Aces High Bulletin Board
General Forums => The O' Club => Topic started by: 1K3 on December 08, 2007, 03:05:00 AM
-
Read here - S.A.F.E. Act of 2007
http://www.profy.com/2007/12/07/us-house-passes-safe-act/
http://www.news.com/8301-13578_3-9829759-38.html
If you have friends or relatives that have OPEN WI-FI, tell them to secure it right away. For some of you, SAFE Act may change they way you surf on the internet in public places.
-
This is the stupidest thing I've read all week.
-
yep, and Ron Paul agrees with you:aok
-
And after that, the govt will probabally access encrypted Wi-FI networks to make sure your being a "good boy"
Just plain BS
-
Wow, read the C-Net article. (News.Com)
They really snuck this one in.
I'm all for protecting kids and stuff. But they are expecting ISPs and large web hosts to play policeman for them.
Our Nanny Government in action with more feel-good laws. Note in the article that such requirements are already in existance to a varying degree.
-
I guess freedom of speech is no longer effective anymore then?
While I'm all for protection of minors, who gets to decide what is "offensive"?
-
It will be impossible to enforce.
-
That depends, we may get gangs of bible belting WiFi vigilantes scouring unsecured networks for anything they think is offensive then calling the police.
:noid
-
Do they even have a clue to what they are doing?
-
Originally posted by Heater
Do they even have a clue to what they are doing?
\
No, not a single one.
-
Originally posted by SD67
That depends, we may get gangs of bible belting WiFi vigilantes scouring unsecured networks for anything they think is offensive then calling the police.
:noid
This may encourage citizens snitching on other citizens. .Gov is encouraging citizens to do what I think is "dirty work".
This is clearly Soviet-style lifestyle and isn't it the reason why USA feared Soviets?;)
-
For the record, I am opposed to government intrusion into all citizens privacy but I just read the bill and I think the article referenced missed the focus of this bill. It's about reporting "knowledge" of illegal activity. Not about preventing it or even watching for it.
`(a) Duty To Report-
`(1) IN GENERAL- Whoever, while engaged in providing an electronic communication service or a remote computing service to the public through a facility or means of interstate or foreign commerce, obtains actual knowledge of any facts or circumstances described in paragraph (2) shall, as soon as reasonably possible--
`(A) complete and maintain with current information a registration with the CyberTipline of the National Center for Missing and Exploited Children, or any successor to the CyberTipline operated by such center, by providing the mailing address, telephone number, facsimile number, electronic mail address of, and individual point of contact for, such electronic communication service provider or remote computing service provider; and
`(B) make a report of such facts or circumstances to the CyberTipline, or any successor to the CyberTipline operated by such center.
-
Originally posted by 1K3
This may encourage citizens snitching on other citizens. .Gov is encouraging citizens to do what I think is "dirty work".
This is clearly Soviet-style lifestyle and isn't it the reason why USA feared Soviets?;)
A couple of thoughts...
Should people secure their wireless networks? IMHO hell yeah.
What would you do if you say had a next door neighbour who was sharing folders on his wifi network that contained porn, and you had kids?
-
Originally posted by AKIron
For the record, I am opposed to government intrusion into all citizens privacy but I just read the bill and I think the article referenced missed the focus of this bill. It's about reporting "knowledge" of illegal activity. Not about preventing it or even watching for it.
snip
Yeah, that was my take, too. What's more, in addition to the example Vulcan cited, what about an ISP that knew one of their subscribers was distributing child porn and remained silent? Why wouldn't we see that as "aiding and abetting"?
Is there some gray area here with room for abuse? I'd say yes. But I already trust the government to have its agents carry guns and have the power to restrain/remove people. I'd say this bears constant scrutiny, but that used properly its a good thing.
I don't see what the comment about prudes cruising looking for hotspots is getting at. That could happen already, and under this law they'd simply be providing information about what they see, not what anyone knows about that.
-
What I was getting at was it's a justification for invasion of privacy.
Now my network is secured (encrypted) but that does not mean it's not hackable. There is no such thing as a 100% secure network that isn't switched off and unplugged.
Now I don't want some do gooder hacking into my network, and then reporting me because I happen to have some pron there. None of it is anything illegal, but some would find it offensive, just as some find ankles and faces offensive.
What I was getting at is where is the line drawn between duty to report and invasion of privacy?
Where does freedom of speech fit in with file sharing and this new legislation?
-
Originally posted by SD67
There is no such thing as a 100% secure network that isn't switched off and unplugged.
Rubbish.
-
gotta bite on this one. Vulcan what is the example of the secure unhackable network you have in mind.
-
Originally posted by Maverick
gotta bite on this one. Vulcan what is the example of the secure unhackable network you have in mind.
For Wifi? Either via an IPSECVPN Client (3DES ro 256AES), SSL VPN Client, or WPA2-PEAP.
-
Scary times.
-
Originally posted by SD67
What I was getting at was it's a justification for invasion of privacy.
Now my network is secured (encrypted) but that does not mean it's not hackable. There is no such thing as a 100% secure network that isn't switched off and unplugged.
Now I don't want some do gooder hacking into my network, and then reporting me because I happen to have some pron there. None of it is anything illegal, but some would find it offensive, just as some find ankles and faces offensive.
What I was getting at is where is the line drawn between duty to report and invasion of privacy?
