[CWN-Summit] The quotable Michael Oh

Kari Gray kari at commonassets.org
Thu Dec 16 12:55:17 CST 2004 

I think we may have found the "message" for our campaign: "they're much
more secure than you think they are, so [it's possible] they're also a
lot sneakier."

:0

Kari Gray
Common Assets
375 Alabama Street #490
San Francisco, CA  94110
(415) 241-2515 T/Th
(415) 786-9935 cel

www.Watermap.org


-----Original Message-----
From: cwn-summit-bounces at lists.cuwireless.net
[mailto:cwn-summit-bounces at lists.cuwireless.net] On Behalf Of
cwn-summit-request at lists.cuwireless.net
Sent: Thursday, December 16, 2004 10:01 AM
To: cwn-summit at lists.cuwireless.net
Subject: CWN-Summit Digest, Vol 5, Issue 3

Send CWN-Summit mailing list submissions to
	cwn-summit at lists.cuwireless.net

To subscribe or unsubscribe via the World Wide Web, visit
	http://lists.cu.groogroo.com/cgi-bin/listinfo/cwn-summit
or, via email, send a message with subject or body 'help' to
	cwn-summit-request at lists.cuwireless.net

You can reach the person managing the list at
	cwn-summit-owner at lists.cuwireless.net

When replying, please edit your Subject line so it is more specific
than "Re: Contents of CWN-Summit digest..."


Today's Topics:

   1. Re: CWN-Summit Digest, Vol 5, Issue 2 (Michael Oh)
   2. Re: Re: CWN-Summit Digest, Vol 5, Issue 2 (Sascha Meinrath)


----------------------------------------------------------------------

Message: 1
Date: Wed, 15 Dec 2004 13:13:59 -0500
From: Michael Oh <oh at techsuperpowers.com>
Subject: [CWN-Summit] Re: CWN-Summit Digest, Vol 5, Issue 2
To: cwn-summit at lists.cuwireless.net
Message-ID: <1772AA3D-4EC5-11D9-A625-000A95CD64A2 at techsuperpowers.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed

> Could Tmobile be doing something sinister here?  Have any of you come 
> across similar stories in your cities?
>
> Steveg
> Tremont Wifi Neighborhood

Something similar, but not directly related.  There was a time that 
Starbucks had APs that would allow you to ping the broadcast address 
and then find others on the network, presumably allowing you to file 
share and things, etc.

Recently (i.e. in the last few months), Starbucks has increased their 
security to include 802.1x as well, which I suspect means either new 
APs or new firmware on their boxes.  At the same time, it looks like 
they do some sort of blocking between wireless connections, so that 
even if you know the other person's IP on wireless, you can't do 
anything - no file sharing, pinging, nothing.  Sorry, guys, no more 
file sharing at Starbucks.

[As a side note, the reason that we found this out was for a TV spot 
where they wanted us to prove that Starbucks was just as insecure as 
other networks.  Imagine our embarrassment.  Luckily, it made for bad 
TV, so that section went on the cutting room floor.]

It's possible that they're using enterprise technologies that do 
"block" other APs - a la Airespace (I'm not sure how they do it), but I 
would think it would be unlikely for you to even attach to an AP if 
that was the case.

Short story: they're much more secure than you think they are, so it's 
possible they're also a lot sneakier.

Mike

-------
Tech Superpowers, Inc. - "Technology for GeniusR"
252 Newbury Street
Boston, MA 02116

[Phone]   (617) 267-9716   [Email]     oh at techsuperpowers.com
[Fax]     (617) 267-8927   [Email 911] pageoh at techsuperpowers.com
[Pager]   (888) 377-9591   [Web]       http://www.techsuperpowers.com

[PSST!] Get our monthly e-mail newsletter - 
http://www.techsuperpowers.com/TQ



------------------------------

Message: 2
Date: Wed, 15 Dec 2004 13:47:11 -0600 (CST)
From: Sascha Meinrath <sascha at ucimc.org>
Subject: Re: [CWN-Summit] Re: CWN-Summit Digest, Vol 5, Issue 2
To: National Summit on Community Wireless Networking Participant
	E-mail List	<cwn-summit at lists.cuwireless.net>
Message-ID: <Pine.LNX.4.61.0412151342580.25187 at imsahp.cu.groogroo.com>
Content-Type: text/plain; charset="iso-8859-1"

This is a really sad development.  Basically, it's an artificial
limiting 
of the resources that would otherwise be available to network users. 
Basically eliminating the LAN aspects of a WAP.  Seems rather foolhardy
to 
me, but then again, the whole pay-for-access business model is pretty 
silly.

But it is strange that Starbucks wants to shoot itself in the other foot

-- spending time and money to make the service _less_ useful to
customers.

--Sascha

On Wed, 15 Dec 2004, Michael Oh wrote:

>> Could Tmobile be doing something sinister here?  Have any of you come

>> across similar stories in your cities?
>> 
>> Steveg
>> Tremont Wifi Neighborhood
>
> Something similar, but not directly related.  There was a time that
Starbucks 
> had APs that would allow you to ping the broadcast address and then
find 
> others on the network, presumably allowing you to file share and
things, etc.
>
> Recently (i.e. in the last few months), Starbucks has increased their 
> security to include 802.1x as well, which I suspect means either new
APs or 
> new firmware on their boxes.  At the same time, it looks like they do
some 
> sort of blocking between wireless connections, so that even if you
know the 
> other person's IP on wireless, you can't do anything - no file
sharing, 
> pinging, nothing.  Sorry, guys, no more file sharing at Starbucks.
>
> [As a side note, the reason that we found this out was for a TV spot
where 
> they wanted us to prove that Starbucks was just as insecure as other 
> networks.  Imagine our embarrassment.  Luckily, it made for bad TV, so
that 
> section went on the cutting room floor.]
>
> It's possible that they're using enterprise technologies that do
"block" 
> other APs - a la Airespace (I'm not sure how they do it), but I would
think 
> it would be unlikely for you to even attach to an AP if that was the
case.
>
> Short story: they're much more secure than you think they are, so it's

> possible they're also a lot sneakier.
>
> Mike
>
> -------
> Tech Superpowers, Inc. - "Technology for GeniusR"
> 252 Newbury Street
> Boston, MA 02116
>
> [Phone]   (617) 267-9716   [Email]     oh at techsuperpowers.com
> [Fax]     (617) 267-8927   [Email 911] pageoh at techsuperpowers.com
> [Pager]   (888) 377-9591   [Web]       http://www.techsuperpowers.com
>
> [PSST!] Get our monthly e-mail newsletter -
http://www.techsuperpowers.com/TQ
>
> _______________________________________________
> CWN-Summit mailing list
> CWN-Summit at lists.cuwireless.net
> http://lists.cu.groogroo.com/cgi-bin/listinfo/cwn-summit
>

-- 
Sascha Meinrath
President                 *   Project Coordinator   *   Policy Analyst
Acorn Worker Collective  ***  CU Wireless Network  ***  Free Press
www.acorncollective.com   *   www.cuwireless.net    *
www.freepress.net


------------------------------

_______________________________________________
CWN-Summit mailing list
CWN-Summit at lists.cuwireless.net
http://lists.cu.groogroo.com/cgi-bin/listinfo/cwn-summit
http://www.communitywirelesssummit.org  
http://www.cuwireless.net

End of CWN-Summit Digest, Vol 5, Issue 3
****************************************

More information about the CWN-Summit mailing list