[SecurityRatty] tag: san

American Launches In-Flight Broadband Pilot

Wed, 20 Aug 2008 04:33:21 +0000

Welcome back, mile-high Wi-Fi: American Airlines has turned on Internet service in its fleet of 15 767-200s today. These aircraft ply routes between New York's JFK and three cities: San Francisco, Los Angeles, and Miami. Service is $13 per flight, and bandwidth is expected to be 1.5 Mbps (uncompressed) upstream and downstream, although the service provider, Aircell, claims some advantages above that.

This is a big day for Aircell, which spent tens of millions to acquire the exclusive spectrum license that allows them to shoot Mbps to and from planes. My big question will be whether coverage remains seamless across an entire flight--how often one has to reconnect their VPN would be a big issue. If Aircell has architected the network correctly, passengers should never be reassigned an IP address, and connections shouldn't be dropped even if there's a hiccup in air-to-ground communication.

I've covered in-flight broadband for several years, and I've been wondering lately whether we'd be waiting until 2009 to see real production service. American is calling this a 3-to-6 month pilot to see what their passengers think. Just yesterday, I wrote up veteran travel writer Joe Brancatelli's frustration with the lack of information and some misinformation about in-flight broadband.

You can read more background on American's plans and Aircell's technology in a post I wrote for BoingBoing on 24-June-2008.

Wee-Fi: Houston-Fi, ASCII WPA Passphrases, Green Wi-Fi

Tue, 19 Aug 2008 06:26:25 +0000

Houston flips switch on free downtown Wi-Fi: Dwight Silverman of the Houston Chronicle accidentally discovers the soft launch of the network funded by EarthLink's $5m default fee. (The fee was paid when they missed a milestone, and the firm later walked away.) The downtown area now has a limited pilot project that's free; the real effort in Houston is supposed to be at 10 housing projects and in parks where service would be used to bridge the digital divide and improve the quality of life. How, exactly, is part of what's being tested.

That's ASCII, not hex: An article on wardriving raises security hackles by repeating some slightly overheated statements about Wi-Fi security. The article opens with a 63-character ASCII WPA passphrase, which is later described as "hex." (ASCII passphrases in WPA can be up to 63 "printable" characters - ASCII 32 to 127 - while a hex version of a 256-bit TKIP or AES password is 64 hexadecimal digits long.) The article tries to conflate Wi-Fi attacks that led to the largest set of breaches in retail credit-card systems and wardriving, a hobbyist activity that's never been looked on very favorably by law enforcement. The sense of ennui of wardriving pioneers is pretty clear; when Wi-Fi is everywhere and generally secured, it's far less interesting. The wardriver in the article convinced the reporter that a maximum-length WPA passphrase stored on a USB drive for automatic use was the best way to go. But, really, 20 characters containing letters and punctuation and no words found in a dictionary along with changing your network's SSID (network name) provides all the security you'll ever need for a home or small business. (If you need more, deploy WPA/WPA2 Personal.)

Green Wi-Fi's Senegal efforts hit snags: The folks at Green Wi-Fi are well motivated, and they're running up against all forms of security theater and bureaucracy both here and in Senegal, where they have an active project. The San Francisco Chronicle notes the group's effort to build solar-powered, self-sustaining Internet access via mesh networked nodes. Getting devices out of the country, clearing customs in Senegal, and hooking up their solar system all hit problems they're working through. As with the One Laptop Per Child program, I see a "build it and they will come" mentality in Green Wi-Fi's mission statement: the notion that providing computing power and Internet access will result in good things, rather than an effort to figure out what good things need to be achieved, and whether computers and the Internet will assist.

Missing Registered Traveler laptop found

Wed, 06 Aug 2008 09:00:00 +0000

A laptop reported missing by a vendor of the U.S. Transportation Security Administration's Registered Traveler program has been found at the San Francisco airport.