Where does freedom of speech fit in with file sharing and this new legislation?
I have to repeat that if you guys try teaching us "democracy" and it's an example - then I am all for totalitarism.
This is absolutely insane, the very concept of "guilt" is wasted completely. This is why I always insist that Orwell's 1984 was written about Western society.
Vulcan, every network is insecure. At least it can be "hacked" using thermo-rectal cryptoanalysis.
-
Originally posted by Vulcan
For Wifi? Either via an IPSECVPN Client (3DES ro 256AES), SSL VPN Client, or WPA2-PEAP.
(http://forum.dur-dom.net/files/passwordrecovery1df_937.jpg)
-
Originally posted by Vulcan
For Wifi? Either via an IPSECVPN Client (3DES ro 256AES), SSL VPN Client, or WPA2-PEAP.
What makes you think anything devised by man cannot be hacked by another?
-
In addition to encryption, you should use MAC address exclusion and only allow devices you know. That makes it a tough nut to crack.
-
Originally posted by Maverick
What makes you think anything devised by man cannot be hacked by another?
Because the computing power required to crack a 3DES/AES encrypted session is greater than the password rollover time.
-
This is the reason why We the People need to keep a close watch ourselves on Government...
The internet has been driving the government crazy for years because it is humankind's worldwide network, not the Government's network.
If I ever see child pornography, on the internet or elsewhere, I will call the police as we all should.
But... government monitoring of all internet traffic in hope's of catching something is not the way to go and just pushes the door open wider for more and more of government's disintegration of the privacy, thus liberty, of We the People.
We the People are not “suspects”; individuals meriting closer watch by virtue of legally defined reasonable suspicion are suspects.
TIGERESS
-
Originally posted by Vulcan
Because the computing power required to crack a 3DES/AES encrypted session is greater than the password rollover time.
See a picture above. Thermo-rectal cryptoanalisys brings you the result quite fast regardless to the password length.
-
Originally posted by Boroda
See a picture above. Thermo-rectal cryptoanalisys brings you the result quite fast regardless to the password length.
social engineering != hacking :) (though it is far more effective imho). Have you read Mitnicks book Art of Deception?
p.s I could always add tokens or one time passwords (very easily too via an SSL VPN)
-
Originally posted by ChickenHawk
In addition to encryption, you should use MAC address exclusion and only allow devices you know. That makes it a tough nut to crack.
A MAC address is very easy to emulate.
-
Originally posted by Vulcan
social engineering != hacking :) (though it is far more effective imho). Have you read Mitnicks book Art of Deception?
p.s I could always add tokens or one time passwords (very easily too via an SSL VPN)
I am a bearded hippie equipped with a 1L beer can. I fix and reboot my neighbors Wi-Fi APs. 5 or 6 APs inside my reach, one of them at least 1km away in Northern River Port.
Biggest problem so far was getting a manufacturer's ID in Netstumbler and DLing an AP user manual to read a default access password. Usually I immediately change the default pwd so proud AP owners won't break anything down. Now call me a criminal. I don't care :)
-
Ahhh well I've been playing with Virtual APs, my real network secured via WPA2-PEAP and an 'open' network unsecured which redirects any access attempts to a goatse style page :) (for people like yourself)
-
Originally posted by Vulcan
Ahhh well I've been playing with Virtual APs, my real network secured via WPA2-PEAP and an 'open' network unsecured which redirects any access attempts to a goatse style page :) (for people like yourself)
I suppose you don't need anyone else to reboot your AP just because the internet connection got jammed ;)
I use plain WEP because my laptop doesn't support WPA. I got nothing to conceal. Anyway there are no people to "hack" into my system here. Just 5-6 AP owners, all computer-illiterate, and 2-3 boys with PSPs.
-
Originally posted by Boroda
I suppose you don't need anyone else to reboot your AP just because the internet connection got jammed ;)
err no. My internet doesn't get jammed? Unless you're talking about frame floods, null probes, broadcast dauths, packet floods etc which my AP detects and defends against.
-
Originally posted by Vipermann
A MAC address is very easy to emulate.
True but you have to figure out which MAC address to emulate.
-
That's not so hard, all you need to do is intercept the transmission from a client device. The MAC address is transmitted :)
-
Originally posted by Vulcan
err no. My internet doesn't get jammed? Unless you're talking about frame floods, null probes, broadcast dauths, packet floods etc which my AP detects and defends against.
AP is a computer with a built-in web server ;) Anything that has some interactive features may hang, crash or jam.
There's noting that can't be broken, crashed or spoiled. It's the most important thing I have learned after 4 years studying to be a weapon engineer (conventional warheads).
-
Originally posted by Boroda
AP is a computer with a built-in web server ;) Anything that has some interactive features may hang, crash or jam.
There's noting that can't be broken, crashed or spoiled. It's the most important thing I have learned after 4 years studying to be a weapon engineer (conventional warheads).
Uh huh, wel you're welcome to try :) .
-
Originally posted by SD67
That's not so hard, all you need to do is intercept the transmission from a client device. The MAC address is transmitted :)
True, I was thinking that the MAC addr was encrypted but of course it can't be on the first network.
-
Originally posted by Vulcan
Ahhh well I've been playing with Virtual APs, my real network secured via WPA2-PEAP and an 'open' network unsecured which redirects any access attempts to a goatse style page :) (for people like yourself)
Thats just wrong :rofl