To me, one of the most dangerous things that has developed is all the unsecured wireless access points out there. Just take an hour and drive around any neighborhood in a reasonably populated city and you will see default installs everywhere! I mentioned this to a security pro once and he responded with “Yeah isn’t that great? Any time I want to pull off the road and check my email I can!” I responded with “You know that’s considered theft of bandwidth?” He just leered at me.
It would be so easy to launch any attack I wanted and it would be completely untraceable! I mean as far as I am concerned. Just find a place to park that’s not too conspicuous and change my mac address just to be safe. Then hack away to my hearts content. Hmm, maybe send a nasty or threatening email to my local government official? Wow, I don’t even have to worry about spoofing my IP or being all that stealth. The FBI is going to be showing up at this poor fool’s house not mine!
There was a very interesting case in Washington DC where a person attempted to blackmail a company by sending emails from several unsecured residential homes. His mistake was that he used the same three places over and over again when he accessed the net to do his blackmail. The FBI checked out all three homes and realized that the people in those homes couldn’t be connected, so they set up surveillance. Shortly after that they caught the guy sitting outside of one the three houses in his car with his laptop. I feel sorry for the innocent people that came under the scrutiny of the FBI.
There is no reason why manufactures of wireless routers can’t warn consumers in a more substantial way. Package in the box some kind of very obvious warning and tutorial about security. We as security professionals should do what we can to promote that I think. Ok, I am done and now will get off my soap box !