Heads up SFO travelers

Tue, 05 Aug 2008 14:06:16 +0000

Jeez, I dont even want to remark on this one.
Unencrypted? Why not?

clipped from yro.slashdot.org

“Clear” Air-Travel Pass Data Stolen From SFO

“A laptop containing the unencrypted security data for 33,000 travelers using the Clear system was stolen at San Francisco International Airport on July 26, according to CBS5 Television. The Clear system allows travelers who register and pay a $100.00 annual fee to speed through airport security by using a smart card at special kiosks in some airports. TSA has suspended new registrations in the system, which is run by a private contractor, Verified Identity Pass, Inc., a subsidiary of GE. The laptop was apparently stolen from a locked office at SFO. The company has now decided that it might be a good idea to encrypt the data in their systems. They are in the process of notifying customers that all of their personal data, including name, address, SSi number, passport number, date of birth, etc. has been compromised.”

Missing laptop grounds US Registered Traveler program

Mon, 04 Aug 2008 20:00:00 +0000

The U.S. Transportation Security Administration has temporarily stopped a vendor from signing up new customers for its Registered Traveler program after a company laptop containing the unencrypted personal data of 33,000 people went missing at the San Francisco International Airport.

City Missed Steps to Avoid Network Lockout

Mon, 28 Jul 2008 03:32:42 +0000

IT executives and analysts list some steps that San Francisco officials could have taken to prevent a disgruntled employee from locking IT administrators out of the citys fiber backbone network.

One Risky Point

Mon, 28 Jul 2008 03:32:42 +0000

The city of San Francisco's problem with one network engineer hints at management issues for all IT shops, says Frank Hayes.

HP StorageWorks sets the bar for iSCSI SAN server security

Sun, 27 Jul 2008 20:00:00 +0000

Our testing of iSCSI SAN servers show they all handle basic functions as advertised. But we had to dig deeper into other enterprise features offered — such as security, high availability, and expandability -- to find bigger differentiations between the products.

One risky point

Sun, 27 Jul 2008 20:00:00 +0000

Single point of failure. That's the right term for talking about the mess in San Francisco, where last week the city government finally regained control of its backbone network. Terry Childs, the net admin jailed for locking down administrative access, turned over the passwords during a secret visit from Mayor Gavin Newsom.

Top 10 Signs Your Network Admin has Gone Rogue

Fri, 25 Jul 2008 14:00:30 +0000

Terry Childs captivated much of the IT world over the past week and a half with his lock-down of San Francisco’s IT system. Instead of watching a bunch of police chasing a white Bronco, this time the coverage amounted to many many articles, blog posts, comments, and long email chains. It seemed I would read one thing and the very next one would contradict or shed more light on some aspect of the case.

Depending on who you talk to, he is:

a) a hero

b) a disgruntled worker

c) in need of a serious work/life adjustment

d) in need of $5 million and/or a better lawyer

e) all of the above

Surprisingly strong opinions, regardless of what you choose.

We chose to lighten things up a bit and, as we always try to do, figure out how to help our customers be proactive. So here it is, the Top 10 Signs Your Network Admin has Gone Rogue:

10) David Letterman has a Top 10 list called “Top 10 Signs Your Network Admin Has Gone Rogue”

9) Your Admin is the only one with the network device log-ins and refuses to share them with anyone else.

‘8) His presentations about network configuration include the words “Magic” and “Burn after reading”.

7) Instead of email, he forces everyone to use the Suggestion box placed outside of his door…and then places a very obvious nanny-cam hidden in a teddy bear right next to it.

6) He begins to grow out his sideburns and every question directed to him in meetings results in the same response, “Do you feel lucky today, punk?”

5) He has the mayor on speed-dial.

4) He starts wearing very big shoes to the office and accosts random people in the hallways asking if they think they could fill them.

3) He refuses to write router and switch configs to flash citing network security concerns.

2) He calls you and asks for a $5 million salary advance; caller id flashes “Department of Corrections”.

And #1: You’re the City of San Francisco

Enjoy your lock-down free weekend!

ShareThis