A "No Trespassing" sign in and of itself is not a security measure. However, it does serve as notification that crossing into the perimeter that it defines will give the rightful owner the admittedly dubious right to shoot you.

In this instance, had Lowes deployed WEP deliberate actions would have been required to circumvent the security measures (however filmsy) in order gain access to their network, which is highly illegal. Accessing the Lowes network initially probably could not be construed as a nefarious event. Lowes could opt to provide a public hotspot. However, once they started poking around the network itself (to say nothing of deploying credit card sniffing utilities), they would have crossed the line between gaining "public" access to the Internet and deliberately accessing a private network.

Shame on Lowes for letting themselves get into this mess... Even if it turns out that it was some poor local schlub who thought it might be useful for the store to be up on technology.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/articles/7438/23755#23755