Re: [BLUG] Open wireless connections

Steven Black wrote
>
> If you ever plan to actually *need* bandwidth to do work, then you need
> to be aware that when you need the bandwidth may conflict with when your
> neighbor needs to watch that movie from Netflix. There's nothing like
> other people streaming media to soak up your bandwidth.
>
I guess I need bandwidth occasionally, but not most of the time. I am
guessing that there must be a software solution to control who gets how
much bandwidth when I need control. (Perhaps, there is already an answer
to that question. On the road, I have not yet had time to read the more
detailed replies with full understanding.)

_______________________________________________
BLUG mailing list
BLUG@linuxfan.com
http://mailman.cs.indiana.edu/mailman/listinfo/blug

Re: [BLUG] Open wireless connections (was: Re: IU VPN connection on Linux)

On Tue, Aug 05, 2008 at 06:04:44PM -0400, Paul Purdom wrote:
> [...] Does anyone reading this group
> know any reasons why it would be unwise to set up an open wireless
> system? If there are potential dangers, are there cures?

My father has an open wireless connection at his house. He's out in the
country, in a house surrounded by trees, and his is the only SSID a
person can reach in his house (and it doesn't cover his whole house). In
fact, he's far enough in the country that only one cell phone network
reliably covers his area. He gets a lot of company at his place, though,
and it makes more sense for him to just leave the network open. His
driveway is also long enough that you can't pick up the network from the
street.

I, on the other hand, live in a rented condo. I've seen a dozen SSIDs
show up. My primary concern is with people soaking up my bandwidth. I
don't care what they're downloading, be it warez or porn or infringing
upon copyright of music or video. Really, I don't even care if they're
just downloading ISOs of Linux and software from SourceForge. It is my
bandwidth, and I have enough ways of using it on my own.

I can be a bandwidth hog. My wife can be a bandwidth hog. My inlaws next
door (who have access to our WiFi network) can be bandwidth hogs. I
don't need random bandwidth hogs on my network.

If you ever plan to actually *need* bandwidth to do work, then you need
to be aware that when you need the bandwidth may conflict with when your
neighbor needs to watch that movie from Netflix. There's nothing like
other people streaming media to soak up your bandwidth.

Cheers,

--
Steven Black <blacks@indiana.edu> / KeyID: 8596FA8E
Fingerprint: 108C 089C EFA4 832C BF07 78C2 DE71 5433 8596 FA8E

Re: [BLUG] On modifying /etc/resolv.conf (was: Re:IU VPN connection on Linux)

On Wed, Aug 06, 2008 at 12:52:10AM -0400, initech wrote:
> [...] (it only took a
> little additional twiddling with /etc/resolv.conf). [...]

For those familiar with older manually configured /etc/resolv.conf
files, you may be in for a shock if on an dist. upgrade or simple
package install you suddenly get 'resolvconf' installed. 'resolvconf'[1]
allows programs which dynamically modify /etc/resolv.conf to do this in
a more sane manner.

The problem, however, is that 'resolvconf' over-writes /etc/resolv.conf
once it starts, and if that's the canonical location of your DNS
information, you can suddenly find yourself without valid DNS access.

I've had this happen simply due to installing packages which
recommend/depend upon it. This caused it to get installed, and that
caused my DNS information to be lost. (In Ubuntu it is in 'universe'[2]
at this point. That may not always be the case, though.)

For static DNS information, instead of putting it in /etc/resolv.conf,
you'll want to start putting it in /etc/interfaces/network. (If only to
back up the information, now that you know resolv.conf may be lost.)
There are new options associated with 'iface's which allow these to be
set there ("dns-nameservers" and "dns-search").

[1] http://en.wikipedia.org/wiki/Resolvconf
[2] http://packages.ubuntu.com/hardy/resolvconf

Cheers,

--
Steven Black <blacks@indiana.edu> / KeyID: 8596FA8E
Fingerprint: 108C 089C EFA4 832C BF07 78C2 DE71 5433 8596 FA8E

Re: [BLUG] New GPG key

To elaborate, the web of trust provides authentication. If you get a pgp
encrypted email from someone you don't know, you also don't know that
the sender is who he or she claims to be. You can, however, check the
signatures on the sender's key and make a rather accurate guess how
honest the person is.

It's fine to trust the keys of people you know, but sometimes you can't
verify the key fingerprint over a secure channel beforehand. It's open
to a man-in-the-middle attack. But if a trusted third party signs the
key, you can be reasonably sure of the sender.

With distributed development, pgp becomes a necessity in order to
digitally sign things to authenticate the sender. For example, Debian
(and Ubuntu) packages are signed so you know they came from their
maintainer and not some shady other person who wants to install a
backdoor in your email server.

I offered to do a presentation for BLUG on asymmetric crypto and PGP/GPG
some time ago, and I think I need to get it ready sooner rather than
later. There's a lot of information to distill.

Michael Schultheiss wrote:
> Joe Auty wrote:
>
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> I don't mean to sound like a complete jerk, but what is the draw with
>> these key signing parties? Is it some sort of social thing? I only
>> really feel compelled to have keys for people that send me critical
>> information I might want to authorize and/or encrypt. For casual
>> correspondence like this list and most chatting, I guess I haven't
>> gotten caught up in collecting public keys.
>>
>> Am I missing the point here? Again, I don't mean to sound critical of
>> the practice, I'm honestly wondering if I'm missing some angle here...
>>
>
> The draw is expanding the web of trust. If you ever want to join a
> project like Debian that requires you already be in a specific web of
> trust, participating in key signing parties helps out.
>
> Key signing parties are more for the verification that Person X most
> likely controls key X and also has shown photo ID that matches the name
> on the key.
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> BLUG mailing list
> BLUG@linuxfan.com
> http://mailman.cs.indiana.edu/mailman/listinfo/blug
>

_______________________________________________
BLUG mailing list
BLUG@linuxfan.com
http://mailman.cs.indiana.edu/mailman/listinfo/blug

Re: [BLUG] New GPG key

Joe Auty wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> I don't mean to sound like a complete jerk, but what is the draw with
> these key signing parties? Is it some sort of social thing? I only
> really feel compelled to have keys for people that send me critical
> information I might want to authorize and/or encrypt. For casual
> correspondence like this list and most chatting, I guess I haven't
> gotten caught up in collecting public keys.
>
> Am I missing the point here? Again, I don't mean to sound critical of
> the practice, I'm honestly wondering if I'm missing some angle here...

The draw is expanding the web of trust. If you ever want to join a
project like Debian that requires you already be in a specific web of
trust, participating in key signing parties helps out.

Key signing parties are more for the verification that Person X most
likely controls key X and also has shown photo ID that matches the name
on the key.