Public access to Church wireless internet?

Discussions about Internet service providers (ISPs), the Meetinghouse Firewall, wired and wireless networking, usage, management, and support of Meetinghouse Internet
jmessinger
New Member
Posts: 26
Joined: Sun Feb 22, 2009 3:57 am
Location: Brisbane, Australia

Public access to Church wireless internet?

Postby jmessinger » Thu Nov 05, 2009 5:46 am

Recently my newly called stake president sent a request to our FM group for access to the secured wireless internet in our stake centre, for the purpose of being able to access Church online resources from his personal laptop for use in training stake leaders. The response that came back from our local ICS office via our FM contact was interesting, and leaves some questions hanging for us.

Reference was made to a
"[color=black]LDSAccess (public access to the Church wireless internet) project", which is being put on hold until a filtering schema could be developed that would limit access to social networking sites whilst allowing priesthood leaders access to the sites that will help them in their callings. This was mentioned in conjunction to a comment about priesthood leaders expressing concern that under this access that youth might spend sacrament meeting browsing Facebook etc on their iPhones (which, btw I would be concerned about too).

[/color][color=black]One other item that was mentioned in this response was that the project was being delayed also due to the requirement for any FHC computers running Windows 2000 or a certain make/model of wireless cards requiring an upgrade to ensure that they can continue to access the wireless network.

[/color][color=black]Arriving now at the point of this post, my stake president was somewhat confused by the response from ICS to his request for access to the meetinghouse wireless internet (they neither said yes or no), and asked me to find out more before we respond. Is there someone in the forums that knows of this project, or is it possibly something that is just happening in our Area? The implication of this response is that the Church wireless internet will no longer be secured in terms of being able to connect to the network (anyone in the building will be able to access the wireless connection), but that filtering of some level will still be enforced. Is this project Church-wide, and am I understanding the nature of this correctly?


[/color]

techgy
Community Moderators
Posts: 3174
Joined: Sun Jan 13, 2008 6:48 pm
Location: California

Postby techgy » Thu Nov 05, 2009 7:54 am

Although I'm not familiar with the project you're referring to, we have a secured wireless Internet in all four of our building in the stake. Church leadership (Bishopric/Stake Presidency) have been granted access so they can use their laptops for the same purpose you mentioned.

I believe the distinction here is with the words "Public Access". This access level would describe a much wider availability of the network and would definitely be a bad idea as it would assuredly end up being misused during meetings.

However, tightly controlling the secret key will limit the access. Laptops of the individuals whom you feel really need access can be configured w/o their being given the code.

Also, you can always change the code if things get out of hand. :rolleyes:
I have to wonder why this question went all the way to the FM group. The Stake Technology Clerk is responsible for all the Internet, computers, etc, etc, within the stake. This would include the family history center.

With all due respect to the FM groups - they're a hardworking group - this could have been resolved at the stake level.
Have you read the Code of Conduct?

RossEvans
Senior Member
Posts: 1346
Joined: Wed Jun 11, 2008 8:52 pm
Location: Austin TX
Contact:

Postby RossEvans » Thu Nov 05, 2009 8:15 am

Techgy wrote:However, tightly controlling the SSID will limit the access. Laptops of the individuals whom you feel really need access can be configured w/o their being given the SSID.

Also, you can always change the SSID if things get out of hand. :rolleyes:


It doesn't take much to discover the SSID, if that is the only barrier. Handhelds with WiFi can do that out of the box. Discovering a hidden SSID is more difficult, but not much. I think advanced wardriving apps could do that. If it is hidden it defeats the purpose of "public" access to those who are not quite as technically adept as your average YM/YW.

If you want to limit access by sharing a secret key, I think it is best done by real authentication and encryption protocols.

BTW, if the clerks' and bishops' offices (or even other rooms) already happen to be wired with RJ45 outlets, is there any policy that prevents local leaders from temporarily attaching a WAP or wireless router for use there during meetings? It is inside the building firewall and its policies.

User avatar
aebrown
Community Administrator
Posts: 14693
Joined: Tue Nov 27, 2007 8:48 pm
Location: Sandy, Utah

Postby aebrown » Thu Nov 05, 2009 8:33 am

boomerbubba wrote:BTW, if the clerks' and bishops' offices (or even other rooms) already happen to be wired with RJ45 outlets, is there any policy that prevents local leaders from temporarily attaching a WAP or wireless router for use there during meetings? It is inside the building firewall and its policies.


There is certainly no policy against that. The stake president sets policy for what is behind the firewall, and setting times when the wireless access point is available (or even connected) is certainly within his responsibility.

techgy
Community Moderators
Posts: 3174
Joined: Sun Jan 13, 2008 6:48 pm
Location: California

Postby techgy » Thu Nov 05, 2009 10:07 am

boomerbubba wrote:It doesn't take much to discover the SSID, if that is the only barrier. Handhelds with WiFi can do that out of the box. Discovering a hidden SSID is more difficult, but not much. I think advanced wardriving apps could do that. If it is hidden it defeats the purpose of "public" access to those who are not quite as technically adept as your average YM/YW.

