headers
John Kibuuka | 6 Sep 2008 19:23
Picon

Reminder to connect with John Kibuuka

Connect with me on Ecademy

I'd like to invite you to be part of my Ecademy network.

I use Ecademy to manage my professional contacts, share knowledge and market my business. Take a look - it has paid off for me.

* Click here to accept the invitation to join my network! *";

It's free to join Ecademy and it only takes a minute to sign up.

John Kibuuka
kjohnah <at> gmail.com
To avoid receiving these emails in the future just reply to invite-unsubscribe <at> ecademy.com
or go to http://www.ecademy.com/blockinvites.php?e=wsfii-discuss <at> lists.okfn.org
Email:support <at> ecademy.com Company Registration:3651083 VAT:718 0377 36
_______________________________________________
wsfii-discuss mailing list
wsfii-discuss <at> lists.okfn.org
http://lists.okfn.org/mailman/listinfo/wsfii-discuss
Permalink | Reply | 0 comments |
headers
Chris Wilson | 10 Sep 2008 00:49
Favicon
Gravatar

Google Broadband

Hi all,

According to FT and other sources, Google has announced their support for a new 
initiative called O3B to "bring internet access to 3bn people in Africa and 
other emerging markets by launching at least 16 satellites to bring its 
services to the unconnected" in 2010.

"They will... order 16 low-earth orbit satellites... as the first stage in a 
$750m project to connect mobile masts in a swath of countries within 45 degrees 
of the equator to fast broadband networks... the project could bring the cost 
of bandwidth in such markets down by 95 per cent."

I've written a critical review on on our new (personal) blog at:
http://tinderblog.wordpress.com/2008/09/09/google-broadband/
Please feel free to read more and comment there.

Ermanno Pietrosemoli commented: "I am very much excited about the 
possibility of using this transport technology in combination with 
community wireless access (WiFi extensions or even proprietary techniques) 
to provide a complete communication solution for developing countries at 
affordable cost, bypassing traditional carriers, provided that the 
frequency availability issue can be solved."

Thanks, Chris.
--

-- 
Aptivate | http://www.aptivate.org | Phone: +44 1223 760887
The Humanitarian Centre, Fenner's, Gresham Road, Cambridge CB1 2ES

Aptivate is a not-for-profit company registered in England and Wales
with company number 04980791.
Permalink | Reply | 2 comments |
headers
Mahabir Pun | 10 Sep 2008 03:47

Re: Google Broadband

Hello all;

I agree with Ermanno Pietrosemoli. I had been telling friends why
United Nations does not put a few satellites and provide connectivity
to narrow down the digital divide that Kofi Annan always used to talk.
If Google does that, that will be great I think. However, we need to
wait to see how cheaper their services will be. It is not free.

Mahabir

On Wed, Sep 10, 2008 at 4:34 AM, Chris Wilson <chris <at> aptivate.org> wrote:
> Hi all,
>
> According to FT and other sources, Google has announced their support for a new
> initiative called O3B to "bring internet access to 3bn people in Africa and
> other emerging markets by launching at least 16 satellites to bring its
> services to the unconnected" in 2010.
>
> "They will... order 16 low-earth orbit satellites... as the first stage in a
> $750m project to connect mobile masts in a swath of countries within 45 degrees
> of the equator to fast broadband networks... the project could bring the cost
> of bandwidth in such markets down by 95 per cent."
>
> I've written a critical review on on our new (personal) blog at:
> http://tinderblog.wordpress.com/2008/09/09/google-broadband/
> Please feel free to read more and comment there.
>
> Ermanno Pietrosemoli commented: "I am very much excited about the
> possibility of using this transport technology in combination with
> community wireless access (WiFi extensions or even proprietary techniques)
> to provide a complete communication solution for developing countries at
> affordable cost, bypassing traditional carriers, provided that the
> frequency availability issue can be solved."
>
> Thanks, Chris.
> --
> Aptivate | http://www.aptivate.org | Phone: +44 1223 760887
> The Humanitarian Centre, Fenner's, Gresham Road, Cambridge CB1 2ES
>
> Aptivate is a not-for-profit company registered in England and Wales
> with company number 04980791.
>
>
>
> _______________________________________________
> wsfii-discuss mailing list
> wsfii-discuss <at> lists.okfn.org
> http://lists.okfn.org/mailman/listinfo/wsfii-discuss
>
Permalink | Reply | 1 comment |
headers
Ramnarayan.K | 12 Sep 2008 17:48

Re: Google Broadband



On Wed, Sep 10, 2008 at 7:17 AM, Mahabir Pun <mahabir <at> himanchal.org> wrote:
Hello all;

I agree with Ermanno Pietrosemoli. I had been telling friends why
United Nations does not put a few satellites and provide connectivity
to narrow down the digital divide that Kofi Annan always used to talk.
If Google does that, that will be great I think. However, we need to
wait to see how cheaper their services will be. It is not free.

Apart from what restrictions Governments might decide to impose on how the connectivity happens - i.e. setting up of VSAT's etc.

ram
_______________________________________________
wsfii-discuss mailing list
wsfii-discuss <at> lists.okfn.org
http://lists.okfn.org/mailman/listinfo/wsfii-discuss
Permalink | Reply | 0 comments |
headers
Ramnarayan.K | 18 Sep 2008 05:07

Fwd: [india-gii] poor WiFi encryption a security risk

Hi

As many of you might be aware , in the recent few months wi-fi (specifically open and / or unsecure wifi networks) have got a lot of bad press becausesuch networks were used by terrorists to send emails before bomb blasts (in delhi / bangalore / ahmedadbad) So would be interested to hear what folks have to say.

am not an expert on w-ifi security but am wondering how difficult (and non traceable) would it be for a determined person using software that is readily available to take the next step i.e. break into a "secure" wi-fi network by listening in, capturing and analyszing  wi-fi data packets (which include login usernames and passwords) .

ram

---------- Forwarded message ----------
From: Arun Mehta <arun.mehta <at> gmail.com>
Date: Wed, Sep 17, 2008 at 12:08 PM
Subject: [india-gii] poor WiFi encryption a security risk
To: india-gii <at> lists.cpsr.org


should we, in our note, also point out that encrypting your WiFi
communication is illegal unless you give government your key? Any down
sides to making this argument?

Do our experts agree that 3g encryption levels, unlike gsm, are
acceptable, http://www.comp.brad.ac.uk/het-net/tutorials/P10.pdf ?

Arun

http://www.telecomtiger.com/fullstory.aspx?passfrom=breakingnews&storyid=3886

Wi-Fi services under scanner again as Militants again use Wi-Fi spot
to send email
TT Correspondent |  New Delhi |  14 Sep 2008

The Wi-Fi services in the country are certain to face tough times
ahead. First it was the Bangalore and Ahmedabad blasts where it was
found out that militants had claimed responsibility for the blasts
using an unsecured Wi-Fi connection of an American executive.

 Yesterday's Delhi blasts reveal that the same concept was used this
time as well. The Indian Mujahideen claimed responsibility for the
blasts using through an email sent through a unsecured Wi-Fi
connection of Ms Kamran Power Private Limited in Chembur, Mumbai.

These incidences have put a question mark on the security features of
Wi-Fi services.

While malls, commercial premises as well as Coffee shops are
increasingly offering these services, the same is being done with
little care for security aspects feel experts.

The scenario is only set to become more complex after entry of
wireless broadband services through WiMAX and data services through
3G, say observers.

While internet cafes have been brought under the purview of law
(atleast on papers) with identity cards and other details must before
using the service,  Wi-Fi services have come in handy for the
militants who now need to identify only an unsecured Wi-Fi connection
to send their message across to agencies without the fear of getting
traced.
____________________________________________________________
You received this message as a subscriber on the list:
    india-gii <at> lists.cpsr.org
To be removed from the list, send any message to:
    india-gii-unsubscribe <at> lists.cpsr.org

For all list information and functions, see:
    http://lists.cpsr.org/lists/info/india-gii

_______________________________________________
wsfii-discuss mailing list
wsfii-discuss <at> lists.okfn.org
http://lists.okfn.org/mailman/listinfo/wsfii-discuss
Permalink | Reply | 20 comments |
headers
wlanmac | 18 Sep 2008 06:49
Picon

Re: Fwd: [india-gii] poor WiFi encryption a security risk

It depends on what flavor of wireless security you are using. Though,
with so many open networks, I'm not sure it's worth going after the
secured networks unless the attacker it targeting someone specific.
Maybe terrorists are using the WiFi for it's convenience over sending
e-mails from hacked machines on the Internet :)

On Thu, 2008-09-18 at 08:37 +0530, Ramnarayan.K wrote:
> Hi
> 
> As many of you might be aware , in the recent few months wi-fi
> (specifically open and / or unsecure wifi networks) have got a lot of
> bad press becausesuch networks were used by terrorists to send emails
> before bomb blasts (in delhi / bangalore / ahmedadbad) So would be
> interested to hear what folks have to say.
> 
> am not an expert on w-ifi security but am wondering how difficult (and
> non traceable) would it be for a determined person using software that
> is readily available to take the next step i.e. break into a "secure"
> wi-fi network by listening in, capturing and analyszing  wi-fi data
> packets (which include login usernames and passwords) .
> 
> ram
> 
> ---------- Forwarded message ----------
> From: Arun Mehta <arun.mehta <at> gmail.com>
> Date: Wed, Sep 17, 2008 at 12:08 PM
> Subject: [india-gii] poor WiFi encryption a security risk
> To: india-gii <at> lists.cpsr.org
> 
> 
> should we, in our note, also point out that encrypting your WiFi
> communication is illegal unless you give government your key? Any down
> sides to making this argument?
> 
> Do our experts agree that 3g encryption levels, unlike gsm, are
> acceptable, http://www.comp.brad.ac.uk/het-net/tutorials/P10.pdf ?
> 
> Arun
> 
> http://www.telecomtiger.com/fullstory.aspx?passfrom=breakingnews&storyid=3886
> 
> Wi-Fi services under scanner again as Militants again use Wi-Fi spot
> to send email
> TT Correspondent |  New Delhi |  14 Sep 2008
> 
> The Wi-Fi services in the country are certain to face tough times
> ahead. First it was the Bangalore and Ahmedabad blasts where it was
> found out that militants had claimed responsibility for the blasts
> using an unsecured Wi-Fi connection of an American executive.
> 
>  Yesterday's Delhi blasts reveal that the same concept was used this
> time as well. The Indian Mujahideen claimed responsibility for the
> blasts using through an email sent through a unsecured Wi-Fi
> connection of Ms Kamran Power Private Limited in Chembur, Mumbai.
> 
> These incidences have put a question mark on the security features of
> Wi-Fi services.
> 
> While malls, commercial premises as well as Coffee shops are
> increasingly offering these services, the same is being done with
> little care for security aspects feel experts.
> 
> The scenario is only set to become more complex after entry of
> wireless broadband services through WiMAX and data services through
> 3G, say observers.
> 
> While internet cafes have been brought under the purview of law
> (atleast on papers) with identity cards and other details must before
> using the service,  Wi-Fi services have come in handy for the
> militants who now need to identify only an unsecured Wi-Fi connection
> to send their message across to agencies without the fear of getting
> traced.
> ____________________________________________________________
> You received this message as a subscriber on the list:
>     india-gii <at> lists.cpsr.org
> To be removed from the list, send any message to:
>     india-gii-unsubscribe <at> lists.cpsr.org
> 
> For all list information and functions, see:
>     http://lists.cpsr.org/lists/info/india-gii
> 
> 
> 
> _______________________________________________
> wsfii-discuss mailing list
> wsfii-discuss <at> lists.okfn.org
> http://lists.okfn.org/mailman/listinfo/wsfii-discuss
Permalink | Reply | 19 comments |
headers
Vickram Crishna | 18 Sep 2008 07:46
Picon
Favicon

Re: poor WiFi encryption a security risk

Yes, exactly that.

