2011-04-28 17:05:28

by Luis R. Rodriguez

[permalink] [raw]
Subject: EFF's Open Wireless Movement - solutions for Linux 802.11 APs

The EFF announced an effort and desire to promote open wireless
networks instead of closed encrypted networks to help users with
connectivity. They have come up with some alternative proposals and
challenges which they are asking for review / help on. As far as Linux
is concerned I've started a wiki [2] to cover what we can do for
802.11 Linux based APs. Feel free to extend the wiki as you see fit
and / or subscribe for changes.

[1] https://www.eff.org/deeplinks/2011/04/open-wireless-movement
[2] http://wireless.kernel.org/en/developers/OpenWirelessMovement

Luis


2011-04-28 18:15:20

by Larry Finger

[permalink] [raw]
Subject: Re: EFF's Open Wireless Movement - solutions for Linux 802.11 APs

On 04/28/2011 12:05 PM, Luis R. Rodriguez wrote:
> The EFF announced an effort and desire to promote open wireless
> networks instead of closed encrypted networks to help users with
> connectivity. They have come up with some alternative proposals and
> challenges which they are asking for review / help on. As far as Linux
> is concerned I've started a wiki [2] to cover what we can do for
> 802.11 Linux based APs. Feel free to extend the wiki as you see fit
> and / or subscribe for changes.

There is no doubt that the EFF means well; however, there is one situation that
they seem to ignore. If any part of my AP is unencrypted and some outsider uses
it to download child pornography, the IP address in any server logs is mine. If
the authorities recover those logs as part of a criminal investigation and
investigate the clients, they will immediately come to me. How do I prove that I
am innocent of the porno charge and only guilty of being a good citizen and
providing wireless access to the public? I do not relish the thought of becoming
a registered sex offender.

Of course, I could add a strong web filter to my Internet access, but that is an
expense in time and money that I would prefer to avoid as only my wife and I use
the connection. I trust her, and I think she trusts me.

Yes, my WPA2 link is not completely secure, but my 28-character, non-dictionary
pass phrase is hard to crack.

Larry

2011-04-28 18:50:31

by David H. Lynch Jr.

[permalink] [raw]
Subject: Re: EFF's Open Wireless Movement - solutions for Linux 802.11 APs

On Thu, 2011-04-28 at 13:15 -0500, Larry Finger wrote:

> There is no doubt that the EFF means well; however, there is one situation that
> they seem to ignore. If any part of my AP is unencrypted and some outsider uses
> it to download child pornography, the IP address in any server logs is mine. If
> the authorities recover those logs as part of a criminal investigation and
> investigate the clients, they will immediately come to me. How do I prove that I
> am innocent of the porno charge and only guilty of being a good citizen and
> providing wireless access to the public? I do not relish the thought of becoming
> a registered sex offender.

If your WiFi is secured and someone cracks it - something that is
fairly easy, and particularly easy for someone engaging in activities
they do not wish to have traced back to them, now you are in a far worse
state.
Regardless of the technical realities, the defense of "somebody else
downloaded child porn through my unsecured access point" has a far
greater likelyhood of prevailing than that of "some evil doer cracked my
WPA2 key and used my access point to download child porn". It is
entirely possible that you will not even be allowed to present that
defense without proving that it actually occured.
My wife is a public defender handling criminal appeals. There is an
ever increasing number of "sex offender" cases, most of which are far
from the "child preditors" that we all fear. In many states urinating in
public - even hidden behind a tree at an outdoor event where no
facilites were provided could get you a conviction as a registered sex
offender.
We have been engaged in an argument that the risks associated with even
a secured access point - and the risk may actually be greater with a
secured one because the burden of proof shifts dramatically, is so great
that it overshadows the value of WiFi.


2011-04-29 10:50:21

by Gábor Stefanik

[permalink] [raw]
Subject: Re: EFF's Open Wireless Movement - solutions for Linux 802.11 APs

On Thu, Apr 28, 2011 at 7:05 PM, Luis R. Rodriguez <[email protected]> wrote:
> The EFF announced an effort and desire to promote open wireless
> networks instead of closed encrypted networks to help users with
> connectivity. They have come up with some alternative proposals and
> challenges which they are asking for review / help on. As far as Linux
> is concerned I've started a wiki [2] to cover what we can do for
> 802.11 Linux based APs. Feel free to extend the wiki as you see fit
> and / or subscribe for changes.
>
> [1] https://www.eff.org/deeplinks/2011/04/open-wireless-movement
> [2] http://wireless.kernel.org/en/developers/OpenWirelessMovement
>
> ?Luis
> --
> To unsubscribe from this list: send the line "unsubscribe linux-wireless" in
> the body of a message to [email protected]
> More majordomo info at ?http://vger.kernel.org/majordomo-info.html
>

While everyone seems to be talking about people abusing your open
networks to download child porn, there is another issue: on an open
network, not only can everyone connect - any user can also snoop on,
and/or inject fake data into, any other user's communication.
The solution could be creating a modified version of WPA that does
encryption, but not authentication (i.e. lets anyone join the network,
but prevents one user from snooping on another one).

--
Vista: [V]iruses, [I]ntruders, [S]pyware, [T]rojans and [A]dware. :-)

2011-04-29 17:29:31

by Henry Ptasinski

[permalink] [raw]
Subject: Re: EFF's Open Wireless Movement - solutions for Linux 802.11 APs

On Thu, Apr 28, 2011 at 10:05:08AM -0700, Luis R. Rodriguez wrote:
> The EFF announced an effort and desire to promote open wireless
> networks instead of closed encrypted networks to help users with
> connectivity. They have come up with some alternative proposals and
> challenges which they are asking for review / help on. As far as Linux
> is concerned I've started a wiki [2] to cover what we can do for
> 802.11 Linux based APs. Feel free to extend the wiki as you see fit
> and / or subscribe for changes.
>
> [1] https://www.eff.org/deeplinks/2011/04/open-wireless-movement
> [2] http://wireless.kernel.org/en/developers/OpenWirelessMovement


The Wi-Fi Alliance currently has a Hotspot program in development:

http://www.wi-fi.org/news_articles.php?news_id=1048

While it's mainly targeted at service providers, it seem likely that much of
the work could be leveraged if you consider the "service provider" in this case
to be a loosly-coordinated group of people willing to make their APs available
for public use.

- Henry



2011-07-27 21:57:50

by Luis R. Rodriguez

[permalink] [raw]
Subject: Re: EFF's Open Wireless Movement - solutions for Linux 802.11 APs

Thanks for all the feedback, the EFF has now created a tech mailing
list to help with this effort. If interested please subscribe:

http://lists.openwireless.org/mailman/listinfo/tech

In case your loose the URL I've stashed it on the wireless kernel wiki as well:

http://wireless.kernel.org/en/developers/OpenWirelessMovement

Luis