Netstumbling and US Law

Craig S. plug-discuss@lists.plug.phoenix.az.us
Wed, 4 Sep 2002 02:24:20 -0700 

> 
> Message: 3
> Date: Tue, 03 Sep 2002 20:04:34 -0400
> From: George Toft <george@georgetoft.com>
> To: plug-discuss@lists.plug.phoenix.az.us
> Subject: Re: Netstumbling and US Law
> Reply-To: plug-discuss@lists.plug.phoenix.az.us
> 
> Tony Wasson wrote:
> > 
> > > > I have heard Netstumbling defended as 'mapping local frequencies in
> > use'. If
> > > > you are deploying your own wireless network, you'd want to make sure you
> > do
> > > > not interfere with existing networks.
> > 
> > > Setting up a receiver and getting a signal means find a different
> > > frequency.  Staying on that frequency and evesdropping is another
> > > matter.  That's a pretty weak defense - the last time I set up a
> > > wireless network, I was not driving around with a GPS mapping out all
> > > the WiFi networks.  I think it fails the "reasonable person" test.
> > 
> > IANAL. My gut tells me that should you find yourself being targeted by law
> > enforcement, if they don't get you on wardriving, they'll get you on
> > something else -- taxes if nothing else.
> > 
> > My fear of wireless networks is that someone will abuse many open WiFi
> > systems and make 'untraceable' attacks. When the law tracked down Mitnick, I
> > heard they triangulated on his cell phone. How will we trace someone using
> > WiFi to make mobile attacks? I wonder how long it will take until we hear of
> > 'warchalking' here in the states -- marking open WiFi systems with ")(" the
> > mark?
> > 

>From ieee.org 802.11d specs:

  ANSI/IEEE Std 802.10: Interoperable LAN/MAN Security. Currently approved: Secure  Data Exchange (SDE).


from what I could find that WAP's are supposed to support for encryption protocols:

 IP Security Protocol
Status

    * Many specifications for "network layer security" (SP3-N, SP3-A, SP3-I, SP3-D, SP3-C, NLSP, I-NLSP, swIPe, and others)
    * Many implementations of various flavors of IP layer security (ANS, AT&T, DEC, Hughes, Morningstar, Motorola, Semaphore, UUNET, and others)
    * No interoperation between implementations
* No IPSP Internet-Draft (yet...) 

oh yeah the above was taken from:

http://www.ietf.cnri.reston.va.us/proceedings/94mar/sec/ipsec.lambert.slides.html

I am sure there are many more protocols that can be used so if you are inside a tunnel you should be ok if you are worried about a secure transfer of data. True you won't scream data out as fast because some overhead will be used for encryption but it should be good enough to support a small LAN through cable or ADSL gates.

Craig S.