something like this. Hell, let the parking enforcers take care of this as well. They love a good power trip. Parking enforcer: "Ma'am, your wireless access point is not running a firewall." Some old lady: "My what isn't on fire?" Parking enforcer: "your internet. It is against the law to allow others to use your internet for free" Some Old lady: "Oh, my 10 yr old grandson got that internet thing to work? Isn't he wonderful? He is so smart." Parking enforcer: "Ma'am, here is a ticket for running an unsecure access point. Don't let it happen again." Some Old lady: "How dare you come to my house and threaten me with this! I've been living here for 30 years and have never been treated like this! Parking enforcer: "Ma'am, have a nice day" Slow day at work. I apologize
  • by Anonymous Coward on Saturday November 05, 2005 @11:35AM (#13957571)
    any business or home office that stores personal information also must install such a firewall-outfitted server even if its wireless connection is encrypted and not open to the public. All such businesses would be required to register with the county within 90 days.

    I wonder who is really behind creating THAT database?
  • http://xroads.virginia.edu/~HYPER/DETOC/ch4_06.ht m [virginia.edu]

    "It would seem that if despotism were to be established among the democratic nations of our days, it might assume a different character; it would be more extensive and more mild; it would degrade men without tormenting them."

    and

    "Thus it every day renders the exercise of the free agency of man less useful and less frequent; it circumscribes the will within a narrower range and gradually robs a man of all the uses of himself. The principle of equality has pre
  • by Antony-Kyre ( 807195 ) on Saturday November 05, 2005 @11:35AM (#13957575)
    Isn't this the equivalent of police looking and pulling vehicles over for the driver not wearing a seatbelt? In other words, something that only endangers one self is trying to be prevented, right?
    • In other words, something that only endangers one self is trying to be prevented, right?

      it's actually more ridiculous than the seatbelt laws. Consider that if you were in an accident and not wearing your seatbelt, public services (fire, ems, etc.) would be engaged to either pull you out or scrape you off, depending on the severity of the accident; so you could make a case that the public good is enhanced if everybody wore their seatbelt.

      Securing an open WiFi access point doesn't secure any additional publi
    • Think about it for a bit. If they can get on your network, and your network is connected to the Internet, this means they can get on the Internet. That means they can break into any computer on the Internet. The attack could be traced back to your network, but the attacker would probably be long gone by the time the authorities got to your place. Doesn't it make sense to want to prevent such a scenario?
    • You know, I get the feeling that you're an inconsiderate moron.

      Suppose you've got a person who was just in a car wreck and you've got a child who was just pulled from a burning building who is in serious need of medical attention. The county only has one free ambulance at this point in time, who do they go get? Well if the guy in the car wreck had worn his seatbelt and not been thrown through the windshield, they could just go get the kid. But since the guy in the car was thinking only of himself and didn't
  • by saskboy ( 600063 ) on Saturday November 05, 2005 @11:37AM (#13957580) Homepage Journal
    As if it isn't enough that using someone's open Wireless Access Point without permission is illegal, now they're making it illegal to own current wireless technologies? That's like bank robbing being illegal, but they're banning banks just in case. And I'm not saying connecting to open wireless is like robbing a bank, it's just an extreme analogy to show what the law is outlawing.
  • by cowmix ( 10566 ) <mmarch AT gmail DOT com> on Saturday November 05, 2005 @11:39AM (#13957587) Homepage
    The passkey is 'passkey'. Am I legal now?
  • by redelm ( 54142 ) on Saturday November 05, 2005 @11:41AM (#13957602) Homepage
    A legislative body can pass whatever they want, but it might not withstand legal challenge. In this case, I don't see how the county can show an interest. This is clearly interstate, and the FCC has jurisdiction.

  • by dindi ( 78034 ) on Saturday November 05, 2005 @11:43AM (#13957609)
    O.K.
    1st step: let's force a broken security model (WEP) on all users.
    2nd : limit the allowed encryption so all government agencies can come and look into your house ....

    it's like telling someone how to run their servers ...

    wha if I like all my access points running without any crypto and just have a tunnel inbetween my machines, and not ruoute any packets into the net that does not come from that "internal net" or VPN ?

    What if i want to see wardrivers trying to mess with my access points?

    What if I run Linux or BSD as an access point with my own security measures ?

    What if I just hate big brother telling me how to run my home network ?

