[wplug] Wi-Fi Mapping in the Press

Drew from Zhrodague drew at zhrodague.net
Fri Feb 18 15:43:29 EST 2005 

> I would say the cost is more then just bandwidth, it would be legel
> costs, how will a bussness respond when the polic come asking questions
> about the illegel activitys that has taken place on thier network.
> Right now the easiest way to track who did what is the Mac address, so
> eather the company will have to track those by having the users register
> (more cost) or should we have a national database of Mac address for all
> wireless cards?  If I was a bussness I would not want to face those
> costs.  Time, Resources, Money, and Human.

    This is true. When I interviewed FBI Agent Tom Grasso at the NCFTA, the
concern over security was more towards accountability. If you have a
business with an El Cheapo hotspot (dsl modem + ap only), there probably
isn't going to be much in the way of accounting. People in the store
surfing, and parked outside downloading kiddie porn are going to look the
same, traffic wise. However, when someone is determined to be committing
crimes, and the traffic is coming from your network, it makes sense to at
least log MACs and times, so you can at least point the nice agents away
from your business.

    Some of us know how to change a MAC address in an ethernet card, but the
majority of people with wireless technologies will not know how to do this,
and won't bother. These MACs can at least be assumed to be unique. Simply
using the syslog feature of (some) APs should be sufficient for
accountability. Most APs (and residential gateways) will have a logging
feature.

    It's a neat idea to have a database of MACs, and who owns them, but
that's kindof a privacy issue, at least for us -- we make sure not to
display MACs on WiFiMaps.com -- just the SSID names. We do allow users to
search for their MAC, of course...

    The best option is the way Telerama does things, imho -- DSL modem, APs,
and a box to do authentication and accounting. No, you don't need 15
machines running Windows Server 666 -- a simple 133Mhz box from a junkyard
is actually quite sufficient. More information on Telerama's setup at
Soba/Umi is available here: http://tv.seattlewireless.net

More information about the wplug mailing list