UPDATE (9/22): I fowarded this post to Austin Police Chief Art Acevedo and, after a brief back and forth via email, this morning he writes to say the department has canceled today's planned "Operation Wardrive." Wrote Acevedo, "I nixed it already, good intentions to educate, but not best for public perception. A very enthusiastic group of folks trying to combat cyber crime came up with the idea without flying it up the flag pole. Please let folks know that there are people that can and will use unsecured home networks for unsavory and illegal activity."
Thanks, Chief, for accepting feedback and acting on it instead of reacting defensively, and for doing so in a timely manner. Perhaps next time the DART unit should run their plans "up the flag pole" before launching dicey mass surveillance schemes without probable cause, if only to save the embarrassment of having to backtrack after announcing plans to the media.
Certainly readers should check to make sure the default password has been changed on their routers and be sure to use a firewall, especially when using open networks outside the home. But average folks needn't be frightened into closing off access to your home wifi by Chicken Little-style scare tactics. As computer security expert Bruce Schneier has written, running an open wifi connection is "basic politeness. Providing internet access to guests is kind of like providing heat and electricity, or a hot cup of tea." Common courtesy should never trigger a police investigation, even under the pretense of a public education project.
-------------------
Original post: The Austin PD is undertaking a bizarre scheme called "Operation Wardrive" to "find open wireless internet connections in the city." Reported KVUE-TV, "The APD Digital Analysis Response Team, or DART, will hold "Operation Wardrive" Thursday, Sept. 22. DART unit members will make contact with residents who have open wireless connections and teach them the importance of securing them."
According to KVUE, "APD says wireless devices will be used to find the open networks. They say most manufacturers of wireless routers ship their devices with the wireless network unsecured by default, which leaves people at risk. They warn that internet users who fail to secure their network are at risk of someone else using it or hacking into personal information."
This strikes me as a very strange task for police to undertake. Asks one of my techie friends, "Has Austin run out of crime? Do APD officers patrol neighborhoods checking for open windows and doors? (Actually using your neighbor's wifi is more like reading by their porch light.)"
This is less about protection of the public and more about using law enforcement as corporate welfare to enforce terms-of-service agreements with wireless internet providers. But APD is not a party to the contract with my ISP and I fail to understand why it's any of their business if my wifi connection is open or not. Want to educate folks that they need to change the password on their routers? Fine. Purchase advertising. But don't go creating a master list of open wifi connections and start hassling customers who've done nothing wrong.
Which brings us to a big unintended consequence from this ill-considered scheme. Because this activity is not (remotely) part of an actual criminal investigation, the list of open wifi connections APD generates as well as all associated data will be a public record under the Texas Public Information Act. Simply compiling that list - which will be available to anyone as soon as somebody files an open records request and posts the results online - makes the types of malicious activities APD is concerned about more likely, not less. Bad idea.
Even if this is a well-intentioned effort and not just water carrying for the ISPs, I don't think our friends at Austin PD have fully thought this tactic through.
MORE: From EFF-Austin, where advocates published a detailed open records request filed today with APD about "Operation Wardrive."
Tidak ada komentar:
Posting Komentar