There are many open networks, and why that is I am not sure. Quite possibly part of the reason is that the commercial routers, which are dead simple for any untrained person to set up and run, do not 'insist' on using basic security. I am sure that this is due to the fact that older computers are more difficult to 'sign in' to secured networks, but it may also be due to a lack of consumer demand for security.

Now, security is for different reasons. If the paid access is expensive and capped to boot, then it is a simple matter of saving money. If the purpose is to run a quasi-commercial service, then also. But if the purpose is a community network, then it may be to identify and track member usage, or similar reasons.

All too often, the reason is that paid ISP access is delivered with caps, which is pure and simple a restrictive practice, one that is unfortunately not recognised by most commercial regulators as such, since such matters are normally dealt with by technical regulators.

Perhaps WSFII needs to take this on board and generate a public message to governments everywhere, appealing for stringent curbs on such practices.

Along the way, such a message may also need to emphasise that the overall gain from open wireless networking (especially in underdeveloped economies, and within them, for economically disadvantaged persons, for whom the inability to use the Net because it is expensive, is part of the digital divide) mong is more than the security weaknesses (primarily that criminals can use open networks conveniently to send taunting, boasting or bragging emails) inherent.
 
Vickram
http://communicall.wordpress.com
http://vvcrishna.wordpress.com


----- Original Message ----
From: wlanmac <wlan <at> mac.com>
To: Discuss list on the World Summit on Free Information Infrastructure <wsfii-discuss <at> lists.okfn.org>
Cc: AirJaldi Summit List <summit <at> lists.airjaldi.com>
Sent: Thursday, 18 September, 2008 10:19:20
Subject: Re: [wsfii-discuss] Fwd: [india-gii] poor WiFi encryption a security risk

It depends on what flavor of wireless security you are using. Though,
with so many open networks, I'm not sure it's worth going after the
secured networks unless the attacker it targeting someone specific.
Maybe terrorists are using the WiFi for it's convenience over sending
e-mails from hacked machines on the Internet :)


On Thu, 2008-09-18 at 08:37 +0530, Ramnarayan.K wrote:
> Hi
>
> As many of you might be aware , in the recent few months wi-fi
> (specifically open and / or unsecure wifi networks) have got a lot of
> bad press becausesuch networks were used by terrorists to send emails
> before bomb blasts (in delhi / bangalore / ahmedadbad) So would be
> interested to hear what folks have to say.
>
> am not an expert on w-ifi security but am wondering how difficult (and
> non traceable) would it be for a determined person using software that
> is readily available to take the next step i.e. break into a "secure"
> wi-fi network by listening in, capturing and analyszing  wi-fi data
> packets (which include login usernames and passwords) .
>
> ram
>
> ---------- Forwarded message ----------
> From: Arun Mehta <arun.mehta <at> gmail.com>
> Date: Wed, Sep 17, 2008 at 12:08 PM
> Subject: [india-gii] poor WiFi encryption a security risk
> To: india-gii <at> lists.cpsr.org
>
>
> should we, in our note, also point out that encrypting your WiFi
> communication is illegal unless you give government your key? Any down
> sides to making this argument?
>
> Do our experts agree that 3g encryption levels, unlike gsm, are
> acceptable, http://www.comp.brad.ac.uk/het-net/tutorials/P10.pdf ?
>
> Arun
>
> http://www.telecomtiger.com/fullstory.aspx?passfrom=breakingnews&storyid=3886
>
> Wi-Fi services under scanner again as Militants again use Wi-Fi spot
> to send email
> TT Correspondent |  New Delhi |  14 Sep 2008
>
> The Wi-Fi services in the country are certain to face tough times
> ahead. First it was the Bangalore and Ahmedabad blasts where it was
> found out that militants had claimed responsibility for the blasts
> using an unsecured Wi-Fi connection of an American executive.
>
>  Yesterday's Delhi blasts reveal that the same concept was used this
> time as well. The Indian Mujahideen claimed responsibility for the
> blasts using through an email sent through a unsecured Wi-Fi
> connection of Ms Kamran Power Private Limited in Chembur, Mumbai.
>
> These incidences have put a question mark on the security features of
> Wi-Fi services.
>
> While malls, commercial premises as well as Coffee shops are
> increasingly offering these services, the same is being done with
> little care for security aspects feel experts.
>
> The scenario is only set to become more complex after entry of
> wireless broadband services through WiMAX and data services through
> 3G, say observers.
>
> While internet cafes have been brought under the purview of law
> (atleast on papers) with identity cards and other details must before
> using the service,  Wi-Fi services have come in handy for the
> militants who now need to identify only an unsecured Wi-Fi connection
> to send their message across to agencies without the fear of getting
> traced.
> ____________________________________________________________
> You received this message as a subscriber on the list:
>    india-gii <at> lists.cpsr.org
> To be removed from the list, send any message to:
>    india-gii-unsubscribe <at> lists.cpsr.org
>
> For all list information and functions, see:
>    http://lists.cpsr.org/lists/info/india-gii
>
>
>
> _______________________________________________
> wsfii-discuss mailing list
> wsfii-discuss <at> lists.okfn.org
> http://lists.okfn.org/mailman/listinfo/wsfii-discuss


