Archived from groups: alt.internet.wireless (
More info?)
On Wed, 29 Sep 2004 06:56:31 -0400, "Jim Miller"
<jim@removethisjtmiller.com> wrote:
>i'm having a little trouble understanding how a city providing universal
>access to the net will implement mac address filters for every citizen. also
>these networks are hyped as a means for commerce to develop that wouldn't
>have otherwise. what happens when vendors from out of town come to visit and
>expect to connect?
>
>it just seems a little half baked...
The security issue with metro wireless is in 3 almost seperate areas.
1. Mesh network security. The idea is to keep the hackers (like me)
out of the mesh and backbone. Impersonating a poletop is a good
example.
2. Client security to prevent sniffing of passwords.
3. Traffic security, to prevent gamers from using the poletops as
their private repeaters.
There are others, but these are the main issues. Unfortunately, the
encryption issues are different in all cases, with little overlap.
For example, the correct way to deal with email security is to have
the ISP's provide an IPSec VPN termination at their gateway. The
customer can then create their own individual secure tunnel. Locally,
I only know 1 ISP that's actually doing that and 2 more that are
considering it. Everyone else says to use webmail with SSL
encryption. Yech. It's not like such boxes are difficult to find or
impliment:
http://www.nokiausa.com/business/mobility/mobileconnectivity/nokiaipvpn/nokiaipvpngateways/1,2888,,00.html
From what I've seen, most metro wireless systems are not for the GUM
(great unwashed masses). They are primarily for municipal services
(police, fire, roads, utilities, etc) and whatever excuse was used to
fund it in the name of anti-terrorism. These can make effective use
of VPN's and MAC address security. The GUM is on their own.
Traffic security is interesting in that most WISP's don't appreciate
the problem until it hits them. Turning a public poletop into a
private network repeater is fairly simple. It comes under "theft of
bandwidth" or some such security buzzword. No need to connect to the
internet, just your friends and neighbors.
I'm not really sure how these metro wireless systems are going to be
managed, who's gonna get the support headache, and how they're going
to deal with enforcement. One funding proposal I've seen had zero
dollars for management. Just turn it on and walk away. It's no
different than an ISP or WISP, but on a much larger scale. I guess it
should be handled the same way with the added enjoyment of municipal
bureacracy. Dunno.
--
Jeff Liebermann jeffl@comix.santa-cruz.ca.us
150 Felker St #D
http://www.LearnByDestroying.com
Santa Cruz CA 95060 AE6KS 831-336-2558