Monday morning here in Oslo, Norway and again I have scanned through my bookmarks surrounding technical trends and rumors about everything and nothing ;-).
It is not often I use public transportation in Oslo, but I have in the past week been in contact with Oslo Central station and there they have a very nice service on among other things, connectivity to the Internet via an open WI-FI solution. The solution is part of an offering from Jernbaneverket to give an even better service to the travelers on rails in Norway.
This is all good in a modern country like the Norwegian but what surprise me is the lack, in my view on the security aspects towards several sides of the service.
To what I can see there is no authentication to log-on to the great solution. This is where the solution has some challenges in my opinion. How is abuse tracked? Who own the IP – space used towards the Internet? I guess the intent is all good with this service, but in my personal opinion someone in Jernbaneverket should “wake up” and have a closer look at what might happen…before it actually does, or has happen.. how can they know and how can they “nail” the responsible?
An interesting guide among many can be this article about security and what they state about some targets and again when the “connection source” via a public network is not tracked and wide open..interesting..
An other side of the same access policy seems to have been implemented in the operator off trains in Norway, NSB also.. maybe they have the same “advisors”? 🙂
If needed I can help with smooth solutions that can take care of the users and the “provider”.. to be naive seems to be a well defined method also in this line of services in Norway..
I am just waiting for the first real attack where the source IP´s come from some “naive” wan-to-be service provider…
regards
bjørn