Saturday, June 13, 2009

European Commission pushes for software patents via a trusted court

First of all a warning. If part of the following text looks Greek to you,it's because it is. :)
It's part of a message i received from Konstantina Zoehrer regarding the new "initiative" to get software patents in EU, through the backdoor by use of a "trusted court".
For more info check this link.
There is a petitionalso you can sign.

Well it looks like "special interests" follow the good old saying "if you fail once, try again"
So, let's try and stop them one more time.

Greek text follows

Προτρέπουμε τους νομοθέτες μας

* να περάσουν εθνικές νομικές διευκρινίσεις για το δίκαιο ευρεσιτεχνίας για να αποκλείσουν οποιοδήποτε πατέντα λογισμικού,
* να ακυρώσουν όλους τους εγκεκριμένους ισχυρισμούς για πατέντες που μπορεί να παραβιάζονται από λογισμικό το οποίο τρέχει σε προγραμματιζόμενες συσκευές,
* επίσης να αγωνιστούν για τη διάδοση των εν λόγω κανόνων σε Ευρωπαϊκό επίπεδο, συμπεριλαμβανομένης της Ευρωπαϊκής Σύμβασης Διπλωμάτων Ευρεσιτεχνίας.


Διαβάστε περισσότερα εδώ

Tuesday, June 2, 2009

First results on a WiFi security survey

For the past few weeks i am working on a paper for the security of the wifi networks.
Part of my research was to look at the state of security of deployed wifi AP all over Athens.
Athens is a rather large city (4+ million people leave here) and i believe that a sample of that size could be indicative of the general state if wifi all over.

The first results are rather mixed.

The good news is that the number of wifi ap's deployed is really large.
By driving through some of th main streets crossing Athens, and some of the business areas i found more that 10.000 unique MAC's of AP.
Considering that i only covered a very small portion of the Athens metropolitan area and was only driving on main roads, i estimate that the number of deployed AP will be over 200.000 to 250.000 and this is a really a very conservative estimate.

The bad news now.

More than 50% of the AP's surveyed,are using no encryption or WEP and from those using WPA 70% is using the default ESSID's set by the ISP's that provided the unit,making them easy targets for rainbow table attacks.

It looks like that most people trust the settings their ISP provides when they get their adsl IAD, or don't how to change them or simply are unaware of how wifi works and the dangers.
One ISP in particular seems to be the "king of unprotected wifi AP" in Athens as 3/4 of all the AP's with their ESSID is either open or using WEP.

I am still collecting data and working on the paper, but given the rather large number of samples i allready got i don't think the results will change much,but this is something to see.

On the funny side of things, if people do decide to change their ESSID they can be very creative :)