[OpenWireless Tech] On VPNs
Christopher Byrd
chris at riosec.com
Thu Jul 28 13:23:48 PDT 2011
On Thu, Jul 28, 2011 at 2:25 PM, Peter Eckersley <pde at eff.org> wrote:
> None of these are /necessary/ problems with VPNs. With work, it should in
> theory be possible to offer easy-to-setup VPNs that protect clients
I think they are endemic problems with widespread adoption of VPNs.
Causing the traffic to exit somewhere else just moves the problem
somewhere else, while raising a bunch of questions at the local
connection.
> against malicious APs. If APs wish to transmit nothing but VPN traffic, it
> could also protect the APs against clients that do questionable things with
> the network.
Have you run this statement past a lawyer, or are you one? I don't
know if purposeful blindness is a valid defense. I don't even know if
there is liability to running an open wireless network in the first
place. In the US for example a large number of corporations have
decided to operate nationwide open wireless hotspots. I would be
surprised if they are doing so over the objections of their legal
council.
> The big question with VPNs is, can we get cheap enough bulk VPN provision that
> anyone can get a VPN connection that is free or very cheap, and extremely easy
> to configure?
Who is going to host these VPNs? Will they offer them for free? How
will they afford to provide the service? How will they provide
security at the termination point? How will they provide technical
support? How will they deal with the liability that may then be
shifted to them?
And that's only once you've gotten past the technical hurdles.
Bottom line, VPN just isn't a good solution for the problem. You need
to add security at a lower layer.
Christopher
More information about the Tech
mailing list