- Related Stories
-
ID theft--can it really be prevented?
November 18, 2005 -
FAQ: Wi-Fi mooching and the law
July 8, 2005 -
Worried about Wi-Fi security?
January 19, 2005 -
'Wardriving' conviction is first under Can-Spam
September 30, 2004 -
Wi-Fi arrest highlights security dangers
November 28, 2003 -
Safety: Open networks pose dilemma
February 4, 2003
Politicians in Westchester County are urging adoption of the law--which appears to be the first such legislation in the U.S.--because without it, "somebody parked in the street or sitting in a neighboring building could hack into the network and steal your most confidential data," County Executive Andy Spano said in a statement.
The draft proposal offered this week would compel all "commercial businesses" with an open wireless access point to have a "network gateway server" outfitted with a software or hardware firewall. Such a firewall, used to block intrusions from outside the local network, would be required even for a coffee shop that used an old-fashioned cash register instead of an Internet-linked credit card system that could be vulnerable to intrusions.
Scott Fernqvist, special assistant to the county's chief information officer, said Friday that he thought "the law would apply" to home offices as well.
"It was just introduced; it's a draft," Fernqvist said. "We're hoping it's enacted early next year, but this can change."
The proposed law has two prongs: First, "public Internet access" may not be provided without a network gateway server equipped with a firewall. Second, any business or home office that stores personal information also must install such a firewall-outfitted server even if its wireless connection is encrypted and not open to the public. All such businesses would be required to register with the county within 90 days.
The proposal echoes a slew of bills in Congress and in state legislatures that are being considered in the wake of recent security problems involving Bank of America, payroll provider PayMaxx and Reed Elsevier Group's LexisNexis service. But the other proposals tend to follow approaches such as requiring notification of breaches or restricting use of Social Security Numbers--as opposed to regulating wireless links.
According to the Westchester proposal, public Internet access sites also would have to post a sign saying: "You are accessing a network which has been secured with firewall protection. Since such protection does not guarantee the security of your personal information, use discretion." Violations of any part of the law would be punishable with fines of $250 or $500.
Representatives from the county's information technology department drove around downtown White Plains, N.Y., with laptop computers and detected 248 open wireless connections in less than half an hour, the county reported. Half lacked "visible security" features.
See more CNET content tagged:
county, proposal, home office, law, wireless connection





Now, where would they get the idea there's some practical need for this.
Hmm ...
let's see ...
who could it be ...
I dunno ...
could it be ...
THE PHONE COMPANIES?!!
If that's not the case and the law would apply to every access point, I don't see how such a law could be passed that forces people to spend money on stuff to protect nothing (for example, for a user that doesn't hold confidential information). If this was the case, I would side with the view that this is the result of a lobbyin effort from the telcos.
Anyway, even if passed, the law shouldn't cause much trouble in the long term. Access point manufacturers will just build the functionality in their appliances, which should be doable at very low cost, and only preexisting users would be inconvenienced.
I really hope this law does pass. I do not live in the state, but I do a lot of IT Consulting in the county in question. Once this passes, and it will if NY legislative history has shown us anything, I am going to make millions and never have to pay a dime in sales tax to NY as I have no business presence there. Keep electing those politicians to think for you NY!! My bank account could really use the help!
1) These people that you criticize apparently exercise the same lack of judgement whenever they use your services.
2) There are "NY residents" that do their own thinking, and many of them live in NYC, Buffalo, and other areas that would probably stop this type of legislation dead in its tracks.
Now as far as this proposed law is concern, it is utterly assinine. No government has the right to mandate how a privately owned network is administered. Some businesses or citizens may leave a WAP open, by design, but this would take away that choice.
If this law passes, it will only serve to reaffirm my belief that NYC has banished every moron and useless politician to Westchester, if only to raise the city's IQ.
1. Of course expanding education through the usual channels, i.e., news papers, the local news cast, the local papers, etc.
2. Second, by urging the ?industry?, Microsoft, Apple, Cisco, etc. to further educate the consumer might help.
3. Lastly, the ?law? should be framed in same way many consumer protection education acts are implemented. For example, the state could of course regulate the public sector, municipal buildings, fire, police, etc., and also require private industries that use WiFi, air ports, café?s, etc., to post a consumer warning notification, or a ?use at your risk? type notice if they have no encryption.
Once that occurs, the private sector would compete on its own to gain consumer confidence. But, as many of you are thinking, any attempt by politicians to regulate such a dynamic technology would only prove futile.
mark d.
This law in particular is a non-starter on at least two grounds: one, as another poster mentioned, the FCC will not stand for it; and two, it's a gross First Amendment violation. It won't survive its first two hours in a court of law. Neverthless, if you don't want more of the same, please consider joining the EFF.
What you do in your own home is your own business....not that of Mr Spano or the DA (gotta ge a plug in for her...god knows she always wants one), or anyone else. God knows, if I lived in Westchester County right now and had high speed access and a wireless access point, I'd leave it open just to **** off some of you ignorant mindless fools that made up this junk.
A firewall isn't going to do jack poo from the blue moon about access to the wireless. If the network is open, anything sent will still be visible to anyone in range with the proper tools, and anyone will still be able to jump on it. A firewall sits at the gateway between Internet and internal network - the gatekeeper. It has nothing to do with the internal part...
I'd have to say that about 95% of people with a basic WLAN set up DO have a firewall (a hardware one!), and DO have it turned on - even though by default. It's called the one built into the router! LOL
And for incoming stuff, it's quite handy and more than adequate.
I wonder if the built-in firewall would count for this new law - it is a firewall.
If they require a separate server for this, it's extra, unnecessary (and expensive) overhead in many cases... it almost smells of pork. Like the people who make server-based network firewalls lobbied the legislature...
IN SHORT: A firewall, server-based or not, does NOTHING for securing Wi-Fi. If it's unencrypted, it's unsecured. The firewall doesn't deal with the local side, and that includes the radio part.
to make Orwell proud, these bright people have decided to do the
natural thing: criminalize non-criminals.
Any country that can criminalize self-medication, not wearing seat
belts, and carrying nail clippers on to airplanes can criminalize just
about anything. Welcome to the Therapeutic State.
http://www.westchesterlegislators.com/Legislators/index.htm
WE ALL READY HAVE FAR TOO MANY LAWS NOW THAT
CAN NOT BE INFORCED! THE PEOPLE NEED TO REMBER
THAT THEY PUT THESE PEOPLE IN OFFICE AND IF THEY
WOULD STOP FOR A MOMENT AND THINK. THEY WOULD PROBLEY IMPEACH THEM THIS IS NOT SOME THING THAT
CAN ONLY BE DONE TO THE PRESIDENT, AND WHEN YOU
LOOK AT WHAT HAS BE DONE WITH THE COPY WRITE LAWS
ON CD&DVDS WHO WERE THEY PROCTECTING? BIG MONEY NOT THE PEOPLE THAT ELECTED THEM. JUST THE MONEY
THAT IS LINEING THERE POCKETS!
- People need to be educated
- by grajoe December 8, 2005 11:09 PM PST
- "People need to be educated"
- Like this Reply to this comment
-
Showing 1 of 2 pages (26 Comments)That would be the goal, yes. Not necissarily to regulate, but to educate the public.