That Brexit is looking better every day...
Result, guys. Result. A campaign by Digital Rights activists to preserve open Wi-Fi hotspots has resulted in Europe’s highest court deciding the exact opposite. The ECJ has advised that open Wi-Fi hotspots should probably be operated password-protected – and hotspot owners should require users to reveal their identities. The …
Until uk.gov decides that it is a good idea.
They were pretty picky and choosy which European laws were adhered to pre-Brexit. I can still see them picking an choosing.
The difficultly in bypassing this depends on what kind of ID is required to be presented to reveal ones identity... Someone else's birth certificate? Another's Credit card? or would a valid passport be required?
They were pretty picky and choosy which European laws were adhered to pre-Brexit. I can still see them picking an choosing.
Oddly enough it's the eurosceptic countries like the UK and Denmark that have implemented the largest number of EU directives in national law, although often after complaining and protesting. It's the countries like France who are really picky, but cleverly so, by loudly welcoming a new directive and then ignoring it or implementing something which looks a bit like it but is actually much more beneficial to them. It's a game, where it does not pay to be hoenst & upfront. There is a reason why the French describe sportsmanship as "tres fairplay", the language seems to lack an appropriate French equivalent...
Nothing compared to countries like Italy that vote to approve them, then "forget" to implement them), and then pay fees (with taxpayers money) for not doing so...
But are you Britons sure someone like Ms. May isn't interested in ensuring every WiFi access is controlled? She didn't look like someone who puts personal freedoms before everything else.... wasn't she one of the backers of the snooper's chart?
Oddly enough it's the eurosceptic countries like the UK and Denmark that have implemented the largest number of EU directives in national law
That's why they're Eurosceptic.
In the EU, the Germans like plenty of rules, the more unreasonable the better. The Club Med countries don't care whether you have a lot of rules or not, because they ignore them.
By "Toff" do you mean someone who has an education? Did you not hear that David Cameron (a "Toff") has not only relinquished control of the Country to someone else, he has actually stepped down as an MP? A quick glance at May's Wikipedia page identifies her as the daughter of a clergyman...hardly a Toff...but don't let the facts get in the way of your spit flecked anti educated individual bile!
" all Tories are Toffs."
Anyone of the working classes who votes tory is a bloody idiot. If you don't own your own business, sit on the board of a company, hold a directorship or a landed title of some kind, then the tories are not going to help you in any way; quite the opposite.
>To many people, she's a 'toff' because she went to a Grammar School.
Actually she went to Wheatley Park Comprehensive School - she claims a Grammar School education as it was one when she started - ironically she failed the 11+ so had to go to a private school to be trained up to pass the 13+ for a late transfer (socially mobility and all that).
"That Brexit is looking better every day..."
Rubbish. Finding a WiFi hotspot in the UK that isn't password protected is hard enough as it is and it's NOTHING to do with the EU or any ECJ court rulings. It's greedy bastards who can't see that offering a free service that costs them next to nothing to offer might actually attract paying customers in to spend money. No siree, they see it as a "cost" and so have to "monetise" it so get BT or someone to provide the service and require details before letting you use it then MITM everything you do on it.
This whole fantasy of "free" WiFi, your device hopping from one provider to the next as you walk down the street is pure marketing myth. I rarely use WiFi out and about because it pisses me off have to keep signing in everywhere I go.
No, I never enter real details, no I never remember what details I used where and no, it's getting harder and harder to register as email@example.com because thats usually already a registered user.
I think you will find this ruling is in breach of the European Convention on Human Rights, which the EU is signed up, though seem to for some bizzare reason not ratified yet after a number of years.
And all you Brexit idiots seem blithly in total ignorance that this the ECHR comes from the Council of Europe which
- The UK was a founder member of
- We are not leaving
- The ECHR and it's Human Rights impact on UK Law will not change 1 IOTA with the UK's Brexit from the EU, should that ever happen.
>the shop owner for failing to provide due care if he doesn't cough up the names of the folk who used his wifi.
Just record all the MAC addresses of devices that access the hotspot and hand the list to whoever demands it. You've done your bit, let Sony et al sort out who to heavy from that lot. (But, of course, its possible to set any MAC address into an interface.....so expect those who don't want to be identified to not be identified.)
There should be a law prohibiting anyone who's not technically qualified from making laws about the behavior of technology because they always screw it up. They're a bit like marketing people but with even less understanding of what they're talking about.
I think the ruling would expect that the password is not available until you have handed over some form of identity document to allow you access. However if 500 people know the password how would you then know who the infringer was?
A further ruling would have to state that every user would need to be uniquely identified and logged on your system for a period of time (12 months?) making it as onerous on you as it is for an ISP in the snooper's charter proposals.