    It's like the safety belt issue : I wear it as once it saved my whole family's life in a nasty crash, however I know people who are scared of it as they were stuck in a car in a rollower accident and they choose to crush their head instead of burning in a car upside down tangled in a seatbelt .....
  • by rayd75 ( 258138 ) on Saturday November 05, 2005 @11:46AM (#13957620)
    I certainly hope this fails as I don't think legislation is the solution to wireless security... at least not in this form. Perhaps it should just be illegal to ship an access point that is open by default. I realize that manufacturers want their products to be easy to use but I don't think it's unreasonable for buyers to jump through a hoop or two before getting a completely open access point if that's what they want. On the other hand, maybe the FCC will get involved. Obviously, they have no jurisdiction over network design and such but any requirement to register an access point sounds a lot like a requirement to register a radio transmitter. It has been long since been established that local governments generally cannot regulate radio devices operating in accordance with the applicable FCC rules.
  • So, to enforce they would run around and illegally connect (as some courts have said) to wireless access points. Breaking the law (civil) and civil rights (illegal search and seizure, or is this plain sight?) to find out whether you are breaking the law? Wow, okay.

    So, I assume the common beat cop doesn't have the skills to determine whether the protocol on a running wireless setup therefore the police departments will have to hire new people. But, with budget cuts there is no more money so they will prob
    • Pass another law allowing private citizens to act as privateers to enforce the law.

      We already have something like that, but I don't think it's a law. it's called Citizen's Arrest. [wikipedia.org] And if you're witnessing a felony, you're legally empowered to arrest those you witness doing the felony. Now they'd have to make this a felony, and with fines like that, I doubt it's even a class c felony. It's most likely a misdemeanor.
  • Here's my question, do lawmakers really know enough about WiFi security and firewalls to write a coherent law requiring this? I'd draw the parallel between the FCC and the slow move to HDTV, which they really can't push too quickly because many people don't want/need to pay for a new tv and then pay more for cable/satellite. So since many people (including myself) run old equipment, what type of standard encryption and firewall will the law entail? Will they require WEP64/128, which can be easily broken,
  • "somebody parked in the street or sitting in a neighboring building could hack into the network and steal your most confidential data," County Executive Andy Spano said in a statement.

    That's all well and good, Andy but I run an open network and frankly, if somebody breaks into my network that's my problem. I don't need people like you to tell me what to do.

    The draft proposal offered this week would compel all "commercial businesses" with an open wireless access point to have a "network gateway server"
    • While they may not need to tell people like you what to do, the point of TFA (and the proposed law) is that someone needs to tell the clueless what to do. You know: the small business owner who is barely able to turn on their computer, but want to install a WLAN at work because the WLAN their kid installed at home is convenient. So, they go down to $COMPUTERSTORE, buy a WAP, plug it in, and go to town.

      And they're shocked, SHOCKED, I tell you, to find that their network has been pwned within half an hour

      • Sorry for being so brash. I just woke up. Yeah, I understand what you're saying. But it's apparently going to an illegal and finable offense. I mean why not just send the guy with the open network and informational letter regarding security. I run an open experimental network with no firewall. Should that be illegal?

  • Personally, I'm still convinced unsecure WiFi poses to large of a risk. Just think about what can happen:

    - terrorists could potentially drive up, connect, and unleash an attack on infrastructure (power grid, etc.).

    - peidophiles could drive up, and transmit their data, then leave... with nobody knowing who they are, and it being pretty much impossible to track down.

    - lauching of a virus or bot attack.

    No longer is traceroute a good solution to find out who is at the end of the line. Anyone can find any open
    • Thank god we have the government to protect us from those evil terrorists trying to snoop on our cybersex IMs!
    • Personally, I'm still convinced unsecure WiFi poses to large of a risk.

      I'm sure that many cowards could identify with that thought. But to those of us who truly value freedom, it's a reasonable price to pay. I'm not going to quietly give up my rights to anonymous free speech just because someone else could use anonymity for dastardly purposes.

      If you want state-controlled and monitored Internet access, then move to China.
  • No it wouldn't (Score:3, Interesting)

    by FluffyWithTeeth ( 890188 ) on Saturday November 05, 2005 @11:54AM (#13957657)
    It would not outlaw unsecured wireless connections.

    It's allowed to be unencrypted, it just has to be running a firewall. Which is stupid. Really stupid.

    I don't live in America, so this won't effect me. I just still think it's stupid. I run my own connection free of firewalls anywhere in the chain. Sure, if someone can be bothered, they could get into my files, as long as they spent long enough with a bruteforce. Hell, I even allow root connections via ssh. Unless someone's seriously personally interested in cracking my machine, I don't need one, I only run MacOS, Linux and BeOS on the net, I'm not worred about malware or viruses. My wireless data is encrypted, but it won't keep anyone out, the encryption key is exactly the same as the SSID

    The only reason I have that is so the (computer illiterate) people a few houses over don't connect accidentally, and use my bandwidth for no reason. Hell, I've connected to their router and changed its channel and such to produce the minimum interference between them.

    I don't care if a guy nearby has lost his net for a bit, and so uses mine for a backup. I don't care if someone driving through switches to my connection.

    If someone is using too much of my bandwidth, I'll just block their MAC address for a bit. Sure, they can crack that. If they do, I'll just change my WEP password. They're bored enough to crack that as well? Fine, I'll just stop my router from giving anymore DHCP leases than I use. Meanwhile, I'll track down where they are, using the many machines and people I can pull up to pinpoint where wireless traffic is. Then, I'll go over and kick the shit out of them.

