Vulnerability Development mailing list archives
Re: Wlan @ bestbuy is cleartext?
From: Jonathan Bloomquist <bocasolutions () yahoo com>
Date: Wed, 1 May 2002 18:21:23 -0700 (PDT)
--- Ron DuFresne <dufresne () winternet com> wrote: -- snip --
And I know alot of the discussion here so far has been directed at Best Buy and others that have rolledout insecured wireless inplmementations, and with some right to be not only shocked at these toys being placed as they are into use by the companies in question.
-- snip --
But, if we are going to direct efforts at blame and how to make such toys as semi-secure as we can at present, let's make sure we point fingers at those ultimately responsible for unsafe open default configurations and hiding information deep in CDROMS from the endusers attention about how to attempt to semi-secure these toys, the vendors, Lucent, Cisco, and the others pushing out wireless capabile toys without safe default configurations to begin with.
-- snip -- Fair enough. But there is a difference between home users and corporate users. Home users want sexy hardware and they want it now. Vendors can hardly be blamed for selling products when a market exists and it is hardly in their best interest to say, "Here it is but it may not be a good idea to use it if you like to keep your data secure." Corporate IT staff are paid to know better than to put insecure technology into production and they need to be held accountable if they make such a boneheaded move.
Now, rather then hint at and push excerpts from, lets just be done with it and push our venture to warn of the problems out to the public now, folks are just not alarmed enough to do the research and fear these toys being deployed in their environments even after the work of many we reference and site in this paper which follows the original post prompting it's release here:
I agree; how better to educate/scare people into researching their decisions than by media attention. This is another argument for full disclosure - let 'em see what can happen and they might sit up and take notice. __________________________________________________ Do You Yahoo!? Yahoo! Health - your guide to health and wellness http://health.yahoo.com
Current thread:
- Re: XP Screen Saver password uses Old password until logout or New one is used. hellNbak (Apr 30)
- Re: XP Screen Saver password uses Old password until logout or Newone is used. Meritt James (Apr 30)