begin quoting Robert Donovan as of Fri, Mar 14, 2008 at 02:35:41AM -0700: > On Fri, Mar 14, 2008 at 2:00 AM, Tracy R Reed <[EMAIL PROTECTED]> wrote: > > Andrew Lentvorski wrote: > > > The assumption here is that the person with the open AP has an > > > "unlimited" bandwidth plan. > > > > It seems like we are trying unusually hard to excuse the ignorance of > > those who would pay for bandwidth by the byte yet leave an access point > > open. Normally the kplug crowd comes down pretty mercilessly on > > ignorance. Why the change of heart? > > It's not about coming down hard on ignorance. The people in the kplug > crowd also are the first to rail against exploitation for personal > gain against people who can't fight back.
Good point. > Coming down on those who are > ignorant with the object of educating them is one thing. Coming down > hard on those who are content to remain ignorant after having been > informed might also be acceptable, but taking advantage of someone > just because people happen to be ignorant of a vulnerability is the > very kind of exploitation that I hear people railing against on this > list all the time. Is it really exploitation? The problem is that we have three categories of use here -- the person who gets on to an open wireless network, checks a few things, and then quits; the person who spends a moderate amount of time and bandwidth on open wireless networks for extended periods of time; and finally, a person who saturates the wireless network with their own traffic, rendering it unusable to anyone else. To criticize the first person IN ANY WAY is ludicrous. It's an open network, there's probably no noticable effect of their usage. The third person is a leech, and is likely to be unwelcome on any network; if the wireless network were a commons, this would be an abuse of the commons. This is an abuse of any sort of shared resource, even if the resource were to be shared deliberately. I'll buy that as exploitation. So that leaves our second person... is it a reasonable use? I put forth that if there's no apparent network load imposed by certain utilization, then we have a reasonable level of use. No harm, no foul. If packets aren't stomping on each other, and we aren't seeing a lot of retransmits or timeouts, it's shouldn't be an issue. (But that's just general network good behavior anyway.) > Perhaps it's not on as grand a scale as some of > those conversations, but the principle is the same. Call me Why? You haven't yet dealt with the possibility that it might be an open network, for use by all, free of charge. If I build a road on my property, so that it looks like a public road, and then people *use* it as a public road, what cause do I have to be upset? If I object to people using my private road as a public road, but take no action to distinguish it from a public road, it doesn't make those people using my road _wrong_ or _bad_. > old-fashioned if you want to, but the fact that someone is not aware > of a vulnerability, or doesn't understand it, doesn't grant anybody > else some special right to take advantage of them just because they > can. I realize this is done all the time, but that doesn't make it > right or something to be strived for. Is it a vulnerability, when it looks like a feature that others provide? Note that we're not talking about cracking the WAP security, we're talking about (reasonable) use of an open wireless network, in a world where a lot of people get a kick out of providing free network access. This isn't equivalent to tying into someone's _wired_ network, after all. I agree that taking advantage of the unfortunate is reprehensible. I don't agree that assuming everyone is incompetent and a victim is a good idea -- for one, it's insulting. -- I'll run an open wireless network once I get my firewall configured. Stewart Stremler -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
