Wi-Fi security? Don't need it!
2008-01-10 05:13 pm![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
mdlbearSecurity expert Bruce Schneier, in a Wired article titled Steal This Wi-Fi, writes
It's very simple, really: everything wireless is treated as "outside the firewall" as far as anything inside, on the wired network, is concerned. It's behind a router that blocks outgoing port 25 (SMTP) to make life hard on drive-by spammers; everything else is open going out. Coming in from the big, bad Internet, nothing gets through except http, dns, and ssh. And from there to my wired network nothing gets in except http, dns, ssh, and ipp (so people can print, as long as they know the URL of one my printers). That's it.
Whenever I talk or write about my own security setup, the one thing that surprises people -- and attracts the most criticism -- is the fact that I run an open wireless network at home. There's no password. There's no encryption. Anyone with wireless capability who can see my network can use it to access the internet.He then goes on to explain why it isn't dangerous. I found it from this Techdirt post, but it's really nothing new: I've had an open access point at the Starport ever since I installed it.
To me, it's basic politeness. Providing internet access to guests is kind of like providing heat and electricity, or a hot cup of tea. But to some observers, it's both wrong and dangerous.
It's very simple, really: everything wireless is treated as "outside the firewall" as far as anything inside, on the wired network, is concerned. It's behind a router that blocks outgoing port 25 (SMTP) to make life hard on drive-by spammers; everything else is open going out. Coming in from the big, bad Internet, nothing gets through except http, dns, and ssh. And from there to my wired network nothing gets in except http, dns, ssh, and ipp (so people can print, as long as they know the URL of one my printers). That's it.