In message <[EMAIL PROTECTED]>, Sean
Donelan writes:
>
>On Sun, 22 Sep 2002, Randy Bush wrote:
>> - the users need to be told how to operate more safely, use
>> end-to-end authentication and privacy, etc. it's a matter of
>> education. and the education will stand them in good stead
>> when they use 802.11 at starbucks, airports, etc. we do this
>> at ietf, but it is not allowed at nanog.
>
>Sunday afternoon is full of tutorials on lots of different subjects.
>Has anyone volunteed to conduct a Sunday tutorial on wireless security
>for users of "public" wireless networks?
>
>Although I think it is a mistake to think a wireless network security
>is different than using any other network you don't control. Most
>wireless security tutorials tend to concentrate on "securing" the
>wireless network instead of how to communicate over an untrusted
>network.
>
Precisely -- and it's precisely why I'm not a big fan of "wireless
security" as a discipline: my threat model for the wired network has
never been any different than for wireless...
--Steve Bellovin, http://www.research.att.com/~smb (me)
http://www.wilyhacker.com ("Firewalls" book)
