Why politicians have no clue about wireless security

In Westchester County, New York, there is legislation to fine businesses to secure their wireless if they keep personal information about their customers and have a wireless network. One of the ways to secure this network is through a “firewall”. Businesses that do not comply with this proposed legislation would be fined between $250 to $500.
A quote from the county’s chief information officer, Norman Jacknis, proves that he doesn’t understand how wireless works:

“Wi-Fi is a wonderful technology if used wisely,” said Jacknis. “Protecting your computer involves little to no cost. Setting up a Wi-Fi network with basic security takes just a few minutes and there are available free or low-cost personal firewalls to stop intruders from gaining access to your personal computer.”


Now to break this down for everyone. Why would you need a firewall? The definition of a firewall straight from Wikipedia:

In computing, a firewall is a piece of hardware and/or software which functions in a networked environment to prevent some communications forbidden by the security policy, analogous to the function of firewalls in building construction. A firewall is also called a Border Protection Device (BPD), especially in NATO contexts, or packet filter in BSD contexts.

Nowhere there is there anything about wireless. Why? Because firewalls are to protect wired networks. They were never developed for wireless and have nothing to do with wireless. In fact, the only way to protect a wireless network currently would be through 802.1X authentication and WPA Enterprise. As Glenn Fleishman points out, there are also many federal laws now regarding banking and medical that would include such protections.
These local government officials are just looking for another way to make money where it’s none of their business. If the business gets hacked, that’s THEIR demise. Analogous to if a county official told you that you must buy and put THE CLUB in your business vehicle so it wouldn’t get stolen, and if you didn’t you would get fined.
This is ridiculous to step on the toes of businesses not to mention the not knowing the technologywhen proposing such legislation. I abhore such offiicials, especially those that are supposedly in-the-know as chief information officers. And one wonders why we have such lousy spending issues in government.
WifiNetNews, CNet < Westchester.com

  • Give the poor louse a break! He’s just listening to Microsoft which makes no distinction for the average customer. Take a look at what it says under the firewall setting in control panel. There is nothing there that distinguishes between a wired and wireless connection.

  • Give the poor louse a break! He’s just listening to Microsoft which makes no distinction for the average customer. Take a look at what it says under the firewall setting in control panel. There is nothing there that distinguishes between a wired and wireless connection.