_______________________________________________
wsfii-discuss mailing list
wsfii-discuss <at> lists.okfn.org
http://lists.okfn.org/mailman/listinfo/wsfii-discuss

_______________________________________________
wsfii-discuss mailing list
wsfii-discuss <at> lists.okfn.org
http://lists.okfn.org/mailman/listinfo/wsfii-discuss
Permalink | Reply | 0 comments |
headers
Alexander List | 18 Sep 2008 14:44
Picon

Re: Fwd: [india-gii] poor WiFi encryption a security risk

wlanmac wrote:
> It depends on what flavor of wireless security you are using. Though,
> with so many open networks, I'm not sure it's worth going after the
> secured networks unless the attacker it targeting someone specific.
> Maybe terrorists are using the WiFi for it's convenience over sending
> e-mails from hacked machines on the Internet :)

As with all services/systems/tools abused for malicious purposes: You do 
not want to deny useful service to the majority of well-behaving users 
just because some black sheep are abusing the service.

Do you want to shut down the international postal system because bombs 
or anthrax could be sent in packages/letters?
Do you want to shut down cellphone networks because someone could use a 
cellphone to remotely detonate a bomb?
Do you want to block all roads because someone could use them to drive 
car bombs to their target?

The benefits of open WiFi infrastructure outweigh the possible risks by 
orders of magnitude. Terrorism and crime are problems of 
society/politics, and you cannot fight these problems efficiently with 
technical means. If you do so, the "collateral damage" to legitimate 
users are severe, and the "bad guys" have achieved part of their goal: 
to spread fear, disorder, chaos.

Just my 5c

Alex
Permalink | Reply | 18 comments |
headers
wlanmac | 18 Sep 2008 15:16
Picon

Re: Fwd: [india-gii] poor WiFi encryption a security risk

True, but your analogy isn't complete, in my opinion. 

Roads are patrolled by police and sometimes cctv. You need a license
to drive and are subject to random inspection. The postal system puts
safeguards in place to deal with threats. Cellular networks are
not free and open and they also monitor and track usage. 

What safeguards are put into open WiFi networks? 
How are they patrolled and/or monitored?

Closing the 'networks' you pointed out would indeed have serious
implications to business, life, and liberty. Does closing down
(or securing) WiFi have the same kind of consequences? hmm...

