3-15-2017-all-infosec-social-infosec-roundtable
Due to a last minute speaker cancellation, we did a roundtable discussion of various topics. There were a few new people.
A lot of the discussion focused around legalese of wiretapping & what is legal or not legal about running a rogue AP, picocell, or the like. Here's some relevant copy-pasta from Eric:
So what we were talking about with Brian is covered in 18 USC § 2511(2)(a)(i) Ref link: https://www.law.cornell.edu/uscode/text/18/2511 The summary states that you can monitor the traffic on your own network; for the purposes of protecting rights and property. That activity is not a violation of the wiretap law. You can't, however, transmit a signal that spoofs another legitimate signal; in order to hijack a connection. For example, purporting yourself to be: "Starbucks" or "CableWiFi" or "Boingo" for the purposes of diverting a legitimate connection to one of those sites, instead to your own system is still a violation. That's why we were talking about leasing a legitimate service or arranging to host... a WiFi access point for another legitimate service, that you could then monitor the equipment... under the operator/agent exception to the Wiretap Act.
Edit - Still waiting on feedback from Eric about some of the pico products he showed a few people. Waiting on input from Jim regarding the information he had on LNP & LE requests.
Additional Resources
Here are some additional resources if you want to learn more about this subject.
| Link | Description |
|---|---|
| IT Law Wiki | Should be some useful information here in reference to wiretapping & other neat topics |
| ISPSupplies | For … reasons |
| Local Number Portability | About LNP |
| . | |
3-15-2017-all-infosec-social-infosec-roundtable.txt · Last modified: 2017/03/17 16:29 by darksim905
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
