OT: Need a Campaign to Secure WIFI Sites

Mon Mar 20 15:14:31 MST 2017

A system like I described would just be an "educational tool" to encourage
people to use HTTPS (properly).  It wouldn't stop you from accepting bogus
certificates-- just a speed bump.  Now that I've thought about it I'd
really like to install something like this on my grandparent's router. .
.   heck, my own router. . .

On Mon, Mar 20, 2017 at 2:50 PM, Vara La Fey <varalafey at gmail.com> wrote:

> Oh HELL no!! What kind of hall-monitor nanny mentality do you want people
> to adopt??
>
> I accept "bogus" certificates all the time because the whole idea of
> certificates is crap in the first place - they are NOT maintained - and
> years ago I got tired of that procedure warning me about "invalid"
> certificates for sites that were perfectly valid.
>
> I've never had a problem. Of course I'm also careful where I go,
> certificate or not.
>
> - Vara
>
> On 3/20/2017 2:12 PM, Brien Dieterle wrote:
>
> Maybe every commercial router should do SSL interception by default.  If a
> user accepts a bogus certificate they are taken to a page that thoroughly
> scolds them and informs them about the huge mistake they made, forces them
> to read a few slides and take a quiz on network safety before allowing them
> on the Internet.  Maybe do the same for non-ssl HTTP traffic, etc.. .
>
> On Mon, Mar 20, 2017 at 1:55 PM, Matt Graham <mhgraham at crow202.org> wrote:
>
>> On Mon, Mar 20, 2017 at 12:29 PM, Victor Odhner <vodhner at cox.net> wrote:
>>>
>>>> I’m really annoyed that so many companies offer open WIFI when it would
>>>> be
>>>> so easy to secure those hot spots.  Restaurants, hotels, and the waiting
>>>> rooms of auto dealerships are almost 100% open.
>>>>
>>> [snip]
>> On 2017-03-20 13:20, Stephen Partington wrote:
>>
>>> This is usually done as a means to be easy for their customers.
>>>
>>
>> Pretty much this.  Convenience is more valuable than security in most
>> people's minds.
>>
>> they’d be happy to do the right thing if we could explain it to the right
>>>> people.
>>>>
>>>
>> I'm not sure this would happen.  Setting up passwords and then
>> distributing those passwords has a non-zero cost and offers zero visible
>> benefits for most of the people who are using the wireless networks.[0]
>> And as another poster said, what about football/baseball stadiums?
>> Distributing passwords to tens of thousands of people is sort of
>> difficult.  "Just watching the game" is not an option; people want to
>> FaceTweet pictures of themselves at the game.
>>
>> OTOH, the last time I looked at the access points visible from my living
>> room, almost all of them had some sort of access control enabled. Maybe
>> there's a social convention forming that "my access point" ~= "my back
>> yard" and "open access point" ~= "a public park"?
>>
>> [0] Having a more educated user population would make the benefits more
>> visible, but it's very difficult to make people care about these things.
>>
>> --
>> Crow202 Blog: http://crow202.org/wordpress
>> There is no Darkness in Eternity
>> But only Light too dim for us to see.
>>
>> ---------------------------------------------------
>> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
>> To subscribe, unsubscribe, or to change your mail settings:
>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>
>
>
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
> To subscribe, unsubscribe, or to change your mail settings:http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>
>
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.phxlinux.org/pipermail/plug-discuss/attachments/20170320/37298534/attachment.html>