<div dir="ltr">Maybe every commercial router should do SSL interception by default. If a user accepts a bogus certificate they are taken to a page that thoroughly scolds them and informs them about the huge mistake they made, forces them to read a few slides and take a quiz on network safety before allowing them on the Internet. Maybe do the same for non-ssl HTTP traffic, etc.. . <br></div><div class="gmail_extra"><br><div class="gmail_quote">On Mon, Mar 20, 2017 at 1:55 PM, Matt Graham <span dir="ltr"><<a href="mailto:mhgraham@crow202.org" target="_blank">mhgraham@crow202.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span class=""><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
On Mon, Mar 20, 2017 at 12:29 PM, Victor Odhner <<a href="mailto:vodhner@cox.net" target="_blank">vodhner@cox.net</a>> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
I’m really annoyed that so many companies offer open WIFI when it would be<br>
so easy to secure those hot spots. Restaurants, hotels, and the waiting<br>
rooms of auto dealerships are almost 100% open.<br>
</blockquote></blockquote></span>
[snip]<span class=""><br>
On 2017-03-20 13:20, Stephen Partington wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
This is usually done as a means to be easy for their customers.<br>
</blockquote>
<br></span>
Pretty much this. Convenience is more valuable than security in most people's minds.<span class=""><br>
<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
they’d be happy to do the right thing if we could explain it to the right people.<br>
</blockquote></blockquote>
<br></span>
I'm not sure this would happen. Setting up passwords and then distributing those passwords has a non-zero cost and offers zero visible benefits for most of the people who are using the wireless networks.[0] And as another poster said, what about football/baseball stadiums? Distributing passwords to tens of thousands of people is sort of difficult. "Just watching the game" is not an option; people want to FaceTweet pictures of themselves at the game.<br>
<br>
OTOH, the last time I looked at the access points visible from my living room, almost all of them had some sort of access control enabled. Maybe there's a social convention forming that "my access point" ~= "my back yard" and "open access point" ~= "a public park"?<br>
<br>
[0] Having a more educated user population would make the benefits more visible, but it's very difficult to make people care about these things.<span class="HOEnZb"><font color="#888888"><br>
<br>
-- <br>
Crow202 Blog: <a href="http://crow202.org/wordpress" rel="noreferrer" target="_blank">http://crow202.org/wordpress</a><br>
There is no Darkness in Eternity<br>
But only Light too dim for us to see.</font></span><div class="HOEnZb"><div class="h5"><br>
------------------------------<wbr>---------------------<br>
PLUG-discuss mailing list - <a href="mailto:PLUG-discuss@lists.phxlinux.org" target="_blank">PLUG-discuss@lists.phxlinux.or<wbr>g</a><br>
To subscribe, unsubscribe, or to change your mail settings:<br>
<a href="http://lists.phxlinux.org/mailman/listinfo/plug-discuss" rel="noreferrer" target="_blank">http://lists.phxlinux.org/mail<wbr>man/listinfo/plug-discuss</a></div></div></blockquote></div><br></div>