Robert Donovan wrote:
On Fri, Mar 14, 2008 at 2:00 AM, Tracy R Reed <[EMAIL PROTECTED]> wrote:
Andrew Lentvorski wrote:
> The assumption here is that the person with the open AP has an
> "unlimited" bandwidth plan.
It seems like we are trying unusually hard to excuse the ignorance of
those who would pay for bandwidth by the byte yet leave an access point
open. Normally the kplug crowd comes down pretty mercilessly on
ignorance. Why the change of heart?
It's not about coming down hard on ignorance. The people in the kplug
crowd also are the first to rail against exploitation for personal
gain against people who can't fight back. Coming down on those who are
ignorant with the object of educating them is one thing. Coming down
hard on those who are content to remain ignorant after having been
informed might also be acceptable, but taking advantage of someone
just because people happen to be ignorant of a vulnerability is the
very kind of exploitation that I hear people railing against on this
list all the time. Perhaps it's not on as grand a scale as some of
those conversations, but the principle is the same. Call me
old-fashioned if you want to, but the fact that someone is not aware
of a vulnerability, or doesn't understand it, doesn't grant anybody
else some special right to take advantage of them just because they
can. I realize this is done all the time, but that doesn't make it
right or something to be strived for.
RD
And what of the manufacturers of the WAP?! *They* are not ignorant of
the need of securing access. Are they? We, in the Linux community,
have railed on and on against MicroSift® about leaving security wide
open by default, and yet not one person in this thread has thought to
spotlight the WAP makers?
Red Hat 5 (IIRC) had needless services turned on by default. Screaming
from the Linux community got them to correct this. Now, you *can* turn
on needless services, but the default is now much more sane.
Perhaps the WAP makers should get an earful?
--
Ralph
--------------------
There is no security without privacy. And liberty requires both security
and privacy.
--Bruce Schneier
--
[email protected]
http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
