tag:blogger.com,1999:blog-3798604115389836864.post8788616290134925493..comments2024-03-13T13:04:53.453+00:00Comments on IT Security Expert Blog: UK WiFi Theft is RifeSecurityExperthttp://www.blogger.com/profile/02816379340772195492noreply@blogger.comBlogger7125tag:blogger.com,1999:blog-3798604115389836864.post-90761653493917827582008-09-02T00:47:00.000+01:002008-09-02T00:47:00.000+01:00Unless you know what you are doing, open Wifi usua...Unless you know what you are doing, open Wifi usually does mean your PC/internal network is vulnerable. Once connected to the wifi network, all I need to do is run a packet sniffer like WireShark, I can intercept data packets over peroid of time, doing stuff like reading all your Email, and obtaining all sorts of information, like the websites you visit, and even your webmail user name and passwords...tis dead easy, and it doesn't matter what you "secure" on your router or computer, unless you DMZ your internal network.<BR/><BR/>If you are giving access to all this for free and knowingly, does thi smean it can't be illegal to do these things?<BR/><BR/>Oh open wifi is great for downloading - errh lets say not so legit movies, games and music, cos it can't be traced back, only the owner of wifi internet is prosecuted and fined, as that where its registered.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-3798604115389836864.post-44080837385566341252008-08-31T15:32:00.000+01:002008-08-31T15:32:00.000+01:00I leave a WiFi access point open and I want people...I leave a WiFi access point open and I want people to use it. People connecting to it are not doing anything illegal under UK law. I also access open networks, and have no intent to access the service dishonestly. I am assuming they have also deliberately left their access pojnt open. Its allowed under UK law.<BR/><BR/>Re stopping people doing evil things, its not my job to control access to the internet or try to police UK laws.<BR/><BR/>The ISP terms and conditions have nothing to do with the legality of accessing an open network. Thats a totally separate issue and not relevant to the question of legality of accessing an open network.<BR/><BR/>Allowing access to your network doesn't necessarily mean allowing access to computers on your network. I secure my LAN both at the router and individual computer level, while giving access to the internet for others.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-3798604115389836864.post-69862549901003327622008-01-18T14:56:00.000+00:002008-01-18T14:56:00.000+00:00As far as I know, there have been no successful pr...As far as I know, there have been no successful prosectutions, only cautions - why? where is the loophole?Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-3798604115389836864.post-34934464415606436222008-01-11T11:31:00.000+00:002008-01-11T11:31:00.000+00:00If you are providing WiFi to customers for Free, t...If you are providing WiFi to customers for Free, then there is no payment to be avoided, so the law doesn't apply in the instance.<BR/><BR/>Also you should double check your broadband contract, as the majority of domestic broadband connections has a clause in the contract that says you cannot share your broadband outside your household.<BR/><BR/>Here's the one for Sky Broadband for instance...<BR/><BR/>"a) Sky Broadband is for private use by you and members of your household only. It must not be used for any commercial or business purpose."<BR/><BR/>If one of the customers were to do something "dodgy" through your provided WiFi it could all turn pretty sour.<BR/><BR/>I'd make sure you have a commerical broadband contract, isolate the Wifi from any other networks used by the business, and use good web filtering.SecurityExperthttps://www.blogger.com/profile/02816379340772195492noreply@blogger.comtag:blogger.com,1999:blog-3798604115389836864.post-19056604405419975712008-01-11T02:57:00.000+00:002008-01-11T02:57:00.000+00:00I'm no legal genius, but if I, as the hotspot oper...I'm no legal genius, but if I, as the hotspot operator, don't ask someone to pay to connect through me, how can someone be guilty of <BR/>"(b) does so with intent to avoid payment of a charge applicable to the provision of that service:<BR/>??Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-3798604115389836864.post-69017374393887150862007-11-27T22:00:00.000+00:002007-11-27T22:00:00.000+00:00Thanks for your post.Well actually our high street...Thanks for your post.<BR/><BR/>Well actually our high street banks now lead the way when it comes to information/data security, sure there are always going to be minor issues here and there with them, but rest assured banks are light years ahead of any government department. I doubt if we would ever see a breach by bank on the scale of TK Maxx or the HMRC in this day and age. Why, because the banks are protecting their own money. So if a bad guy obtains money from your bank account and it's soley down to bank systems and processes, it's the bank fault and the bank has to refund you, not to mention all the costs of investigating and administrating the incident which often costs more than amount stolen. So it really isn’t in any banks interest or business plan to have any holes in their security, there is no such driver at government agencies and departments like the HMRC.<BR/> <BR/>For many years now banks have been attacked from all angles imaginable, some of these attacks are very clever indeed. However these attacks have never been disclosed by any bank and none of their customers suffered any losses. So banks have learnt many lessons since that 1998 report and all invest heavily in information security and so have become a very hard target for the bad guys. The bad guys always go after the lowest hanging fruit, so target us and our bank accounts as an indirect way of accessing the bank’s money, which I suppose is the weakest part of any bank’s security. The HMRC missing data is just the stuff the bad guys are after to do this.<BR/><BR/>So I do have confidence with banks but I should stress no organisation or system can be ever be 100% secure, especially if there are humans involved!SecurityExperthttps://www.blogger.com/profile/02816379340772195492noreply@blogger.comtag:blogger.com,1999:blog-3798604115389836864.post-34707331508782256552007-11-27T15:00:00.000+00:002007-11-27T15:00:00.000+00:00I'd certainly like to know your thoughts on the fo...I'd certainly like to know your thoughts on the following article.<BR/><BR/>http://thebigretort.blogspot.com/2007/11/scandal-of-high-street-banks.html<BR/><BR/>It was uncovered in 1998, and it still goes on I'm sure.Anonymousnoreply@blogger.com