Re: [tlug] Wifi hotspot access in Tokyo

[Benjamin Tayehanpour <benjamin@example.com>]

On 19 March 2014 11:46, Josh Glover <jmglov@example.com> wrote:
> A largely foolish expectation, I'm afraid to say. Even among citizens
> of this list, I'd imagine the majority could not properly harden
> his/her computer. Hell, even among persons typing this very email, a
> unanimity cannot properly harden his computer against a determined
> attacker, given a publicly routable IP address.

The very same thing could be said about any networking device you
would choose to put between my computer and the Internet. Also, even
if we locked this network down seven ways to Sunday, what would stop
an attacker from within the network? (And don't say "AP isolation" or
other such nonsense, because if the network isn't actually usable
there's no point in having it :P)

It might be worth mentioning at this point that I haven't fully tested
the limits of this. The things I know for sure is that we get "real"
(non-RFC1918) IPv4 addresses delegated; that I can SSH from my home
network to any of my devices on the uni network; and that the
arbitrary inbound ports I've tested when debugging things with netcat
and the like have been open. The rest is conjecture, really. I also
know that the network is pretty heavily monitored, by flesh and by
silicon, and that the security seems to revolve around heuristics
rather than blanket assumptions. On the whole, I rather prefer it this
way.

> Is this KTH we're talking about?

I know that the KTH campi (yes, there are several) I've been to (most
larger universities, many lower schools, and a fair few libraries are
connected to eduroam) have shared this trait. So does SU, come to
think of it.