Security requirements for open wireless networks

| TrackBacks (19) |
News.com reports that Westchester County NY is considering requiring a firewall on all wireless networks operated by "commercial businesses":
Politicians in Westchester County are urging adoption of the law--which appears to be the first such legislation in the U.S.--because without it, "somebody parked in the street or sitting in a neighboring building could hack into the network and steal your most confidential data," County Executive Andy Spano said in a statement.

The draft proposal offered this week would compel all "commercial businesses" with an open wireless access point to have a "network gateway server" outfitted with a software or hardware firewall. Such a firewall, used to block intrusions from outside the local network, would be required even for a coffee shop that used an old-fashioned cash register instead of an Internet-linked credit card system that could be vulnerable to intrusions.

...

The proposed law has two prongs: First, "public Internet access" may not be provided without a network gateway server equipped with a firewall. Second, any business or home office that stores personal information also must install such a firewall-outfitted server even if its wireless connection is encrypted and not open to the public. All such businesses would be required to register with the county within 90 days.

This seems like the kind of well-meaning but basically useless measure you get when people who don't understand technology try to make rules for it. The reasoning goes something like this: Wireless networks are insecure. That's bad. Firewalls are used to secure your network. Therefore, business should be required to install firewalls.

Even if you believe (which I don't) that counties should be in the business of regulating people's network security, there are two problems with this proposal. First, there's no real evidence that open APs are the major threat to the security of commercial networks. After all, lots of intrusions happen over the Internet. The number of people who could potentially break into your system over the Internet vastly exceeds the number of people in the local area attached to your AP. And there's no talk here of requiring businesses who don't operate wireless networks to have firewalls.

Second, the requirement to have a firewall on your "gateway server" is basically meaningless. These days, some kind of firewall is a standard feature on even extremely low end wireless routers. And, of course, it's trivial to have a firewall but not configure it correctly. Unless Westchester is going to get into the business of certifying people's actual installations, just making people sprinkle on some firewall pixie dust is unlikely to have much of an effect.

19 TrackBacks

Listed below are links to blogs that reference this entry: Security requirements for open wireless networks.

TrackBack URL for this entry: http://www.educatedguesswork.org/cgi-bin/mt/mt-tb.cgi/460

welmart Read More

christmas ornament from christmas ornament on November 28, 2005 8:52 PM

christmas ornament Read More

christmas wreaths from christmas wreaths on December 1, 2005 4:44 AM

christmas wreaths Read More

christmas songs from christmas songs on December 2, 2005 3:35 AM

christmas songs Read More

christmas Read More

christmas cards from christmas cards on December 2, 2005 11:23 PM

christmas cards Read More

window treatments from window treatments on January 5, 2006 9:34 PM

window treatments Read More

Fast Pay Day Loan from Fast Pay Day Loan on January 9, 2006 6:37 AM

No faxing pay day loans Divergent no faxing pay day loans pay day cash loan snippy pay day cash loan. Read More

buy lorazepam from buy lorazepam on January 18, 2006 4:05 AM

buy lorazepam Read More

Free Ringtones from Free Ringtones on January 21, 2006 4:40 AM

Free Ringtones Read More

Anxiety and wellbutrin shelled anxiety and wellbutrin bupropion asymmetric bupropion. Read More

poker casino483 from poker casino483 on February 9, 2006 10:20 AM

poker casino poker 710 Read More

online poker partypoker partypoker poker poker Read More

arizona real estate from arizona real estate on February 22, 2006 9:43 PM

arizona real estate real estate property listings real estate property listings las vegas real estate mls Read More

phoenix arizona real estate from phoenix arizona real estate on February 23, 2006 8:41 AM

phoenix arizona real estate phoenix arizona real estate buy real estate aspen Read More

pacific poker pacific poker online casinos online casinos Read More

free dating ads from free dating ads on February 25, 2006 1:57 AM

free dating ads carbon dating carbon dating dating sim dating sim Read More

internet radio stations from internet radio stations on February 25, 2006 6:00 PM

internet radio stations satellite radio satellite radio ham radio ham radio Read More