On Aug 24, 2005, at 7:44 AM, Adam Maloney wrote:

> On Tue, 23 Aug 2005, Matthew S. Hallacy wrote:
>
>
>> On Tue, 2005-08-23 at 15:08 -0500, Adam Maloney wrote:
>>
>>
>>> I'm also absolutely thrilled to see that Linksys is still shipping
>>> wireless routers with the wireless on and wide-open by default.
>>>
>>
>> As opposed to a default encryption key that makes everyone feel safe.
>>
>
> The issue of knowingly shipping products with a default insecure  
> configuration has been hashed to death on many lists, but you must  
> have missed them all.  I'll bring you up to speed...
>
> Why not ship it with wireless disabled, so at least it's not a  
> gaping security hole the minute it's plugged in?

or, fix the real problem. which imho is, poor user interfaces and  
setup processes.  as engineers we spend a lot of time on the  
mechanics of making the elements talk to each other but we don't  
bother to standardize the setup process and make it as seamless as  
possible for the average consumer.

one would think that manufacturers would get the point that the setup  
process is far too painful and there's likely a killing to be made in  
the delivery of systems that are easy to setup and "secure".  the  
flip side being, as long as consumers continue to make cost the  
differentiator when they're at best buy/circuit city manufacturers  
will continue to get away with this sort of thing.  i don't know of  
any consumer grade wireless manufacturer that provides a reasonable  
default configuration that's easy for the non-technically inclined to  
setup.  i'd love for someone to point one out to me.



{ snipped - misc. signatures }

long time readers of this list may find some level of irony in my  
comments here. ;-)

-- 
steve ulrich                       sulrich at botwerks.org
PGP: 8D0B 0EE9 E700 A6CF ABA7  AE5F 4FD4 07C9 133B FAFC