[GRLUG] MIFI Choices
Adam Tauno Williams
awilliam at whitemice.org
Thu May 26 06:12:50 EDT 2011
On Wed, 2011-05-25 at 19:34 -0400, Mike Williams wrote:
> I haven't heard anything about it in a while, but there was a proposed
> "Internet Safety Act" a couple of years ago that would require anyone
> that offers public Internet access has to keep two years of logs that
> could be used to identify the person behind a temporary IP address. This
> is a ridiculous amount of record-keeping for a small organization and
> would make Comcast's proposal completely impractical. Unless they're
> monitoring and recording everything at their end, which is an even more
> disturbing prospect!
They do, I assure you. It really isn't that hard. RADIUS server's will
log the association information to a database if the wireless network is
secured; otherwise WAPs can communicate, and do, via either SNMP traps
or just syslog messages when they acquire a new association - then your
NMS just records this information. It is pretty much
works-out-of-the-box for wireless hardware.
> Honestly, I don't see what it would accomplish anyway. Unless you
> require everyone to log in with a unique certificate, the most you're
> going to get is a wireless MAC address, and those can easily be faked.
I've had this conversation with law enforcement.
I accomplishes quite a lot; because something can be easily faked
doesn't mean it is. If it can lead you back to a computer then the
computer can be inspected forensically - *you* may know what you are
doing and wipe data, etc... that places you in a very very very small
group of people. The *vast* majority of brains walking aren't aware of
the concept of a MAC address or wireless association. It's just magick.
No matter how many times people see something on CSI:Toledo they don't
make the connection.
> Wireshark depends a bit on the encryption used. With anything less than
> WPA2 it behaves as you described, and two computers connected to the
> same access point with the same password can "see" each other's traffic.
> If you use WPA2, even with a known initial passcode, the encryption keys
> negotiated for each connection are unique. You can still, in theory,
> reverse the initial conversation and get the key, but it's much harder.
The encryption of the wireless network is irrelevant. If you are the
wireless provider [either using your own MIFI device, home WAP, or you
are Comcast] then you just watch the traffic upstream. Most traffic,
especially social-media crap, is not encrypted. And sharing of a WAP is
usually, for obvious reason, performed by operating it in the Open.
On the other hand: using an Open wireless network is itself perfectly
safe - just encrypt your traffic end-to-end like should always be
happening anyway. I've always been puzzled about the wailing and
gnashing of teach about bad wireless encryption: encrypt the *data* and
trust no connection - because the upstream network [the Internet!] is an
Open network.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: <http://shinobu.grlug.org/pipermail/grlug/attachments/20110526/1a2e78cf/attachment.pgp>
More information about the grlug
mailing list