This ruling is entirely flawed and shows, unsurprisingly, a complete lack of knowledge of the technology and does, effectively kill off hotspots for pretty much everyone unless an e-mail address is accepted as proof of identity and a voucher code system is used on the wifi hotspot.
effectively kill off hotspots for pretty much everyone unless an e-mail address is accepted as proof of identity and a voucher code system is used on the wifi hotspot
Either a voucher, or a deposit paid by credit/debit card which could then be refunded. Certainly it would mean securing wifi with individual user accounts of some kind. How many consumer routers (which I imagine are what most coffee shops and the like have) are set up with that kind of system?
> So no password is bad, having a password printed on a sign that has to be typed in is good?
> And that will stop people being naughty?
You misunderstand the ruling. He can't just post the password on a sign - he has to somehow validate the identity of each user before giving them the password.
They then give the password to someone else (perhaps by accidentally leaving it on a slip of paper on the table when they leave) making a complete mockery of the ruling. Add to this the the fact that the password will be "fu50ny" and it all starts to be a bit silly.
The ruling is self-contradicting. In one place it says that monitoring information has to be excluded as an option since that breaks some other EU law. The it says that it should require a password...so make a password, and have people show you their ID to give them the password. This, according to the judgement, "may dissuade the users of that connection from infringing copyright or related rights". But you still won't be able to pinpoint who did what and according to the ruling you are then not liable.
Not exactly, there are two stages or passwords that can be used.
Using a known password for the hotspot to enable encryption is a good thing. This password can even be displayed on the counter, so that customers can gain access to the internal network.
The second stage, which is more controversial, and is probably what the courts want, is to have a proxy or gateway that requires users to be registered, before they get from the internal network out onto the Internet. These systems are available and cost money. In Germany the likes of Deutsche Telekom and the other large telcos generally run them and customers of the Telco can often use the hotspots "for free", because it is included in their monthly mobile or landline contracts.
Having a WPA2 password / passphrase makes it secure at least and cannot be eavesdropped by others in the vicinity. It doesn't matter if the password is printed for all to see, once the traffic is encrypted, it make it a lot more secure.
Having to use a logon-page on top of that, so that you can access the Internet through the router is another matter.
Employs a lot of legal folk, someone has to create the work you know.
By the requirement for "identities" does that mean that I can't now have a general staff/guest WiFi with the password available to all, that I need to see proof of ID before allowing users to connect?
"Can I use your WiFi?",
"Let me see your papers!"
(no prizes for the accent I slipped into on the second bit)
Essentially yes, although you will need a two stage system. You can keep the SSID WPA2 password as is and freely available, but you will need to put in some additional gateway / proxy system that then asks for additional identification or a special "ticket" number to allow them to gain access to the Internet.
"and on "receiving his mark" he might get access to channel 6 on 2.4GHz and 66 on 5.8GHz"
It's funny you should quip about that, when you consider the 6 * English alphabet Gematria, computer = 666
Many others also of notable intrigue, you should look into this.
I found this subject so interesting, and not coincidental in any way, I decided to make my own calculator in php.
This post has been deleted by its author
Being able to make up rules and tell people what they should do while you have absolutely no idea what you're talking about. Cynical? Yessir, but that's honestly my impression about these political 'geniuses'.
Why I say that? Because I can turn this around. When a machine interacts with a wifi hotspot it'll send out its MAC address (you know: you can limit wifi access based on that as well, works quite effectively). Therefor I can argue that the identity got revealed, in the form of a MAC address. Which is, by theoretical definition anyway, a unique identifier.
I know what you're thinking: that is not really an identification because I don't know who the person is. Welcome to the phenomenon of: "the letter of the law". They clearly said:
"it is necessary to require users to reveal their identity to be prevented from acting anonymously before obtaining the required password."
And the definition of identity is left out. So when looking this up on the Innernets (Oxford dictionary):
"Identity - The characteristics determining who or what a person or thing is.
Note: or thing? And as said: a MAC address is supposed to be unique, ergo, I have established the identity (of the machine aka the thing, which is still operated by the user), so they're free to use the open Wi-Fi.
"Why I say that? Because I can turn this around. When a machine interacts with a wifi hotspot it'll send out its MAC address (you know: you can limit wifi access based on that as well, works quite effectively). Therefor I can argue that the identity got revealed, in the form of a MAC address. Which is, by theoretical definition anyway, a unique identifier."
But two things come to mind: MAC spoofing (two devices using the same MAC since some devices allow you to change the MAC) and a Man in the Middle (between you and the hotspot, again messing up the MAC uniqueness).
except that they say "require users to reveal their identity", not "require users to reveal the identity of their machine".
The British being a nation of piss takers, how long until some activist goes to court for the right to change his name to a MAC address. "Henceforth I wish to be legally known as 10:c3:de:ad:be:ef."
Imagine the database fun with that and little Bobby Drop Tables.
The problem with your comment is you used the Oxford English dictionary.
The Courts all use Blacks Law Dictionary, where for example "Driver" means someone who is being paid to operated the vehicle in course of work, so when you operate your vehicle to go and buy chips your not technically a "driver".
Why however we have a dictionary with English words in which have had their meanings changed is beyond my pay-grade.
That's an interesting observation, HailAJ. However, it is a US publication. As far as the UK is concerned (if my 30 seconds of Googling are to believed), legal definitions are taken from a variety of sources, including the Oxford English Dictionary, Stroud's Judicial Dictionary of Words and Phrases (provides details of where words have been judicially defined by the court), and Words and Phrases Legally Defined (provides details of where words have been defined within legislation).
I remember reading that Private Eye, who having used for years the phrase 'tired and emotional' as a euphemism for drunkenness, lost a libel case. The effective outcome is that 'tired and emotional' now means 'drunk'.
> Why however we have a dictionary with English words in which have had their meanings changed is beyond my pay-grade.
Laws based in a large part on precedent need as concrete a definition of words as possible in regards to the context of the law, just in case someone needs to invoke precedent set in R v Joe Bloggs from 1843 whereupon a sanguinolent cabotin was convicted for pizzling a gay jollux.
(Blacks is the US legal dictionary though isn't it? I think Oxford do a "proper" legal dictionary but IANAL)
For similar reasons, judges will often ask "what is this <completely obvious $thing that everyone knows what it is> when it's at home?", to the frequent amusement of the press who can get a cheap "out of touch judge!" story. This is so that there can be a) no doubt in the mind of the jury and b) that an explanation of $thing is made part of the court records for possible future reference. For instance, will people know what a facebook is in 100 years time?
Wandering round this lunchtime, I passed abotu 40 open hotspots, many of which provided as free wifi by the great city of Manchester.
So yeah. That's gunna work.
I'll just type my passport number into this unsecured network to verify my identity shall I?
What could possibly go wrong :D
I passed about 40 open hotspots
are you *sure* they are "open" ?
Default setup in UK is to have hotspot as open, but then to request some sort of identification before proceeding. Usually in the form of an email address (so it's pretty obvious it's not security, but user-monetisation driving the scheme).
Also, I would strongly advise people to be *very* wary of "open" hotspots. I suspect more than a few have been setup with the express intention of sniffing all traffic.
I can't prove it, but I have encountered quite a few alleged "BT Openzone" and "BT FON" hotspots which allow me to connect, but were never able to actually get to the internet.
I agree, mostly all you need is an email address to access the network
Poor old bill.gates.at.microsoft.com, must get a lot of junk email!! ;)
I found out by accident years ago that you don't need to verify the email address
Now I just tell everyone to use the above, when in hotels etc etc
If you require a passport or whatever for user #1 to use the WiFi, what is stopping user #2 from getting the WiFi password from user #1? One-time passwords etc? Well that is unfair on the smaller shops that cannot afford to pay for the kit that would support such a solution.
"blaming users is far easier than fixing a licensing system that is no longer fit for purpose"
Because any other method is just flat dead on the vine. Given the alternatives, one that's not fit for purpose is the least worst option. Or would you rather go back to the old days when art was only affordable by the rich and artists worked strictly on commission?
The problem with passport numbers, AFAIK, is there is no universal register of passport numbers for verification, or even a global standard for their format. So you could pretty much enter a random string of characters with no way to validate. Of course, they could require the establishment to check the passport but seasoned travelers tend to not carry their passports. A lot of hotspots, etc have systems that require you to verify your email address or receive a code on an SMS to your phone for access in the vague hope that this identifies you, but this is ridiculously easy to circumvent with a temp email address or burner phone.
Exposure to less technical fora would reveal that the Great British Public already think it's "the law" to secure WiFi, and that you can somehow be prosecuted for not doing so.
Sometimes it's no necessary to pass laws, if the public effectively do it for you.
I'll tell you something for nothing. After a particularly brain-dead "discussion" on Mumsnet about how you *have* to secure WiFi, I really would not want to be found with an open WiFi spot by the average Mumsnetter. As a previous commentard highlighted, it's the equivalent of being in possession of a raincoat with bags of sweets in the pockets.
So, if each person must be identifiable, then where is the authentication realm to authenticate against and what do you do once they have authenticated - presumably you would need a full firewall log of everything they touched - so you can refer to it later when the claim comes in.?
Which in turn needs time sync and a bunch of storage, etc, etc, etc.
Would we have to run a set of ID's we trust, or is some pan-European authentication platform being formed to support this - given the mobility of people around the world.
My next bets are :
1. Someone hosting a WiFi hot spot with authentication will end up in trouble for discrimination, by not allowing the one-legged gender neutral slightly off-colour (pick a skin tone) person access.
I'm left wondering how this fits into other things we know, such as :
1. The European rights to privacy
2. The UK principles that the "Internet is a right" (like gas and electric).
3. The calls in Italy recently when the earth quake hit - to open up Wireless hot spots to help the rescue efforts.
Like most rules, this doesn't seem very well thought through.
"Would we have to run a set of ID's we trust, or is some pan-European authentication platform being formed to support this - given the mobility of people around the world."
Exactly what the Commission proposed way back when. Using state-mandated offline ID to log in with online, everywhere, as soon as you go online. No internet access other than through an EU-approved membership system.
Still think they're the good guys?
When China introduced this as a regulatory requirement a decade ago all Eu and USA politicos joined a howler monkey chorus despising the undemocratic nature of the Chinese approach and how it violates human rights and yadda yadda yadda yadda. Same as the same politicos and media doing a howler monkey impersonation when one of Putin's first moves became installing official taps backed by a legislative mandate into all SPs which fed something (nobody till this day knows what) to FSB. Hoooooooooowl.
So, what are we doing now? We are quietly over time adopting what Putin and the Chinese are doing. The sole difference between us and them is that we are doing it clandestinely, while they are doing it above board. No comment which is more "democratic".
So, let's step back for a minute. There are two ways to look at this.
1. The anonymity of the Internet is an essential freedom.
2. The Internet natural development route is over time to stop being anonymous and the identity of each and every user and device to be known.
Realistically, we are already very close to 2 anyway. The sole caveat is that a few chosen ones like Google and its dear 3 letter associates have your identity (unless you are in a country where you have to identify yourself to use the Internet). Personally, I would love to go back to 1 - it has some essential values for whistle-blowers, emerging democracies, etc. However, the more realistic option is to actually go to a strictly controlled, regulated and legislated version of 2 which is no longer a monopoly of Google and the No Such Agency. And no howlers please.
By the way - as far as the shop owner asking for your identity - it takes half an hour to integrate chilli-spot into either FaceBook or Google or other large 3rd party auth (f.e. in Germany - T-systems). They do not need to take your passport, what the ruling obliges them to do is to ensure you have authenticated somehow in a way which ties you up to a traceable identity. That is technically trivial.
"By the way - as far as the shop owner asking for your identity - it takes half an hour to integrate chilli-spot into either FaceBook or Google or other large 3rd party auth (f.e. in Germany - T-systems). They do not need to take your passport, what the ruling obliges them to do is to ensure you have authenticated somehow in a way which ties you up to a traceable identity. That is technically trivial."
Provided you have the HARDWARE to do do. I know for a fact many places slapdash a solution just to attract customers, and more than a few have been caught using consumer-level equipment. TEN-YEAR-OLD consumer-level equipment at that.
As for the Internet itself, it's like with the wild west. In the end, people don't want anarchy even if it means ultimately and end to anonymity. The benefits of attestation tend to outweigh the drawbacks, as most levels of business require a level of trust that at least goes as far as exchanging verifiable identities (the First Contact problem) or you can't get anything done. Society requires trust to work.
So you have to stop offering really crappy free WiFi. Where's the issue? If your free WiFi is not making your coffee shop a fiver a day in custom, why are you bothering? When almost everyone in the coffee shop will be accessing your wifi using a mobile device which can happily switch to 3G, providing a service worse than 3G is a waste of time.
Please let's kill this idea right here. Facebook has spread far enough and I don't want to have to get an account on there just so that I can start using Wi-Fi at coffee shops. Having them track me wherever I go on the Web isn't worth getting a bit of free access with my coffee.
Besides, there's nothing that enforces a Facebook account to be your real identity. They only check it out if they receive complaints.
But authentication means nothing unless you do something with it afterwards - i.e. the logging I mentioned previously.
If you just say "I authenticated to Facebook and Google" - then you have whats known as "a bunch of users", you still don't know who the person is, since neither realm is made up of 100% genuine people and saying "it was one of them" is as good as the current free WiFi situation where the answer is "someone who came within range of the AP"
Authenticating on its own does nothing and the current ruling is fairly pointless because of that.
"They do not need to take your passport, what the ruling obliges them to do is to ensure you have authenticated somehow in a way which ties you up to a traceable identity. That is technically trivial."
