Re: Wlan @ bestbuy is cleartext?

From: Jonathan Bloomquist (bocasolutions@yahoo.com)
Date: 05/02/02 

Date: Wed, 1 May 2002 18:21:23 -0700 (PDT)
From: Jonathan Bloomquist <bocasolutions@yahoo.com>
To: Ron DuFresne <dufresne@winternet.com>

--- Ron DuFresne <dufresne@winternet.com> wrote:

-- snip --
 
> And I know alot of the discussion here so far has
> been directed at Best
> Buy and others that have rolledout insecured
> wireless inplmementations,
> and with some right to be not only shocked at these
> toys being placed as
> they are into use by the companies in question.

-- snip --

> But, if we are going to
> direct efforts at blame and how to make such toys as
> semi-secure as we can
> at present, let's make sure we point fingers at
> those ultimately
> responsible for unsafe open default configurations
> and hiding information
> deep in CDROMS from the endusers attention about how
> to attempt to
> semi-secure these toys, the vendors, Lucent, Cisco,
> and the others pushing
> out wireless capabile toys without safe default
> configurations to begin
> with.

-- snip --

Fair enough. But there is a difference between home
users and corporate users. Home users want sexy
hardware and they want it now. Vendors can hardly be
blamed for selling products when a market exists and
it is hardly in their best interest to say, "Here it
is but it may not be a good idea to use it if you like
to keep your data secure."

Corporate IT staff are paid to know better than to put
insecure technology into production and they need to
be held accountable if they make such a boneheaded
move.

> Now, rather then
> hint at and push excerpts from, lets just be done
> with it and push our
> venture to warn of the problems out to the public
> now, folks are just not
> alarmed enough to do the research and fear these
> toys being deployed in
> their environments even after the work of many we
> reference and site in
> this paper which follows the original post prompting
> it's release here:

I agree; how better to educate/scare people into
researching their decisions than by media attention.
This is another argument for full disclosure - let 'em
see what can happen and they might sit up and take notice.

__________________________________________________
Do You Yahoo!?
Yahoo! Health - your guide to health and wellness
http://health.yahoo.com

Relevant Pages

  • Re: Wlan @ bestbuy is cleartext?
    ... Buy and others that have rolledout insecured wireless inplmementations, ... direct efforts at blame and how to make such toys as semi-secure as we can ... There's alot of talk about how to VPN tunnel and IPSEC tunnel these ... connections to try and lock down security, but, information leakage is ...
    (Vuln-Dev)
  • Re: Swap:Brand new toy for wireless mouse
    ... am strapped for cash...I do however have a small collection of brand new ... toys for girls and boys...all different stuff. ... Sell the toys on ebay, use paypal, then you got money for a wireless mouse! ...
    (uk.adverts.computer)
  • Democrats working to overcome GOP neglect of agencies critical to public safety.
    ... The Senate on Thursday passed and sent to the White House legislation ... that bans lead from children's toys and seeks to ensure that chemicals ... posing possible health problems will not end up on toys and articles ... subject the tobacco industry to regulation by federal health ...
    (soc.retirement)
  • Re: Seiko Japan - SR-G10000 - Worlds most expensive EJD! ?$900! =O
    ... And then there's too many toys vs. too little time. ... Louise Bremner (log at gol dot com) ... If you want a reply by e-mail, don't write to my Yahoo address! ...
    (sci.lang.japan)