billso.com: City, Tri-Net roll out free WiFi in Chinatown and downtown Honolulu
ms
· 2 years ago
When we think wireless services, free often equates to slow. When we think encryption, it too often equates to slower (versus using no encryption at all). Of course encryption speeds are contingent on the type of algorithms implemented (symmetric versus asymmetric) and the type of hardware being used...
However, after reading the article, what disturbs me more is the notion of the city's "first responders" using this service during the first year pilot. My fear is two fold, first the idea of Personally Identifiable Information (PII) being broadcast through a radiated media (wireless) that is currently in a testing period. How will Police, Fire, and ambulance services use this service? Will they inadvertently broadcast information about houses being robbed? Or even worse, upload case information about victims of rape or murder? How will we prevent crackers from using these same wireless transmission lines to back door themselves into Police and Fire information systems?
This brings us into my second concern of security. How is encrpytion defined? What level of encryption is being used? Are we providing security awareness training for our first responders to ensure transmission of data is properly secured?
As end users, we tend to use our computers for day to day activities at work or for school. We may feel comfortable using a free, open wireless network for these tasks, but when lives may be at stake, (like in the case of first responders), the city may question how much they want to incorporate this free system into the dependency of their daily job requirements...
billso
· 2 years ago
You get what you pay for, and "free" bandwidth in this case might be no better than dial-up speeds.
I'm not sure why the City & County of Honolulu is offering WiFi to first responders. I hope there's a clear set of reasons and appropriate security measures.
I would like to know what encryption and privacy measures are being used on the Tri-Net system. I might walk down the mall to Fisher Hawaii and see what my MacBook tells me.
WEP is not an appropriate encryption method. It's far too easy to crack.
Of course, I can find a few dozen WiFi access points from my office window. Most of these are unencrypted, and some use the default SSID provided by the router manufacturer.
Nor is it appropriate for Tri-Net to snoop the network traffic for marketing or other purposes.
Google has posted their WiFi network privacy policy here.
It would be interesting to compare the Google policy to the C&C;'s policy.
AG
· 2 years ago
I don't think the concern should be about personal information being made to first responders via a public WiFi network. I'm more worried about first responders having to rely on an open WiFi network when lives are on the line.
How do you feel about the chances that emergency-critical information could be slow getting to a first responder because someone's downloading Spiderman 3 from Limewire?
ms
· 2 years ago
No one cares about personal information being transferred over an open channel until its their own!
AG
· 2 years ago
Oh don't get me wrong - I do care...
I'm just prioritizing my worries here :)
If it's a life or death situation, at that point, I'd care more about how fast an ambulance would respond than the possibility of someone stealing my information.
They're both 2 bad scenarios, but to me, the speed of the first responder is more crucial.
Think of it this way... If you're in an accident, and the fire department/ambulance is too slow to respond, you won't have to worry about your personal information.
ms
· 2 years ago
Well, lets give a city a bit more credit and assume that they are not going to replace the current 911 infrastructure with mesh net pilot. Lets also assume that will throttle on the back end peer to peer network trafficking, at least to some extent. Based on the design of a mesh network, it is designed for redundancy and depending on the type of protocols used, they may be able to tag particular traffic from first responders for high priority. These are all big assumptions, but options the city should consider exploring.
Currently, HPD uses sprint edge network cards or equivalent in their police vehicles. I suspect rates are at least $35.00 per month times all the number of police officers equals big money. Piggy backing off a free system may be incentive for the city to attempt a cost savings, but may not be a wise move.
So if you find yourself reading this fine blog Mayor Hannemann, think about these issues first before you start allowing first responders access to an untrusted pilot network.
billso
· 2 years ago
Radio rules the roost for first responders, and the C&C; has been pouring money into its emergency radio networks. Those systems are only getting better, from what I understand.
Perhaps the mesh WiFi rollout is merely an experiment with an additional layer of redundancy.
Keep in mind that digital radio is the wave of the future. It makes sense for the C&C; to get some experience with software-based digital voice systems ASAP.
billso
· 2 years ago
Here's twoquick links about digital radio systems for police departments.
All Comments
However, after reading the article, what disturbs me more is the notion of the city's "first responders" using this service during the first year pilot. My fear is two fold, first the idea of Personally Identifiable Information (PII) being broadcast through a radiated media (wireless) that is currently in a testing period. How will Police, Fire, and ambulance services use this service? Will they inadvertently broadcast information about houses being robbed? Or even worse, upload case information about victims of rape or murder? How will we prevent crackers from using these same wireless transmission lines to back door themselves into Police and Fire information systems?
This brings us into my second concern of security. How is encrpytion defined? What level of encryption is being used? Are we providing security awareness training for our first responders to ensure transmission of data is properly secured?
As end users, we tend to use our computers for day to day activities at work or for school. We may feel comfortable using a free, open wireless network for these tasks, but when lives may be at stake, (like in the case of first responders), the city may question how much they want to incorporate this free system into the dependency of their daily job requirements...
I'm not sure why the City & County of Honolulu is offering WiFi to first responders. I hope there's a clear set of reasons and appropriate security measures.
I would like to know what encryption and privacy measures are being used on the Tri-Net system. I might walk down the mall to Fisher Hawaii and see what my MacBook tells me.
WEP is not an appropriate encryption method. It's far too easy to crack.
Of course, I can find a few dozen WiFi access points from my office window. Most of these are unencrypted, and some use the default SSID provided by the router manufacturer.
Nor is it appropriate for Tri-Net to snoop the network traffic for marketing or other purposes.
Google has posted their WiFi network privacy policy here.
It would be interesting to compare the Google policy to the C&C;'s policy.
How do you feel about the chances that emergency-critical information could be slow getting to a first responder because someone's downloading Spiderman 3 from Limewire?
I'm just prioritizing my worries here :)
If it's a life or death situation, at that point, I'd care more about how fast an ambulance would respond than the possibility of someone stealing my information.
They're both 2 bad scenarios, but to me, the speed of the first responder is more crucial.
Think of it this way... If you're in an accident, and the fire department/ambulance is too slow to respond, you won't have to worry about your personal information.
Currently, HPD uses sprint edge network cards or equivalent in their police vehicles. I suspect rates are at least $35.00 per month times all the number of police officers equals big money. Piggy backing off a free system may be incentive for the city to attempt a cost savings, but may not be a wise move.
So if you find yourself reading this fine blog Mayor Hannemann, think about these issues first before you start allowing first responders access to an untrusted pilot network.
Perhaps the mesh WiFi rollout is merely an experiment with an additional layer of redundancy.
Keep in mind that digital radio is the wave of the future. It makes sense for the C&C; to get some experience with software-based digital voice systems ASAP.