If someone steals my car and runs someone over, am I liable? I'm not buying this behavior as acceptable. Our networks are not truly secure, and should never be considered anything more than circumstantial evidence. Demanding turnover of computers, I find acceptable. The home invasion I do not. Of course, if the networks are that open, I'm guessing any half-competent security person could get on said computers remotely and get real evidence.
On Tue, Apr 26, 2011 at 8:53 AM, Lisa Kachold <lisakachold@obnosis.com> wrote:On Mon, Apr 25, 2011 at 9:18 PM, keith smith <klsmith2020@yahoo.com> wrote:
Thought this might be interesting to some.
Lying on his family room floor with assault weapons trained on him, shouts of "pedophile!" and "pornographer!" stinging like his fresh cuts and bruises, the Buffalo homeowner didn't need long to figure out the reason for the early morning wake-up call from a swarm of federal agents.
http://abcnews.go.com/US/wireStory?id=13448808
OMG, yea howdy!
We are responsible for our networks!
Course, most of us can get into WEP and WPA/WPA2 trivially, so unless you have a Radius Server (which most WiFi routers will happily work with) running Enterprise WPA2, you are still "at risk" of network encroachment.
While WEP/WPA/WPA2 constitutes "reasonable protection", it does not protect you. Anyone on a shared network owns you completely, with the ability to use SSLStrip to even get your https logins and passwords.
BUT IS THIS CRIMINAL?
If so, most of the "adminstrator-less" Internet Startups running insecure Websites are criminal?
Technical Security HowTo Proof of Concept References:
http://www.eastmobiles.com/index.php?option=com_content&view=article&catid=27:wi-fi&id=106:wpa2-key-hack-nvidia
http://blogs.pcmag.com/securitywatch/2010/07/spoofing_hack_against_wpa2_rev.php
http://www.youtube.com/watch?v=r9x2e32voZY
http://www.securitytube.net/video/193
------------------------
Keith Smith
--
(503) 754-4452 iPhone
(623) 239-3392 Skype
(623) 688-3392 Google Voice
http://www.it-clowns.com
"It took me many years but I have gained access to the root account and have removed the user God." -Saros
---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
--
James McPhee
jmcphe@gmail.com
---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss