Edited by author 06-05-2003 02:07 PM
Right now I am comfortable with "reasonable" security. I never transmit anything I don't feel comfortable with 1,000,000 people seeing if it got out. And for credit card purchases, I started using my Pay Pal MasterCard instead of my others. I can fund it at will and if it gets stolen, they aren't likely to get much out of it. I think that 99% of security has to do with common sense. I'm more concerned about giving a credit card over the phone or to a sales clerk than over the Internet.

Or worse, mailing in an order from a catalog. Talk about security issues...

Considering e-commerce sites all (well 99%) use SSL, you're better off using your laptop to buy stuff in the park than to send out plain-text emails if you're concerned about sniffing.

I've had the opportunity in the past to see news reports on story topics for which I had some substantial personal knowledge. In EVERY instance, the reporter got many of the facts wrong or skewed the story to make it sound more dramatic or ominous than it really was.

Reporters are are out to make a buck, just like everyone else. The lower the overhead (in this case, fact checking and research) the higher the profit margin.

Why would you be surprised that they get a technical article wrong? They are English majors.

Maybe I'm getting old and cynical, but I'm begining to think the reason most papers don't get their facts straight is because they can't be bothered.

I read an article about the latest X2 movie, wherein they saw the Character of Nightcrawler, has 'Stigmata.' Now if you've seen the flick, you know that's completely wrong.

Stigmata are bleeding wounds in the hands and feet and chest, 'replicating the wounds of Jesus' and only the most holy and pious of people ever get them. Nightcrawler had engaged in the process known as scarification, using the letters 'transmitted by the archangel Gabriel' and as he said, he has "One for every sin."

Vaguely similar in that they're religous, but utterly different in practice. Enough to make you wonder if the guy even saw the movie.

Ditto with Matrix Two, another news jockey said Morpheus was battling vampires with razors. I'm not sure about you, but vampires don't desolidify and retain their features. They become a mist or a flock of bats. On the other Hand, Ghosts do act like ghosts and dematerialize and terrorize people with razors and guns and cars, et alle.

So why didn't he just say what WiFi really is and what it's really about? because that would be accurate, and it would mean fact checking. As we've seen from numerous news incidents, there's no money in being accurate. Ombudmen cost too much and just sit around doing nothing anyway.

A few years ago I interviewed Brian C. Grimm, Marketing Director of the Wi-Fi Alliance for an article I was writing on wireless networks. My first questions was "What does Wi-Fi mean?" and his answer:
"Wi-Fi stands for wireless fidelity." He went on to explain that the fidelity referred to out of the box interoperability of equipment from different manufacturers.

I say we riot against Stanley A. Miller II. I'll bring my pitchfork, and an extra torch.

The criticism on boingboing of the security and privacy warnings in the article is wrong.

Your personal and financial secrets are at risk if you send them over the Internet from your office. They are even more at risk if you connect to the Internett from a convenient park bench via a public, open Wi-Fi service.

Try your favourite search engine for 802.11b man-in-the-middle attacks, ARP poisoning, disassociation attacks, unauthenticated control frames, transmission power spoofing, MAC address spoofing etc etc even before you get to the joys of WEP.

Secure Sockets Layer (SSL) or even the more modern Transaction Layer Security (TLS) is not proof against man-in-the-middle proxy servers which replay your credentials invisibly whilst snooping them, unless you are using client side certificates and mutaul authentication. Some financial institutions do implement this for their customers, but the majority of e-commerce relies on simple one way unauthenticated SSL sessions.

There will be people in the park or within extended antenna range of the park, who will be sniffing the Wireless network network looking for usernames and passwords to POP3 email, FTP accounts or even the cookie credentials used by your favourite Blogging software.

Oh man, THANK YOU for pointing out the "wireless fidelity" thing. That has bugged me senseless since the first time I read it.