There was this new thing recently at the Metzger Apartments. It’s something called wireless Internet, invented (and in regular use) well over a decade ago. And while it’s a fantastic step, my first thoughts were mixed. When I first saw the login page, I asked myself: “This page looks like shit. Is this legit?” I’m now reasonably sure it is, after a few weeks of use. But it got me thinking, TCNJ’s drive for network security doesn’t seem as perfect as it should be.
I had this random idea that, if i were actually malevolent, I’d probably implement: It wouldn’t be far-fetched to make your own “Wireless-at-TCNJ” wireless router to steal peoples login information. After all, you are prompted for your credentials every time you login. In fact, you could steal their information, have your computer check its authenticity (ex. test to see if you can log into a person’s email), and then grant the user access to the Internet if it checks out. They would think they were on an authentic TCNJ wireless router, because the system would only take real user data. My friend mentioned something similar before using the Linux distribution “Backtrack.”
What would be the smart thing to do for the TCNJ IT Department? Get rid of the login. It’s not like it makes the network any more secure, isn’t that why they made us install SafeConnect? The only thing it stops is people from off campus connecting. But seriously, how many poor people from Trenton/Ewing who can’t afford Internet access will camp out TCNJ (with laptops, ironically enough) to steal Internet?
Unfortunately, I don’t think TCNJ Internet will ever get any less pointless soon. So in the meantime… I don’t know. I’m certainly not advocating that my random idea be used for evil nefarious purposes… even if that would be the kick in the rear ResNet needs.