2009/11/30 John Moser <john.r.mo...@gmail.com>: > List some not-silly reasons. "Because people could use it for > theoretical/practicable attacks" is not a reason, because 1) you could > decline to reveal the password (but allow verification); and 2) there > are other tools for this that are just as accessable.
Mainly just the bad press that Ubuntu would get as a result. Can you imagine the headlines there would be? "Ubuntu operating system hacks Windows computers" Technically speaking other tools are not "just as accessible" - who else ships out free live CDs? > I guess I can give a longer example here, but I'd rather not get into > the specifics of this discussion: > > In the state of the art, I can pop in a BackTrack CD, fix 1 line in > Kismet's config (is this automatic now? It could be), run one > command, and drop keys for all the WEP networks around me. There are > tools included that find "hidden" SSIDs and you can even find MAC > addresses in use to get around all the maze-like non-security. > > I have made the argument that Ubuntu could contain a version of > Network-Manager (I prefer by default, but it could be an additional > package) that automatically does all the hidden SSID detection in the > background, and does some monitoring and WEP cracking, marking off > "Secured, broken" networks. Again, while I have no problems with such tools being available, and find them useful, I think it would be a bad move for such a public distro such as Ubuntu to start including such tools by default, purely from a marketing point of view. There's no way you're going to get “It can be used to test how secure my network is” to fly with even most tech press, let alone mainstream media. <snip> I'm all out of ideas, so apparently I only have 1. But I think it's a good one :-) Thanks -- Matt Wheeler m...@funkyhat.org -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
