[Novalug] wireless available at meetings?

Peter Larsen plarsen@famlarsen.homelinux.com
Tue Jan 16 16:14:00 EST 2007


Theodore Ruegsegger wrote:
> Peter asked:
>> Hmmm - what's the difference [between the forbidden wireless access
>> and the permitted wired access]? We're still using their network??
> 
> With wireless:
> 
> * It's hard to tell who is using it; perhaps a bad 'un out in the
>   parking lot might connect...

If the key is dedicated for our use, or just guest use - it doesn't 
really matter? It would be a separate segment isolated from the core 
corporate network? All we would get would be (limited) internet access? 
  And with a key, no random person at the outside would be invited inside?

> * There's an explicit order forbidding it. Exceptions require
>   approvals by strangers who have no reason to say yes.

I wasn't trying to suggest that we should violate the policy. By no 
means. But I was trying to understand why there is a difference 
accessing the network through a wire or through the air.

> With wired:
> 
> * We can observe/control who uses it, namely, the NOVALUG attendees in
>   the auditorium.

1) We're not monitoring what each individual does. He could be 
innocently surfing or trying to hack internal resources.
2) Any PC attached might already act as gateway and allow other people 
in, either via the net or via an open "Free Wifi" service. Just because 
you can see the physical PC doesn't mean you can see the traffic 
generated by each node.

> * There's no explicit order forbidding it, and my buddies in network
>   admin are ok with it. No strangers involved.

Got it; as long as nobody knows they won't get worried. I agree with 
you, no reason to rock the boat here. However, what we're basically 
saying is, that we're utilizing a "security hole" or oversight; but not 
abusing it. If that makes sense?

> ps. The fact that at least one computer in the building is infected
> with a virus/worm offering "Free WiFi", as Greg discovered at a recent
> meeting, doesn't mean CSC's ok with it ;-)

Yeah - as a matter of fact, I'm seeing those at work too :( However, 
adding a "free wifi" to a wired network, just makes that PC act as a 
gateway?? So we're really not that secure.

> pps. I'm not saying your argument is wrong, just that reasoned
> argument doesn't persuade suits. We're talking security theater here;
> after all, the standard CSC platform is still Windows!

Fully understood. I for one, really appreciate the use of the top-nudge 
facilities! I would however want to question the need to surf, while 
attending a presentation ... it doesn't seem very polite not to pay 
attention to the presenter.

> ppps. Just to show they're not completely stupid, there's also an
> explicit order that says any machine connecting to a CSC network must
> first be certified malware-free by IT but, when pressed, they'll
> acknowledge that that doesn't apply to GNU/Linux machines.

<irony>Don't you know that all us Linux-geeks are just hackers in 
disguise?? That's implicitly all we want to do - produce malware and 
hack other people's computers!</irony>

Regards
   Peter Larsen




More information about the Novalug mailing list