NY Law Makes Unsecured Hotspots Illegal

[dlewis23]

We mentioned this back when it was only a proposal; now Westchester County has passed a first of its kind law mandating businesses secure their hotspots, according to Federal Computer Week.

    "The law, which goes into effect 180 days from today, requires commercial businesses that store, use or maintain personal information electronically

[resopalrabotnick]

about frickin time. and why the hell doesn't it include consumers? it doesn't take a brain surgeon to activate wep128 to at least be secure against the casual wardriver. more security of course requires using wpa 1 or 2... which is crackable but requires a lot more effort than wep to do so.

we have a store around here in a strip mall that has it's in store network wireless. they run wep 128. so i could park outside the store and break it in nothing flat and noone would get suspicious.

the fines for consumers would be to make sure they secure to protect them from others using their connection for illegal purposes in which case the connection owner is responsible...

[Semour06]

This is helpfull i was thinking about making my connection available to other people you gave me some good reasons not to.

[Swimmer]

about frickin time. and why the hell doesn't it include consumers? it doesn't take a brain surgeon to activate wep128 to at least be secure against the casual wardriver. more security of course requires using wpa 1 or 2... which is crackable but requires a lot more effort than wep to do so.

we have a store around here in a strip mall that has it's in store network wireless. they run wep 128. so i could park outside the store and break it in nothing flat and noone would get suspicious.

the fines for consumers would be to make sure they secure to protect them from others using their connection for illegal purposes in which case the connection owner is responsible...

It doesnt include consumers because until now it has been pretty hard to set up wep/wpa for consumers.. it required some type of computer knowledge.. Hince our buddies at geek squad..  But the industry is moving toward making it easier to set up a secure system out of the box.

My guess is that it will never apply to residential consumers.  Here is why.. as of right now it is a crime to connect to someones wifi and use it.. there have been many cases across the US where people were arrested.  However, nothing ever happens to the owner of the system secured or not..  Why you might ask.. it is like leaving you car keys in the car..  Someone sees them and takes your car.. not your problem.. you are not going to be punished for being stupid. 

As far as "hacking" a wep system goes.. unless you have sufficient traffic or have dual cards running the hack it is going to take quite a long time.  Sitting in the parking lot on a laptop might draw some attention.. much less your are going to be picked up by security camera just sitting there.. The FBI was able to  crack a 128bit wep network in under 3 minutes..  So is it possible.. yes..

Agent Bickers, still speaking to the audience, turned around, looked at the screen and was surprised, "Usually it takes five to ten minutes."

The only WPA exploit that I have heard of is brute force..  If you have something different on this please pm me..