    So far, no one's ever done anything with my connection that's pissed me off. I've had people talk to me on rendezvous with iChat (Or whatever it's called now, the LAN chat thing) and thank me for letting people connect.

    I like sharing my internet. I once set up a directional antenna so that a friend some ways over could use it when his cable company had screwed things up.

  • For the love of god - seatbelt laws were enacted because the consequence of not wearing a seatbelt was a much higher probability of DEATH in an auto accident (and assuming you are just injured, the associated higher costs of health care which has to be borne by everybody) - hardly the result of someone who "hack[s] into the [your] network and steal your most confidential data". Jeez, even that quote, "the network", like there is only one shows how clueless some of these politicians are. Now we need laws
  • by bogaboga ( 793279 ) on Saturday November 05, 2005 @11:56AM (#13957663)
    We in the country do not lock our homes when we leave. Nothing has ever happened. I guess I am speaking for myself and the few friends I know here.

    Our politicians should do what matters for the ordinary folks like fixing health-care and other services, then legislate on matters like these. Is that too much to ask for?

  • by diakka ( 2281 ) on Saturday November 05, 2005 @11:57AM (#13957669)
    Looks like they want to cut off all the free wirless access so they can charge you for it. Aren't you glad they care about making your internet safe?

    Seriously though, one poster asked jokingly why they aren't banning insecure OS's and it sounded funny, but it does point out a problem with the bill. Certainly people running insecure OSs are just as bad for spam, and illegal activities as are free wireless, yet nobody is proposing a bill to fine those users. Naturally, if someone proposed this, MS would throw a shit fit.
  • by canuck57 ( 662392 ) on Saturday November 05, 2005 @11:58AM (#13957677)

    Violations would carry fines of $250-$500."

    About time. I figure the only way law enforcement is going to enforce internet good practices is if it becomes like traffic tickets. Get caught, pay the fine. This is a good idea unless you want your access point open.

    • This is a good idea unless you want your access point open.

      *UNLESS*

      That's the key word. Suppose I want to, as a public service, leave an open, unencrypted wifi connection.

      Suppose I want people to be able to access the Internet with some degree of anonymity. This law is trying to make an end-run around free speech by taking away anonymity.

      I wonder if this law is being pushed by telecoms, cable providers, and other ISPs who want to make sure that everyone pays them for Internet access...
  • by jpl166 ( 913034 ) on Saturday November 05, 2005 @12:05PM (#13957709)
    While it sounds like this particular proposal was written by people who just don't understand, maybe it will give people with a bit more clue (and authority) an idea.
    People were talking about this being like getting fined for leaving your door unlocked. How about fining a landlord who doesn't provide locks on the doors? With the prevalence of wireless "internet router" units, many of which include basic firewall functionality, it wouldn't take much of an upgrade to make this work well. Anything that provides 802.11[bg...] should have a firewall built in and come with a VPN client - anything on the airwaves is then firewalled AND encrypted. How much would this really cost the industry? How much would it benefit the public?
  • by v1 ( 525388 ) on Saturday November 05, 2005 @12:09PM (#13957738) Homepage Journal
    The way the trend is going, we will be legally required to encrypt our connections.

    OK, then when the law hops in and screams bloddy murder because they can no longer tap into our traffic, THEN what do we do?

    They're all idiots. It's just that simple.

  • Simple solution. (Score:4, Insightful)

    by polyp2000 ( 444682 ) on Saturday November 05, 2005 @12:13PM (#13957753) Homepage Journal
    Enable encryption on the access point and then make the encryption key publically available.
  • keep doors and windows unlocked in your home?
  • by E8086 ( 698978 ) on Saturday November 05, 2005 @12:18PM (#13957787)
    It's either they really care about the security of the resident's home wireless networks or they're planning some municipal "Wi-Fi" subscription service and they want to eliminate the free competition and have a monopoly for themselves. If they really cared, instead of fines, they'd create a free guide on securing a wireless connection and distribute it at the town hall and/or in the local paper. I'll go with 'eliminate the competition' it's all politicing, there has to a reason other than "for the public good" for why they want close down all the open networks. Hatch is owned by the **AA, maybe they've been bought out by Verizon broadband wireless.

    1) take down all open wireless networks (sources of free Internets)
    2) install municipal subscription service at $9.99-$59.99/mo
    3) PROFIT
  • Unenforceable (Score:3, Insightful)

    by HermanAB ( 661181 ) on Saturday November 05, 2005 @07:32PM (#13959941)
    Sure, they can pass such a regulation, but any communications limiting regulations are unenforceable in most states. In Canada, only the Federal Government can regulate communications. So, yeah, nothing to see here, move along...

I've finally learned what "upward compatible" means. It means we get to keep all our old mistakes. -- Dennie van Tassel

Working...