David

On Thu, 2008-09-18 at 14:44 +0200, Alexander List wrote:
> wlanmac wrote:
> > It depends on what flavor of wireless security you are using. Though,
> > with so many open networks, I'm not sure it's worth going after the
> > secured networks unless the attacker it targeting someone specific.
> > Maybe terrorists are using the WiFi for it's convenience over sending
> > e-mails from hacked machines on the Internet :)
> 
> As with all services/systems/tools abused for malicious purposes: You do 
> not want to deny useful service to the majority of well-behaving users 
> just because some black sheep are abusing the service.
> 
> Do you want to shut down the international postal system because bombs 
> or anthrax could be sent in packages/letters?
> Do you want to shut down cellphone networks because someone could use a 
> cellphone to remotely detonate a bomb?
> Do you want to block all roads because someone could use them to drive 
> car bombs to their target?
> 
> The benefits of open WiFi infrastructure outweigh the possible risks by 
> orders of magnitude. Terrorism and crime are problems of 
> society/politics, and you cannot fight these problems efficiently with 
> technical means. If you do so, the "collateral damage" to legitimate 
> users are severe, and the "bad guys" have achieved part of their goal: 
> to spread fear, disorder, chaos.
> 
> Just my 5c
> 
> Alex
> 
> _______________________________________________
> wsfii-discuss mailing list
> wsfii-discuss <at> lists.okfn.org
> http://lists.okfn.org/mailman/listinfo/wsfii-discuss
Permalink | Reply | 17 comments |
headers
Alexander List | 18 Sep 2008 16:33
Picon

Re: Fwd: [india-gii] poor WiFi encryption a security risk

wlanmac wrote:
> True, but your analogy isn't complete, in my opinion. 
>
> Roads are patrolled by police and sometimes cctv. You need a license
> to drive and are subject to random inspection.
And again, I find an easy circumvention of that. CCTV is - at least in 
central Europe - only used on motorways and in cities. If you use 
national roads, you can circumvent CCTV. If you don't want to be 
monitored, you can just steal a car (bad idea, then police will actively 
search for the car, and not that I want anybody to actually try that!!) 
or take the bus. In the countries where I've been travelling, buying a 
bus or train ticket is still a totally anonymous procedure. Another 
option for using roads without registration is riding a bicycle. Or a 
horse/horse carriage.

Of course you risk random inspection, but that risk is negligible. 
Unless you cross borders or use trains that do, police inspections are 
rather rare in democratic countries... the ones I experienced in Austria 
were for searching illegal immigrants or drugs. Nobody ever searched for 
terrorists. At least, they didn't tell...

> The postal system puts
> safeguards in place to deal with threats.
What are those safeguards? Do you really want to x-ray all parcels, and 
scan all letters for possible biohazard? Sounds like total overkill, and 
an expensive one, too.

> Cellular networks are
> not free and open and they also monitor and track usage.
So, just buy a prepaid SIM, without registration. Still available in 
many countries. Or, again, steal a cellphone to cover your identity. 
(Don't! I am just giving examples how easy it is to circumvent 
surveillance. So, surveillance will only affect non-criminals... because 
criminals won't mind stealing cars or cellphones.)
> What safeguards are put into open WiFi networks?
>   
What safeguards are used in Internet cafes and public phone booths? Do 
you want them to require photo ID before granting access?

> How are they patrolled and/or monitored?
>   
Why would you want to?

> Closing the 'networks' you pointed out would indeed have serious
> implications to business, life, and liberty. Does closing down
> (or securing) WiFi have the same kind of consequences? hmm...

If Wifi is the only available means of digital communication available 
to a huge number of people at a reasonable price, yes. There are 
countries where phone lines are not available/extremely expensive...

Every open network community has to decide on its own how they handle 
possible abuse. But I wouldn't want to introduce security mechanisms 
like authenticationi or monitoring before anything happens. If something 
happens, you can still rethink the issue and eventually require 
authentication. But that will lead to authorities demanding that you log 
everything etc - maybe too much administrative overhead for a community 
network... and actually playing police is not the job of 
sysadmins/network owners. That's a function that should be performed by 
the state, and only if there's an ongoing investigation, with a warrant 
signed by a judge.

Alex
Permalink | Reply | 0 comments |

Gmane