Bright Stove

Reflecting information risk journey

Archive for November 2005

Talking about Unsecured Wi-Fi would be outlawed by N.Y. county | CNET News.com

leave a comment »

It is interesting to read that New York County (USA) is planning to mandate implementation of Wi-Fi security to all commercial businesses using Wi-Fi technology. From a security and law enforcement perspective, it certainly looks like a very welcomed move, since this would prevent the use of Wi-Fi network by anonymous users at least, enabling all uses to be accountable. But the problem is that this is a partial solution whereby its effectiveness is going to be questionable. As more home users get connected to broadband Internet, and have more than one PC systems at home, setting up Wi-Fi networks at home is the natural next step. By default, many Wi-Fi devices are provided without security enabled. I.e., users will install those devices without turning on security. In some cases, turning on security on those consumer-targeted Wi-Fi devices can become a challenge to the users. My experience is that many users found that when they try to configure security for their Wi-Fi networks, the network stopped working, but when security is disabled, it worked! Given such situation, many home users will have or are going to continue to have unsecured Wi-Fi networks, which are already targets of the Wardrivers. The challenge we face is that the Wi-Fi technology is designed with security as an add-on, not as an integrated requirement. As an add-on, the technology will continue to work even when the security features are disabled. If as an integrated compoment, then the usability of the technology will have a dependency on the enablement of the security feature/capability. Given such a situation, I’m not sure if such a law mandating businesses to enable security is going to help address the security issues around unauthorized use of Wi-Fi networks. What about the home users and non-commercial businesses’ unprotected Wi-Fi networks?

Quote

Unsecured Wi-Fi would be outlawed by N.Y. county | CNET News.com

 

Advertisements

Written by mengchow

November 6, 2005 at 4:54 pm

Posted in Risk Management

Geographical effect on responsiveness

with one comment

At dinner last night in Bangkok with a colleague, we talked about our ancestors from China, on why they migrated to Singapore during the war period instead of staying put. We also shared our common agreement that most of the people who migrated from China are in fact living in areas that are nearer to the coastal lines, and because of that, they see more changes coming to them, more in touch with the outside world, and therefore more prepared to venture out when the situation inland became less conducive for them. On the other hand, people living more inland tends to less exposure to the outside world, and don’t seem to be more aware of the changes coming. It occured to me that where we live geographically in fact will affect our view of the world, our readiness to deal with changes coming or going on, and our willingness to change. Along the same line, I hypothesize that people’s capability or preparedness against natural disasters and/or catastrophic events is also dependent (to some extent, or maybe a large extent) on their geographical position.
 
When the Tusnami hit Asia in late Dec 2004, it was reported in a number of news media that some fishermen who live along the beaches and coastal areas of Malaysia saw the changing tide and immediately sensed the emergence of a catastrophic event unfolding. A number of them were fast enough to warn the beach goers and saved many lifes. However, the tourists who were new to the areas, especially those at the beach resorts areas in places like Phuket for holiday, were unaware of the danger coming and could not escape the tide on time.
 
Obviously, not everyone is alert all the time, but people’s past exposure to changing conditions in where they live will always help them to prepare for more changes ahead. Exposing people to incident scenarios is likely to help them to prepare for incidents in the future, even though the scenarios could be very different from the real event.
 
 

Written by mengchow

November 4, 2005 at 8:00 am

Posted in Risk Management

%d bloggers like this: