Helkaluin
April 12th, 2010, 12:19 PM
The discussion I'm trying to bring up is two-fold, so bear with me.
First, if you haven't noticed yet, the Digital Economy Bill is passed 'rather quickly' in the UK House of Commons after the announcement of general election. Let us, for the sake of the tone on this board, steer off the political implications and focus on the technical implications.
So, precedent-setting and parliamentary-sovereignty issues disregarding: The main short-term fear most opposers of the Bill (now Act) is that free wireless services found in, say, cafes will soon disappear, as the duty to regulate illegal internet traffic seems to lie on the 'provider.'
That alone worths discussion, but the second part is that:
And how does this tie in with ethical hacking? Well, it's Easter holidays now (still a schoolboy here) and it happens that my mother's house does have wireless set up. When this holiday started it became clear to me that she might have fallen to some ARP spoofing attacks whilst I was at school (boarding, so I was well away), and luckily she clicked 'decline' to those bogus SSL certificates.
After changing the encryption to WPA (somehow the telecom thinks WEP is enough for default; compatibility issues, I guess) and setting the key to an almost-random 20+ passphrase, I thought it's ridiculous how easily that we can still find WEP or even insecure wireless networks around the house.
Now that this Bill is passed, I fear the number of people who simply connect to their neighbour's networks will certainly increase, for whatever reason. Unfortunately, the wireless network next door is still WEP, and within minutes the passphrase is revealed to be the neighbour's name with two extra numbers appended to it, what's worse is that the router can be telneted with the default password. Fortunately, the neighbour next door is the fencing teacher at school, and a quick knock on the door cleared things up.
So, do you think that you have the obligation to, at least, advise your neighbours on securing their networks, especially when this Bill is passed? Or is it the responsibility of the user, for whatever legal implications there are for the responsibility of controlling your own network? I personally cannot bear the thought that the number of script kiddies will possibly get a major boost after this bill that supposedly deters illegal traffic gets passed. But then again, let's steer away from the politics.
First, if you haven't noticed yet, the Digital Economy Bill is passed 'rather quickly' in the UK House of Commons after the announcement of general election. Let us, for the sake of the tone on this board, steer off the political implications and focus on the technical implications.
So, precedent-setting and parliamentary-sovereignty issues disregarding: The main short-term fear most opposers of the Bill (now Act) is that free wireless services found in, say, cafes will soon disappear, as the duty to regulate illegal internet traffic seems to lie on the 'provider.'
That alone worths discussion, but the second part is that:
And how does this tie in with ethical hacking? Well, it's Easter holidays now (still a schoolboy here) and it happens that my mother's house does have wireless set up. When this holiday started it became clear to me that she might have fallen to some ARP spoofing attacks whilst I was at school (boarding, so I was well away), and luckily she clicked 'decline' to those bogus SSL certificates.
After changing the encryption to WPA (somehow the telecom thinks WEP is enough for default; compatibility issues, I guess) and setting the key to an almost-random 20+ passphrase, I thought it's ridiculous how easily that we can still find WEP or even insecure wireless networks around the house.
Now that this Bill is passed, I fear the number of people who simply connect to their neighbour's networks will certainly increase, for whatever reason. Unfortunately, the wireless network next door is still WEP, and within minutes the passphrase is revealed to be the neighbour's name with two extra numbers appended to it, what's worse is that the router can be telneted with the default password. Fortunately, the neighbour next door is the fencing teacher at school, and a quick knock on the door cleared things up.
So, do you think that you have the obligation to, at least, advise your neighbours on securing their networks, especially when this Bill is passed? Or is it the responsibility of the user, for whatever legal implications there are for the responsibility of controlling your own network? I personally cannot bear the thought that the number of script kiddies will possibly get a major boost after this bill that supposedly deters illegal traffic gets passed. But then again, let's steer away from the politics.