On Mon, Apr 25, 2011 at 9:18 PM, keith smith <klsmith2020@yahoo.com> wrote:
Thought this might be interesting to some.

Lying on his family room floor with assault weapons trained on him, shouts of "pedophile!" and "pornographer!" stinging like his fresh cuts and bruises, the Buffalo homeowner didn't need long to figure out the reason for the early morning wake-up call from a swarm of federal agents.

http://abcnews.go.com/US/wireStory?id=13448808

OMG, yea howdy!

We are responsible for our networks!

Course, most of us can get into WEP and WPA/WPA2 trivially, so unless you have a Radius Server (which most WiFi routers will happily work with) running Enterprise WPA2, you are still "at risk" of network encroachment. 

While WEP/WPA/WPA2 constitutes "reasonable protection", it does not protect you.  Anyone on a shared network owns you completely, with the ability to use SSLStrip to even get your https logins and passwords. 

BUT IS THIS CRIMINAL?

If so, most of the "adminstrator-less" Internet Startups running insecure Websites are criminal?

Technical Security HowTo Proof of Concept References:

http://www.eastmobiles.com/index.php?option=com_content&view=article&catid=27:wi-fi&id=106:wpa2-key-hack-nvidia
http://blogs.pcmag.com/securitywatch/2010/07/spoofing_hack_against_wpa2_rev.php
http://www.youtube.com/watch?v=r9x2e32voZY
http://www.securitytube.net/video/193

------------------------
Keith Smith




--
(503) 754-4452 iPhone
(623) 239-3392 Skype
(623) 688-3392 Google Voice

 http://www.it-clowns.com

"It took me many years but I have gained access to the root account and have removed the user God."   -Saros