Wait, what? How exactly is any of that supposed to identify me "traceably"? First off, I have no Facebook account. I do have a Google account but all they have is my phone number. Which is a prepaid card, even if "they" could persuade Google to divulge it to them. And do please consider this is Eastern Europe I'm talking about, not the "how many Stingrays did you say you need?" USofA. Then again, I might decide to log in with a Google account that has not even that much on me. I hope you don't delude yourself thinking email accounts are "traceable". Our McDonalds tries to do something like that using a captive portal nagging you to "register" before you log in - which is not something I'd ever bother to do, they can shove their wifi where the sun don't shine.
You could ask me for my home ISP login credentials - which free wifi hotspots sprinkled around my town, run by my ISP already do - except I never log into any of those specifically because of that. It's none of their business what I do when I'm not at home (or even when I _am_ at home, but that's a different rant). Finally, if you seriously think I'd ever consider whipping out ANY sort of official document in a bar or restaurant to use their wifi... hahahahaha, think again.
Right now everyone is just printing their passwords (if they have one at all) on their menus here, and that won't change any time soon regardless of what gets ruled where. The only relevant piece of kit you'll find anywhere is the first bog standard off-the-shelf commercial router whoever they sent to go get some hardware could get their hands on. Yes, local authorities could push the issue if they wanted. Emphasis on "if they wanted". Specifically, on "_IF_". Do tell, what's in it for them? Yes, you got it, that's exactly how many shits they give.
Don't you get it?
"The kids" will happily sign away their kidneys for free wifi. If the Eu gives it to them, everywhere, with a tiny little privacy catch.... kaboom, that becomes the new normal. There is an expectation of continual surveillance, an expectation of continual censorship. Our youth already love Big Brother.
The ruling says that it is practical to get an injunction requiring a business to put a password on their hotspot and/or require ID to use it. It doesn't seem to be an order for all companies to do that, just ones with enough infringers to be worth pursuing by big media.
A TV? : Nope, easier to buy one. Obtaining one is actual knicking one.
A games console? : But how to download? Nah.
A video recorder? : undownloadable but can be worth an absolute fortune. Those Hi8 and SuperBeta decks fetch a lot of money.
A game? : but it won't install on a Playstation, need a proper disc or PSN download.
No still stuck!
Just set the password to 'password' and don't tell it to anyone. If it gradually becomes a thing that open hotspots use the word 'password' as the password then nobdoy will have to do any identity checks and nobody will be prevented from using previously open hotspots.
The ECJ will eventually have to make it a law that you can't set your wifi network's password to 'password', at which point everyone can move across to 'password1' and carry on.
The text cited just says that IF the network is password secured, then potentially enforcement of the rights of rightsholders may occur, but in that case, the identity of the people using said password must be ascertained first.
None of this is bound to happen to open hotspots soon, and anyway national laws have to be passed first (well, France may already have a law against this, as in France today there is only one thing that is still allowed: paying taxes)
"Napoleonic law starts from the principle that everything is forbidden."
Huh? What is this "Napoleonic" nonsense? Isn't every single country in the world operated on the principle "everything is forbidden, we just choose to not enforce any of it against you unless you show up on our radar and piss us off"...?
- Continental system - (Europe - supposedly) - All rights are granted, and then taken away. - God to citizen system.
- UK and USA system - No rights (start as nothing, not even an object, and then rights are assigned) - Slave to citizen system. That's why they need the bill of rights. Without it they do not legally exist. Oddly, money doesn't seem to legally exist either (not corporeal, not immaterial).
ISP are liable by default if they cannot give up the ID of who is alleged to have committed civil/criminal action via their network. Further, duty of care is now much more the ISP responsibility to prove
To me the obvious outcome is that those people who want anonymous internet access will just war drive or use stolen credentials instead resulting in all wifi/hosting/VPN etc becoming a legal liability.
Brexit wont make a difference as the UK will be one of the first EU states to implement this, given the local track record of assuming that the music/movie industry is being abused by all UK population and compensating them in advance.
What we need is some form of National Identity card that can be used to centrally identify and authenticate us a citizens so we don't need to provide the same details over and over again.
Then a central store could be made of everything we do, you know, as a backup, just in case we make a mistake, or lose it and need to go back, or like investigate who's been doing bad things.
And we can sell the details to some exclusive partners so they can help us in the future.
This is like holding a cafe responsible for someones wrong doing because they used the cafe's power socket to charge the laptop they used in the planning, or sat under the cafe's electric light so they could see what they were doing, or used the water in the toilets to wash the hands that wrote the plans.
WiFi is just a utility like electricity, gas or water.
Am I missing something here?
If the connection after the hotspot is via NAT, then how can "big media" identify the user from the internet side? Or are hotspot providers going to have to go for the full ICR logging that the Snooper's Charter is imposing so that they can identify which of their users (who have proved their identity) it was that downloaded the dubious content?
Just setting a password and making users identify themselves to the hotspot operator seems insufficient.
As an old fogey with failing eyesight, but not on a pension, the UK Government has lifted my driving licence. My passport has expired, so I'm a bit "off the Grid". So if I want to have a coffee in the local Starbucks and browse my droid tablet will I be thrown out onto the pavement (sidewalk)?
.. is incapable of distinguishing between anonymity and accountability.
I observed a while back that the ECJ seems to be changing to a model that ensures they keep busy. This is a classic, because such a policy conflicts directly with the right to privacy. Not quite sure where this will lead, but I suspect this story isn't quite over yet as it encourages data grabbing from everyone near a "free" WiFi access point, where the word "free" was just being challenged because of the enforced demand for personal details.
Honestly, the lobbyists must have spent a fortune on dinner for this result, enough for alcohol to last in the relevant bloodstreams until the verdict. It must have been a rough couple of nights.
All too true. It's game over for the internet. Totalitarianism is here. It's only cognitive dissonance that is stopping people from seeing it. The horrible truth, is, well, too horrible. It will be illegal to not have an internet connection in a little while. It will be illegal to use a VPN for personal use in a few years time (if that). You know how it goes.
The internet has turned into a fucking fascist nightmare. It's wild west time allright, but not for the common man, for the law makers and law breakers, the spies, the top five companies that run the net (google et al). They just don't give a flying fuck. In bed with the politicians who are pissing themselves with fear over the threat the internet provides to their authority. They are putting the internet genie back into the bottle. Game over. It's already lost.
There is no anonymity, there is no privacy. Game over.
Totalitarianism is here, today. Already I see most of you too afraid to comment on articles in this very esteemed organ. I get it. You don't want to get your name on the list. You're afraid. I do understand.
I know that quite a few of you care about this, but you don't say anything about it, due to fear. The fascists have already won. Call them totalitarians, fascists, or whatever - same thing. Authoritarianism gone mad. They are already stepping on your faces, and you just say: Do it to Julia, do it to Julia!
I'm going to stop making political comments as well. I don't see why I should martyr myself for other's freedom, when they won't stand up and be counted. You didn't love your freedom enough. Now it's been taken away from you. Game over.
Voland's Right Hand wrote:
So, let's step back for a minute. There are two ways to look at this.
1. The anonymity of the Internet is an essential freedom.
2. The Internet natural development route is over time to stop being anonymous and the identity of each and every user and device to be known.
Realistically, we are already very close to 2 anyway.
You are very right, in fact more right than you realise. Did I mention the war has been lost? Game over.
We aren't 'very close' at all. It's finished, there is nothing left to discuss. It both amazes and sickens me at the same time when we get these articles in el Reg, and they only get a dozen weak and lame comments. Time after time, because you are scared. That means they have already won. They have put the fear of god into you. They have divided and conquered you.
And it will be you, good little techie boys and girls you are, that implement the future stamping on the face of humanity, coz let's face it, you've done fuck all so far. But I understand, you are afraid. There are laws against thinking the wrong way. Words are being banned. You may realise (and I know you do) that when you ban words, you ban thought. You of all people know that. You can be put in jail for offending someone. They have crushed your freedoms bit by bit, and you can't face up to the sheer blatant inhumanity of what they are doing. I understand. You're afraid. Game over.
There's an essay that is over ten years old now, by John Walker of Autodesk fame (not to mention fourmilab.ch) - in fact it's sub-titled "How big brother and big media can put the Internet genie back in the bottle."
It's a long essay, and not really totally understandable by non-techies. Most of you here will have no problem with it, at least getting the gist of it anyway.
Read it and weep. It's 13 years old now. Everything he predicted has come to pass (just about). Unique identifiers on chips, licenses needed like a driving license, draconial laws to punish dissenters. It's fucking soviet russia and the stazi all rolled in to one, but on steroids. I'm a pseudo intellectual and not well read, but even I know what time it is and what's up. The genie is not coming back out of the bottle now.
Game over. You just didn't love your freedom enough.
And all done in the name of 'hate speech', paedophiles etc. Pure bollox, and you know it is. They have the power to close the paedos down if they want, but they allow them to exist, because it pushes their agenda forward. They don't care about little kids getting fucked up the arse, because it's just collateral damage to them. It's YOU they fear, it's YOU they are attacking. And it is YOU that are conveniently turning a blind eye, because, well, the horror...
They are ramping it up - the whole shebang. Because they have to act fast while you are beaten down, because you are. They know they can get away with it, because you let them. Because you are afraid. I understand. I'm only posting this, because I want to die. I am ready to take my own life at any moment. The end can't come quick enough for me. But don't worry all the security services reading this, I won't martyr myself. I'm going to shut up and be a good little boy, with all the rest of them, there will be no further dissent from me. I'm no rabble rouser. You probably even appreciate the psychological impact it will have on the weak and the silent. You've put them in their place, they are afraid, and pretty soon it's going to be time to start slapping them around a bit. And you'll get away with it - it might even be fun!
Paedophiles my arsehole, it's the general population that must be stopped. And this is how they do it - this is how they put the internet genie back in the bottle. Read that 13 year old essay by John Walker. It will make your blood run cold.
What we are dealing with here, is not the MILITARY/INDUSTRIAL complex. It is the MILITARY/INDUSTRIAL/MEDIA/ENTERTAINMENT complex. Or MIME for short.
This is what all this is about. The media are as complicit in all of this as the paedophiles. At least the paedos are honest about what they do. And as for the entertainment (music) industry, well, you didn't realise something was up, when music died over ten years ago? Crushed. Only for cookie-cutter inanities like fucking Adele, being used as tools of the establisment to demoralise the population via mediocrity, useful idiots they are.
Anyway, never mind all that, those cunts on mumsnet have a lot to answer for. But eh, muh kiddie-fiddlers.
Hopefully I've not offended anyone. Though I feel seriously fucking offended every minute of every day, just being alive and breathing in the air on this seriously fucked up planet. And I know I'm not the only one.
Have a good day.
I am with you on most if not all of that, saw it as the internet honeymoon being over, ranted about it years ago but of course people don't want to look at the bigger picture, will try to get a mob against anyone who uses reality or the "truth", remind me what is the opposite of truth, lies isn't it? so these days you can be derided for being a "truther" because that word has connotations, fuck em speak the truth regardless of the hashtab.
In case no other bugger says it, don't off-yourself too soon buddy, there is dark stuff creeping and those who seek to benefit from oppression but there is also higher meaning, and energy at work if we are open to it. Sometimes in this field we might have to step out of the technology forest to feel the light.
Thanks for the post, bit of fuck yeah moment.
sorry but you seem to be mentally unstable and you need to find help soon because you said it yourself your suicidal
I dont think its game over for the internet, the internet will be free for years to come and many are still fighting for it
anyway this could be a joke but you should talk to someone before its to late
Nicely written - inflammatory and humorous - article, but I am not convinced El Reg has its facts quite straight.
An article on IP Watch (OK, probably batting for the Sony-side of this argument) gives a more complete view. http://www.ip-watch.org/2016/09/15/wifi-providers-can-be-forced-to-require-passwords-on-rightsholder-request-ecj-rules/
To me this says that a rights holder can ask for an injunction on someone operating an open Wifi hotspot to secure their internet connection by means of a password.
So Mr Sony et al, are you going to order all open wifi hotspot operators to secure their internet connections? Really? One-by-one! Nah.. so most of the little guys will carry on BAU. At least I hope so!
As for the bigger hotspot operators - eg BT, Sky/The Cloud, or Virgin Media/Arqiva Wifi are already authenticating users.
internet freedom <-or-> bomb under your butt
Monitoring the net won't stop "terrorists". Hell, most of them live in areas where the place is so devastated that electrical anything is pretty much impossible let alone electronic coms (we are still calling people fighting in their own land to defend their land and way of life from the US "terrorists" right?) .
If the net was to be totally monitored, al encryption not only banned but actively blocked, all users activity logged and all users registered including with iris scanners, then either simple codes would be used to pass on basic messages or other means of communication could be used that aren't electronic and thus aren't open to monitoring.
And a "lone wolf" with a truck is beyond all attempts to monitor.
1. Does this Euro Parliament thingie have WiFi?
2. TV ads for "I can't believe it's not Proper ID"
opening soon in a country near you, ID that would not fool a copper or a border guard, but would probably get past a barista.
It strikes me that 99.99% of public WiFi hotspot users are doing the normal things. A measure which royally arses up their usage is not a proper balance between their rights and the rights of property owners whose property rights those users are not infringing.
If all that is required is to add a password to the hotspot - as in the WPA2 password, and presuming that it will never be changed after it's been added, then there are a good 20 apps where after connecting to a password secured network, the password is then sent off to a server so that anyone else running the app no-longer needs the password to connect. Google "WiMan" for an example.
I love a good old snark along with most commentards but isn't this whole thing trivial?
(1) Having no password on the WiFi absolves the provider from all responsibilty for user actions.
(2) However the provider can now be sued and forced to put a password on the Wifi.
This then removes the protection from (1) and opens the door for further litigation.
Or have they (as is so often the case) tried to be clever and added in another little feature or two to make the second round of litigation that bit easier and managed to include all current closed Wifi services (that is, ones which already have passwords) in their new vision of closing down pirates?
Thus moving a very focused decision aimed at people deliberately punting "anonymous" Wifi services to deliberately circumvent current legislation and sweeping up not only poorly configured old home routers but all public WiFi services?
Well, yes, I wouldn't be at all surprised.
"Method of ensuring total unbreakable security on wireless networks"
Essentially this is a way to distribute a one time pad to an array of machines in a way that cannot be broken at least in principle.
It does however require access to the machine but only in the form of a burned DVD+RW containing the pad which is then overwritten in the host machine while being consumed.
Substitute memory card for DVD+RW or for that matter a file on external device, the effect is still the same and it is also possible to distribute the pad using a screen with a one use key that unlocks the network for an encrypted download via wideband TKSP, etc.
324 bit AES is still unbreakable and typing in the key by hand from a paper receipt is a minor but necessary annoyance.
Internet Sensoring Pricks?
It's late. I've run out of glue.
It's fucking murder finding a carpet laying shop around here in the middle of the night.
And I live in Axminster!
Never mind the horror! It's the fucking irony I can't deal with.
[plausible deniability, your honour - I was out of my mind at the time, suffering severe Thixofix withdrawal]
... use public wifi without a VPN? I certainly would not. So how is this going to help catch anybody who is determined to do something wrong? It is already in the interests of public wifi providers not to allow a few users to suck all the bandwidth --- all you've got to do is ensure no-one gets more than about 2Mb/s. So how big, really, is the threat of wholesale copyright theft at public wifi hotspots?
Of course, the tech savvy know to use VPN when in public wifi land such as at airports. I'm not even tech savvy and I know that.
I upvoted you, even though it seems you did not read and digest my earlier rant/post.
It's all about the MIME - Military-Industrial-Media-Entertainment complex.
None can exist without the other now. Lady Gaga and Adele are as complicit in the killing of innocent children, as Thorn EMI (great label-Harvest-Harvest Moon-Dark Side of the Moon - Well an eclipse actually, but I digress). Whoah, the synchronicity...
There was an eclipse of the Harvest Moon tonight, and Pink Floyd recorded Dark Side of the Moon on the EMI imprint - sub-label 'Harvest'. Why do I bother?
It's all about demoralisation of a population via psychological operations. There are books written on it. It's not made up. It's real. And Adele, and Lady Fucking Gaga are the enemy!
Not even joking or being ironic.
It's not about copyright theft, it's about control.
Have you noticed all the big torrent sites getting shut down? The ones left, riddled with malware. They are putting the internet genie back in the bottle (a la the John Walker essay).
It's all about restoring the Consumer/Producer paradigm (or vice versa) like back when the BBC could rattle off any old shit and cause micro-revolutions in populations via divide/conquer.
Read the essay by John Walker - The Digital Imprimatur - it is on Fourmilab.ch - and any hacker worth his salt, or even worth his weight (swidt?) will already know it.
They are putting the internet genie back in the bottle. The whole MIME paradigm (Military-Industrial-Media-Entertainment complex) is just a smoke screen, within a smoke screen within muh kiddie-fiddlers, via muh copyright infringers, via, muh terrorists.
They are the fucking terrorists! And to say that is treason!
Pretty sure most of you could have figured all this out for yourselves, if you could only face The Horror!
Cognitive dissonance is a bitch alright. One that will come back to bite you on the arse, when Adele and Lady Fucking Gaga are herding you into the cattle train on the one-way railway, to go for a little 'clean-up' for being the dirty dissenter you are.
Hell, I'll probably be manning the fucking ticket turn-style if the powers that be have a sense of humour about it all. If not, I'll be fighting for air like the rest of you beaten fuckers....
We really didn't love our freedoms enough. Did we?
Film at 11, but fuck all on.
Did the court define what passwords or keys are? Oddly, Shannon never did.
"password" is a viable password. If a unique is required "2016password" would suffice.
This problem can only be solved technologically, not legally.
In addition, legally speaking, since today's standard cryptographic systems are "juvenile" at best, with WiFi systems being trivial to breach, it is not too difficult to prove that it is impossible to secure one's own WiFi without changing the password every minute. This is the flawed judicial reasoning behind the decision. Technically, the providers of security products should be held legally liable, since they provided the security systems. Surely users cannot be responsible for faulty products.
In criminal cases, the onus of proof of liability falls on the prosecution, in civil cases on the plaintiff. Beware of future legislation where the onus of proof (disproof) will be legally preassigned to the defendant. This is to protect crap security and security corporations.
In other words, your legal rights are getting screwed to protect profits. But have no fear, a literal cryptographic shit-storm is about to hit the fan.
Biting the hand that feeds IT © 1998–2021