Another report with errors from PTS in Sweden

PTS just released a report about use of public wireless networks. The problem with this report is, as many times before, that it is almost correct, but still not. It adds more FUD than it helps. Specifically as people that are not really into security and Internet architecture believe it is correct. Some of my friends that should know better said “but, this time they released a report that is correct”. No it is not correct, and the big problem is that people think it is.

Example one, the report claim it is illegal to download copyrighted material. That is completely false. There is not much that is not copyrighted. Things under GPL is copyrighted. Things from Swedish Radio or BBC is copyrighted.

Example two, they try to describe how to ensure the connection is secured, but fail to describe it correctly. They also describe the issues regarding the risk for wiretap and man in the middle attacks as if that is specific for access over public wireless hotspots, when the same problems exists over wired connections whenever more than two people share the same connection.

Example three, they completely miss one of the largest problems for the user, and that is the fact that most providers debet the user using some volume based debiting. Such as based on number of bytes downloaded or time. If the user do not explicitly “close” the session, other people can steal the connection and continue on the previous users account.

But, we do not have to go into all details. The question is why the quality of the report is so low.