Fuzz Martin has been out warparking. He didn't even plan to, but he has discovered just how unsecure a lot of wireless networks are. It isn't unique to Brookfield, either. One of the other contractors at the advance meeting for an upcoming project had a similar tale of what he found trying to use the wi-fi in the parking lot of the McDonalds in Buffalo Grove, Illinois. He couldn't access the McDonalds because open corporate networks had stronger signals. He logged onto one of these, and started poking around. When he found he had access to the CEO's financial records, he brought his laptop to the company's office to let them know what he'd found. Once the CEO understood what was going on, he ordered the network shut down NOW and handed my coworker a hundred dollar bill. Not much money for a security consultation, but a nice reward for doing a good deed.
I myself do not have WiFi, but I have encountered similar sloppiness when scavenging computers. One desktop unit pulled from the dumpster of an accounting firm was able to dial into the company network. Another one, from a computer support company dumpster, had been used at college by an empoyee's daughter, and contained intimate emails to and from boyfriends and sorority sisters. One scavenged laptop still had, along with assorted business data, a sales manager's collection of transvestite porn.
Some companies, however, err in the opposite direction. The laptop I've been issued for use on my current contract is so secure I cannot change how long it waits after the last keypress to start the screen saver and other power-saving measures. The computer is locked at this point, and needs a three finger salute and a password to resume. One of the power-saving measures is to disable the USB connection to the GPS unit by which I navigate from site to site; this means I either deal with the petty nuisance or continue by memory and risk winding up slightly lost. I have wasted a non-trivial amount of time each of these ways.
Posted by triticale at May 15, 2005 06:35 PM