A building containing a coffee shop stands alone. It is far enough
from any other building for you to know that the wireless signal you
are picking up on the combination wrist watch, usb key and wireless
access point locator you got from a vendor is from the coffee shop.
Your super secret decoder watch tells you the network requires no
authentication and the name of the access point is generic, ie, not
'public', not 'private' or any other term or phrase that could
possibly be construed as identifiable with the coffee shop.
There is no notice on or in the building saying that the use of
wireless is for paying customers only.
In short, you know the signal is from the coffee shop (which you don't
own) but there is no notice forbidding usage.
You are parked in front of the coffee shop and want to check you
e-mail or do something equally mundane.
Q1: Do you use the wireless connection and why?
Q2: Do you advise the business owner as to the dangers of the current
configuration and why?
Welcome!
I wish I could say that this is something as noble as 'giving back' to the information security community but the simple fact is it will be a forum to discuss ethical issues in a calm, rational manner that need to be brought out into the open.
Information security (or the lack there-of) is becoming more a part of peoples lives, and affects more people each day whether they use a computer themselves or not as banking, utilities, transportaion, medical care and other critical industries are all heavily computerized.
We have all seen the effects and impact on individual people and businesses when breaches occur, and it does not take much imagination to speculate about the impact to economies when large enough attacks are realized.
Given the variety of laws around the world or lack there of, legality aside, a large 'gray space' between the 'white' of the defenders and the 'black' of the attackers exists. And because of that variety, discussions here will remove the legality of an action from the discussions. What may be a serious crime where you live, may be perfectly legal where the next blog reader lives.
When you remove the legal aspect of the issue, right and wrong in the traditional sense become a function of the individual's beliefs. Of course there are lines that should not be crossed and actions that are clearly wrong to all but the most criminal but with information security, again, eliminiting the varied legalities around the world, those are few and far between and even those become gray at some point.
This forum will look into that wide gray space and discuss what is found so that readers can make up their own mind and determine their own ethical compass.
There are a few things to keep in mind when reading from or posting to the blog:
1. There is no 'right' or 'wrong' answer. Different people may arrive at the same conclusion but by taking very different paths. The journey is just as important as the destination.
2. Some of the scenarios presented here will seem a bit unusual almost perfect. This is done intentionally as I am trying to make all the variables black and white to simplify the problem and isolate the specific ethical issue in question.
3. It was mentioned previously but it bears repeating, remove the legality of the issue from your thinking. Laws vary widely around the globe so again, to isolate the specific ethical issue at hand assume that your reasonable response would be legal.
4. Ethical issues can become emotional. Avoid being judgemental. It is our hope that you will encounter very different views from your own. Attacking people with differing views is not the way to get your point across. Clear, concice writing wins over flames every day of the week.
5. Don't assume or try to read between the lines. In the scenarios, there is no hidden information. All the information that you have in order to make your decision is presented. The 'in short' section is a straigtforward explanation of the scenario with all the detail removed.
6. During testing of several of the scenarios with friends and associates one trend became crystal clear. Thier intial answer was usually different, sometiimes significantly from their answer after thinking about it or better yet discussing it for even 15 minutes. These scenarios are designed to be thought provoking. Take some time, think about it, talk to your friends and associates, read the responses already posted and when you're sure, let us know it.
All times listed are GMT. Let's keep this as light and enjoyable as we can for a topic of this nature.
Information security (or the lack there-of) is becoming more a part of peoples lives, and affects more people each day whether they use a computer themselves or not as banking, utilities, transportaion, medical care and other critical industries are all heavily computerized.
We have all seen the effects and impact on individual people and businesses when breaches occur, and it does not take much imagination to speculate about the impact to economies when large enough attacks are realized.
Given the variety of laws around the world or lack there of, legality aside, a large 'gray space' between the 'white' of the defenders and the 'black' of the attackers exists. And because of that variety, discussions here will remove the legality of an action from the discussions. What may be a serious crime where you live, may be perfectly legal where the next blog reader lives.
When you remove the legal aspect of the issue, right and wrong in the traditional sense become a function of the individual's beliefs. Of course there are lines that should not be crossed and actions that are clearly wrong to all but the most criminal but with information security, again, eliminiting the varied legalities around the world, those are few and far between and even those become gray at some point.
This forum will look into that wide gray space and discuss what is found so that readers can make up their own mind and determine their own ethical compass.
There are a few things to keep in mind when reading from or posting to the blog:
1. There is no 'right' or 'wrong' answer. Different people may arrive at the same conclusion but by taking very different paths. The journey is just as important as the destination.
2. Some of the scenarios presented here will seem a bit unusual almost perfect. This is done intentionally as I am trying to make all the variables black and white to simplify the problem and isolate the specific ethical issue in question.
3. It was mentioned previously but it bears repeating, remove the legality of the issue from your thinking. Laws vary widely around the globe so again, to isolate the specific ethical issue at hand assume that your reasonable response would be legal.
4. Ethical issues can become emotional. Avoid being judgemental. It is our hope that you will encounter very different views from your own. Attacking people with differing views is not the way to get your point across. Clear, concice writing wins over flames every day of the week.
5. Don't assume or try to read between the lines. In the scenarios, there is no hidden information. All the information that you have in order to make your decision is presented. The 'in short' section is a straigtforward explanation of the scenario with all the detail removed.
6. During testing of several of the scenarios with friends and associates one trend became crystal clear. Thier intial answer was usually different, sometiimes significantly from their answer after thinking about it or better yet discussing it for even 15 minutes. These scenarios are designed to be thought provoking. Take some time, think about it, talk to your friends and associates, read the responses already posted and when you're sure, let us know it.
All times listed are GMT. Let's keep this as light and enjoyable as we can for a topic of this nature.
Sunday, July 15, 2007
Coffee shop wireless
Posted by Shades at 16:34 4 comments
Labels: wireless
Subscribe to:
Comments (Atom)