Although I really hate their customer service (in India naturally).

My WiFi service uses WEP. That I agree is very hackable. But as usual (especially with many journo's & surveys lately) they only ask half the question.

Yes, the WIFI is hackable BUT can an unauthorised device connect to the Interweb once you have hacked the WEP password?

Well, not in my case, as my router is setup to ONLY allow know MAC addresses to actually connect.

As those annoying meerkats say, "Simple Really"

On the otherhand, 5 out of the 8 other WLAN's I can see from my house are unsecured. Three have their default SSID broadcasting NETGEAR to the world. They are also all using the same default channel.

Despite repeated suggestions from me and one other clued up neighbour (no we didn't hack their routers) none have modified their setup even though we have offered to help them do it for nowt.

Pethaps instead of a ECDL we need a EWLDL. (European WiFi Driving License)

Fail all round for blindingly obvious reasons.

This stance and their general attitude to issues like this is one of the main reasons I chose TalkTalk.

It's utterly ridiculous that the government insists one industry pay the price to police another, and continue to put forward plans to circumvent legal due process for their mates.

"The European Parliament is locked in a battle with the European Commission and Council over the issue. It has inserted into a Telecoms Package of reforms a clause declaring disconnection without court oversight illegal."

I've always been a bit of a Euro-skeptic (Not phobic), but with the fines for Phorm and now this the EU is looking better by the day!

Though i'm not sure its not just because we are looking catastrophically worse, sill, bring 'em on!

Glad I'm with them.

...Talktalk have really gone up in my view. They appear to be standing up for the little guy and fighting this stupid law.

Okay fair enough they are probably looking out for their bottom line (disconnected customers surely must mean lost revenue) but still, if it stops Mandy in his tracks then that has to be a good thing.

Hopefully the other big ISPs (Virgin, BT, Orange) will follow suit. I won't hold my breath about Sky though, I mean they'd rather everyone subscribe to watch TV and movies.

Rob

Best keep it to yourself.

I get the feeling that if your expert opinion doesn't agree with the Government then you will be looking for a new job.

Can't wait until the next government expert study.

It maybe something along the lines of Terrorists are lying on their applications to get into the best schools.

Go talk talk but I fear you fight is doomed by our government stupidity

If we apply mandy rules to other crimes......

If my child gets caught on the street with a steak knife from my cutlery drawer does the whole family get told they are no longer allowed to use any kind of food eating utensil? (though in this case my child will be in a lot more trouble with me than worrying about using his fingers to eat!)

Also, did mandy not sit down and just for a moment think about how the public would react to a guilty until proven innocent style of these rules. And did he not think, just for a moment that there is a general election in the next 6 months. Sorry, what am I saying, clearly he didn't think.

What I do love about this idea is the fact that one of our elected overlords will get caught out by this very rule, by one of their inbread children. Hopefully on an fully expensed ADSL line and get cut off. Much mirth will be had by the papers. (And hopefully it will be mandy).

Oh and @Steve Davies 3 - you may want to read this on mac address spoofing....

http://blogs.techrepublic.com.com/security/?p=395

And if I can turn that up on my first google search I'm sure your hacking neighbors can.

@Steve Davies 3 said:

"my router is setup to ONLY allow know MAC addresses to actually connect."

As the attacker can control EVERY BIT in the wireless packets he emits, he can sniff your MAC address from the air and use it in his carefully crafted packets.

Thus MAC address restriction does not guarantee that access is restricted to your computer - only that access is restricted to a computer using your publicly available MAC address.

"Yes, the WIFI is hackable BUT can an unauthorised device connect to the Interweb once you have hacked the WEP password?

Well, not in my case, as my router is setup to ONLY allow know MAC addresses to actually connect."

Short answer: Yes, they can, Steve - and even on your network...

Any decent hacker worth their salt could, once they've decrypted your WEP password, sniff for your MAC address and clone it - easy as pie to do on Linux.

Simple, really.

If they wanted to make things even more interesting for you, they could use a second wireless card with another MAC address - and deliberately poison your ARP cache, so that instead of sending traffic out to your router, it instead gets proxied through their notebook and out through their cloned MAC address, which of course, your router will accept, since it has no way of knowing the difference between a real MAC address and a cloned one.

Having someone snooping (and easily modifying what you do online) is worrying enough, but here's more: If they can manage to snaffle a certificate on to your machine (trojan, worm, other flaw in your OS or browser - and don't assume they're all published or patched), then they pretty much own your connection - even if you think you're protected with SSL. Result: Next time you bank online, it could cost more than you bargained for.

MAC address protection is actually no protection at all, since MAC addresses can easily be cloned very easily - and since you need to broadcast yours with any information you send, it gives an attacker all the information they need to impersonate you. MAC address protection might impress your friends - provided they know sweet FA about networking, that is - but the first real criminal who wants to sign on and use your network connection to do evil will, I'm afraid, be able to overcome such protection in less than 30 seconds.

Use WPA2. If your router doesn't support this, go out and buy one that does. If you can find a device that can detect ARP attack attempts, so much the better. Choose a password that can't be guessed easily, and I do hope you're not using a wireless keyboard...

If everyone is guilty until proven innocent, if you take it to the limit, everyone will be disconnected and all ISPs will fail.

So I reckon no ISP will disconnect anyone.

In realistic terms, even if TalkTalk don't get this idea quashed before it gets started, it'll die a horrible and embarrasing death not long afterwards.

Being as WEP *is* so insecure and being as people like Mr Steve Davies 3 above think theyre secure when theyre really really not, if this disconnection policy does go through it'll take no time atall for someone of less-than-ethical character to hitch a ride on someone else's net connection. As with other people finding insecurities, I have 6 Wi-Fi connections in range of me not including my own, 1 open (a BT FON hotspot) 4 using WEP and 1 using WPA, with my own connection being the only WPA2.

Busting into any of the WEP secured connections is trivial, and the very first time the connection of a user of a major ISP gets used to download copywrite content, the ISP disconnects the user and the user complains, it's a near certainty that ISP will simply turn round and sue the government, and rightly so.

The end result will be a law which is very quickly discarded, all at significant cost to both the ISP's having to implement the technical measures briefly then bin them all again (passed on to the consumer) and to the government having to draft these proposals in the first place, implement them, fight the first wrongful disconnection in court, lose, and scrap the measures again (also passed on to us, the consumer).

"Did you mean: MAC Spoofing"

What will constitute evidence of file sharing, and who will collect this evidence.

Will it be people paid by the record/film industry as I certainly wouldn't trust them as they have to find infringements to justify being paid.

Will they be paid a commission on every person they 'discover'?

Will a government quango be setup to do all this checking?

What constitutes file sharing, just because a file is named say "Seven_Nation_Army-White_Stripes.MP3" is that what the file actually is (will they download and confirm each and every file)

Yet again I am wrong in believing that accusation is not the same as proof

"Ignoring P2Pers costs music biz dear - survey"

Wanted to comment on that story but no comment button!

Stop messing with us readers! Let us choose what we want to comment on!

it was possible to fake the MAC as well, seems online security is only to keep honest people honest. But if all this info is in the public domain, why are the copyright mafia persisting in this path?

So we’ve gone from having a private company with a vested interest in protecting its monopoly acting as judge, jury and executioner, the only evidence they can produce is *TOTALLY* flawed. If somebody whose connection is hacked and the MAFIAA get the ISP to cut his/her connection, who’s going to be dragged into court?

I don’t approve of downloading, it is breach of copyright, I don’t believe it deprives artist of that much money due to the way their record deals are structured (ref: Morrisy’s recent comments about not getting royalties from the recent releases) but how do you prove you didn’t do something? You can’t prove a negative, Is the defence going to be to have a second computer and present this as evidence, at which point you would be asked do have another, it is my understanding that it is a breech of human rights to have to incriminate yourself in any way.

Are the MAFIAA such half-wits that they cannot see this?

When I go home tonight, I’m going to try and hack my neighbours wireless, not that I need to as when they first got it was totally open, even down to having the WEP in the clear, looks like it was a total waste of time trying to secure their wireless connection.

An unethical freetard, what a find.

Well I was going to say (after reading the comments above), thank heavens the governments independant advisory council will inform them of all these facts and dissuade them from implementing an impractical policy...

Oh wait...