Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.
View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 
BDFL - Memuneh
61313 posts

Uber Geek
+1 received by user: 12053

Administrator
Trusted
Geekzone
Lifetime subscriber

Reply # 744602 14-Jan-2013 15:21
Send private message

nate: 
mattwnz: Not a fan of free wifi myself, and the free provider could be potentially liable for anything that anyone does on it.


We mitigate this as much as possible by having a data limit up/down on known protocols like browsing, email etc, and rating limiting all and everything else to 0 (so pretty much unusable)


I can imagine some crazy conspiracy theorist "everyone should get everything for free" thinking "how dare this cafe offer free WiFi but limit what I can do on the Internet"...




21459 posts

Uber Geek
+1 received by user: 4362

Trusted
Subscriber

  Reply # 744933 15-Jan-2013 11:07
Send private message

I dont get why people are happy to have their stuff running over the air encrypted into some random cafe owners network, but freak out that its over the air in the clear. Surely if they cared about the stuff they would be using SSL so it would be a non issue mainly?




Richard rich.ms

638 posts

Ultimate Geek
+1 received by user: 78

Trusted

  Reply # 744961 15-Jan-2013 11:35
Send private message

richms: I dont get why people are happy to have their stuff running over the air encrypted into some random cafe owners network, but freak out that its over the air in the clear. Surely if they cared about the stuff they would be using SSL so it would be a non issue mainly?


SSL tends to be per-app (ala client setup within browser, mail-app, etc) and unless you know 100% the behavior of any app you run, there's always a risk.  Also much web stuff is still non encrypted.  So unless you have an SSL VPN, use of SSL alone (Layer 4+) is still not as elegant as knowing that your Layer 1/2 is secure.

For this reason I will use encrypted wifi where I know every other person with the encryption key is trustworthy, or I will use 3G (Unicast).  And I use Layer4+ SSL encryption on top of that.

And when I have to use (unencrypted) FTP to maintain a third party website i'm involved with, I won't be on insecure network access methods.  Because the credentials are passed to the wire in the clear, and it's nothing I can change.






6328 posts

Uber Geek
+1 received by user: 391

Moderator
Trusted
Lifetime subscriber

  Reply # 803584 22-Apr-2013 11:02
Send private message

Had this article sent to me by the same customer - comments?

Awesome
4810 posts

Uber Geek
+1 received by user: 1062

Trusted
Subscriber

  Reply # 803597 22-Apr-2013 11:15
Send private message

Could the other option to be fire up an additional SSID with WPA turned on, and have the password 'available on request' to those who want it - and others can just use the open one?

Or perhaps, is your POS capable to talking to a box that can generate a unique time limited password and then print it on the bottom of the till receipt?




Twitter: ajobbins


623 posts

Ultimate Geek
+1 received by user: 124


  Reply # 803604 22-Apr-2013 11:22
Send private message

ajobbins: Could the other option to be fire up an additional SSID with WPA turned on, and have the password 'available on request' to those who want it - and others can just use the open one?

Or perhaps, is your POS capable to talking to a box that can generate a unique time limited password and then print it on the bottom of the till receipt?


The twin SSID's is a good idea. I use Mikrotik for that and rate limit my open SSID one.

Awesome
4810 posts

Uber Geek
+1 received by user: 1062

Trusted
Subscriber

  Reply # 803631 22-Apr-2013 11:55
Send private message

Another option I like is to have a "VIP" SSID, which you could secured by both WPA2 and MAC address.

For your regulars who you know and trust, you could add their MAC addresses to the trusted list and give them the key. Then they can skip the icky captive portal (which are a pet hate of mine).

For any fussy customers like the one who has brought this up, you could offer to put them on the 'VIP' network.




Twitter: ajobbins




6328 posts

Uber Geek
+1 received by user: 391

Moderator
Trusted
Lifetime subscriber

  Reply # 803643 22-Apr-2013 12:32
Send private message

ajobbins: Or perhaps, is your POS capable to talking to a box that can generate a unique time limited password and then print it on the bottom of the till receipt?


Too hard for our staff to do, plus if someone forgets their receipt and sits down, they have to requeue to get the password.

kiwirock: The twin SSID's is a good idea. I use Mikrotik for that and rate limit my open SSID one.


This is what we have at the moment.  A staff and public SSID.

ajobbins: For any fussy customers like the one who has brought this up, you could offer to put them on the 'VIP' network.


I like this one.  Will chat to my network tech (aka fail) about implementing.

1 | 2 
View this topic in a long page with up to 500 replies per page Create new topic

Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.