Just came across this nice little consumer alert from your friends and mine at the Federal Trade Commission trying to scare the bejeezus out of you when it comes to open Wi-Fi. Well, no it doesn't-in actuality it's well thought out and informative, for the most part. Unfortunately, it still shows a few symptoms of Clark Howard Disease-sorry, ath64-as evidenced by this pair of half-truths:
"An encrypted website protects only the information you send to and from that site. A secure wireless network encrypts all of the information you send while online."
Half-Truth No. 1 ignores the reason that the Secure Sockets Layer protocol was developed in the first place-and why it was adopted years before anything like Wi-Fi was even contemplated. Of course it's true that it encrypts only traffic between you and the remote host to which you're connected-what other traffic is there to protect? What the FTC neglects to stress is the fact that the encryption is end-to-end, protecting you not only between the client device and the router, but beyond.
And that brings Half-Truth No. 2 into play. As ath64 has stressed in responding to each of Clark Howard's missteps, connecting to a secured router provides protection ONLY BETWEEN YOU AND THE ROUTER. UNLESS THERE IS THIRD-PARTY ENCRYPTION BEYOND THAT, YOUR TRAFFIC IS STILL SUBJECT TO INTERCEPTION BETWEEN THE ROUTER AND THE REMOTE HOST. So saying that "a secure wireless network encrypts all of the information you send while online" is misleading, because it only provides such protection for that data on its first hop-from your device to the router.
Those criticisms aside, the FTC deserves praise for recommending Wi-Fi users make sure they only log into fully encrypted websites and extolling the virtures of virtual private networks, both of which serve to obviate the need for hassling with access-point encryption away from home. Maybe it's not such a bad thing that it will now be open for business as usual on Monday.
Saturday, April 09, 2011
Thursday, April 07, 2011
In which "public" becomes a relative term.
Finally got some feedback on the North Kansas City Public Library's closed network, which I reported here as such back in October '09. You don't need a library card for the password; just ask at the desk and they'll hand it to you on a slip of paper. In fact I'd pass it along, except for two reasons:
1.) I'm not comfortable doing that from either an ethical or legal standpoint-it's not my network, and its owners can run it any way they want, and:
2.) The security on the network is WPA-Personal, also known as WPA-PSK, where PSK is an acronym meaning "public shared key." Which means, in short, that everyone is using the same password, just as you and your housemates probably do on your network at home. Not really the best method of controlling access on a large public network like a library's.
And that causes me to wonder once more just why NKC is doing this. You'd think that especially these days, public libraries would put the emphasis on public. The fewer hoops patrons have to jump through, the fewer obstacles placed between them and what they came in for, the fewer hassles and snags in their user experience, and the better case you can make for the public library's status as an institution still relevant and worthy of our support in an increasingly wired (and unwired) world where, as ath64 sagely reminded us in last fall's fifth-anniversary post, more and more information lies at our fingertips rather than behind reference and circulation desks.
Whether NKCPL's status in the guide changes is up to ath64, but my guess is-and my vote would be-that it won't. The network is still closed unless you obtain the necessary credential-the password-in advance. That said, it would be nice if NKCPL updated its website and told people the truth about its network-and finally got rid of the nonsensical instructions for connecting they've listed since it went live. I mean, "Open your web browser and connect to 'Zone CD...' " Really? Come on!
And on another note, I'd hazard a guess that NKC's vaunted Windows-only wireless printing capability is still a service in search of customers. The only other laptopper our source saw there was using-drum roll culminating in a cymbal crash, please-a Mac.
1.) I'm not comfortable doing that from either an ethical or legal standpoint-it's not my network, and its owners can run it any way they want, and:
2.) The security on the network is WPA-Personal, also known as WPA-PSK, where PSK is an acronym meaning "public shared key." Which means, in short, that everyone is using the same password, just as you and your housemates probably do on your network at home. Not really the best method of controlling access on a large public network like a library's.
And that causes me to wonder once more just why NKC is doing this. You'd think that especially these days, public libraries would put the emphasis on public. The fewer hoops patrons have to jump through, the fewer obstacles placed between them and what they came in for, the fewer hassles and snags in their user experience, and the better case you can make for the public library's status as an institution still relevant and worthy of our support in an increasingly wired (and unwired) world where, as ath64 sagely reminded us in last fall's fifth-anniversary post, more and more information lies at our fingertips rather than behind reference and circulation desks.
Whether NKCPL's status in the guide changes is up to ath64, but my guess is-and my vote would be-that it won't. The network is still closed unless you obtain the necessary credential-the password-in advance. That said, it would be nice if NKCPL updated its website and told people the truth about its network-and finally got rid of the nonsensical instructions for connecting they've listed since it went live. I mean, "Open your web browser and connect to 'Zone CD...' " Really? Come on!
And on another note, I'd hazard a guess that NKC's vaunted Windows-only wireless printing capability is still a service in search of customers. The only other laptopper our source saw there was using-drum roll culminating in a cymbal crash, please-a Mac.
Friday, April 01, 2011
So now the 'Dotte is REALLY going to be hot...or is it?
For all two or three of you out there who don't know by now, Google has chosen Kansas City, Kansas as the initial rollout location for its greatest-thing-since-sliced-bread gigabit network. Yes, that's right-gigabit. As in one billion bits. As in a 1 with nine zeroes behind it. As in download a whole DVD in maybe 40 seconds to a minute. Cool. Too bad, though, that it'll take years for wireless networking speeds to catch up to where they can take full advantage of a backhaul that fast. Right now the best state-of-the-art Wi-Fi equipment would have trouble carrying anything more than about 150 megabits per second, and then only under ideal conditions.
But who's complaining? Give me a gigabit right now and I'll gladly saw it into tenths and share it with nine other users, especially for free-which is the price Google plans to charge for nonprofit use (read libraries). One can only hope that being hooked into the most 21st-century of networks will alleviate the rampant epidemic of 20th-century thinking among so many people that has made eastern Wyandotte County such a digital backwater-and has kept its public libraries in particular from doing nearly as much as they ought to be doing to remedy that.
In short, there'll be plenty of news of interest here emanating from between the viaduct and the speedway over maybe the next 18 to 24 months. Stay tuned.
But who's complaining? Give me a gigabit right now and I'll gladly saw it into tenths and share it with nine other users, especially for free-which is the price Google plans to charge for nonprofit use (read libraries). One can only hope that being hooked into the most 21st-century of networks will alleviate the rampant epidemic of 20th-century thinking among so many people that has made eastern Wyandotte County such a digital backwater-and has kept its public libraries in particular from doing nearly as much as they ought to be doing to remedy that.
In short, there'll be plenty of news of interest here emanating from between the viaduct and the speedway over maybe the next 18 to 24 months. Stay tuned.
Subscribe to:
Posts (Atom)