Maybe every commercial router should do SSL interception by default. If a user accepts a bogus certificate they are taken to a page that thoroughly scolds them and informs them about the huge mistake they made, forces them to read a few slides and take a quiz on network safety before allowing them on the Internet. Maybe do the same for non-ssl HTTP traffic, etc.. . On Mon, Mar 20, 2017 at 1:55 PM, Matt Graham wrote: > On Mon, Mar 20, 2017 at 12:29 PM, Victor Odhner wrote: >> >>> I’m really annoyed that so many companies offer open WIFI when it would >>> be >>> so easy to secure those hot spots. Restaurants, hotels, and the waiting >>> rooms of auto dealerships are almost 100% open. >>> >> [snip] > On 2017-03-20 13:20, Stephen Partington wrote: > >> This is usually done as a means to be easy for their customers. >> > > Pretty much this. Convenience is more valuable than security in most > people's minds. > > they’d be happy to do the right thing if we could explain it to the right >>> people. >>> >> > I'm not sure this would happen. Setting up passwords and then > distributing those passwords has a non-zero cost and offers zero visible > benefits for most of the people who are using the wireless networks.[0] > And as another poster said, what about football/baseball stadiums? > Distributing passwords to tens of thousands of people is sort of > difficult. "Just watching the game" is not an option; people want to > FaceTweet pictures of themselves at the game. > > OTOH, the last time I looked at the access points visible from my living > room, almost all of them had some sort of access control enabled. Maybe > there's a social convention forming that "my access point" ~= "my back > yard" and "open access point" ~= "a public park"? > > [0] Having a more educated user population would make the benefits more > visible, but it's very difficult to make people care about these things. > > -- > Crow202 Blog: http://crow202.org/wordpress > There is no Darkness in Eternity > But only Light too dim for us to see. > > --------------------------------------------------- > PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org > To subscribe, unsubscribe, or to change your mail settings: > http://lists.phxlinux.org/mailman/listinfo/plug-discuss >