If you want to limit access by sharing a secret key, I think it is best done by real authentication and encryption protocols.

BTW, if the clerks' and bishops' offices (or even other rooms) already happen to be wired with RJ45 outlets, is there any policy that prevents local leaders from temporarily attaching a WAP or wireless router for use there during meetings? It is inside the building firewall and its policies.


My ignorance (age) is showing. I meant to refer to a "secret key" instead of the SSID. Sorry for the confusion.
Have you read the Code of Conduct?

russellhltn
Community Administrator
Posts: 20777
Joined: Sat Jan 20, 2007 2:53 pm
Location: U.S.

Postby russellhltn » Thu Nov 05, 2009 10:24 am

It sounds like you've got an older Wireless system that was installed by the church and still running the older "Odyssey" system.

It is possible to have Global Services re-do the existing AP replacing the current setup with "LDS Access" which uses WPA or WPA2 to secure the network. However, that would require that all existing wireless computers be re-configured.

All information I've seen indicates that any wireless is to be secured by WPA or WPA2 and it's up to the Stake President as to who it's to be shared with. That sure doesn't sound "public" to me.

Since you have a FHC, the filtering level will need to be "General Access" or equivalent.

To make the change, have the Stake Technology Specialist call the Global Services Desk. I'd leave the FM group out of this.
Have you searched the Wiki?
Try using a Google search by adding "site:tech.lds.org/wiki" to the search criteria.

jdlessley
Community Moderators
Posts: 6526
Joined: Sun Mar 16, 2008 11:30 pm
Location: USA, TX

Postby jdlessley » Thu Nov 05, 2009 12:44 pm

I tried to find, but couldn't, the posts from users in Australia about how their Internet connections are managed. But I recall that more than one user mentioned that the ICS office manages all internet access in their Area and that the responsibilities for managing Internet connections that normally fall on the stake technology specialist in other areas of the world, such as the US and Canada, have been given to the FM group.

If that is truly how things are managed for Australia then the information that jmessinger has provided indicates that the ICS office is working on a plan for wireless access for their Area. I would guess that the LDSAccess project is the ICS office's term for converting from the moroni script (uses Wep security protocol and requires the third party software Odyssey Client to manage wireless access) to the more secure LDSAccess script (WPA security protocol and does not use Odyssey Client). This would be done across the entire Area rather than at just the stake level.

jmessinger wrote:Reference was made to a "[color=black]LDSAccess (public access to the Church wireless internet) project"...[/color]
[color=black]The wireless access would only be public if the passkey is made public. From what I have seen posted on these forums about the manner in which the ICS office manages Internet connectivity in their Area I doubt that is going to be the case. It is more likely that the ICS office is using the term 'public access' because the tight control normally found with the moroni script and requiring installation of Odyssey Client software on each computer would be absent. It becomes public because the control of the passkey is less securely controlled (just my guess).[/color]

jmessinger wrote:LDSAccess ... project", which is being put on hold until a filtering schema could be developed that would limit access to social networking sites whilst allowing priesthood leaders access to the sites that will help them in their callings. This was mentioned in conjunction to a comment about priesthood leaders expressing concern that under this access that youth might spend sacrament meeting browsing Facebook etc on their iPhones
Unless the passkey is disseminated publicly to the members of the Church in the Area the youth would not have wireless access. Without knowing the real plan on control and dissemination of the passkey the youth using the wireless access may or may not be an issue.

[color=black]
jmessinger wrote:One other item that was mentioned in this response was that the project was being delayed also due to the requirement for any FHC computers running Windows 2000 or a certain make/model of wireless cards requiring an upgrade to ensure that they can continue to access the wireless network.
This may be that those legacy cards are only WEP capable and not compatible with the WPA security protocol.
[/color]


[color=black]
jmessinger wrote:Arriving now at the point of this post, my stake president was somewhat confused by the response from ICS to his request for access to the meetinghouse wireless internet (they neither said yes or no), and asked me to find out more before we respond. Is there someone in the forums that knows of this project, or is it possibly something that is just happening in our Area?
It is more likely that the project is only in your Area since the management of Internet connectivity is managed by the Area ICS office instead of locally at the stake level.
[/color]

[color=black]
jmessinger wrote:The implication of this response is that the Church wireless internet will no longer be secured in terms of being able to connect to the network (anyone in the building will be able to access the wireless connection), but that filtering of some level will still be enforced.
[/color]The security, or publicness, of the wireless Internet depends entirely on how the passkey is controlled.
JD Lessley
Have you tried finding your answer on the LDS.org Help Center page or the LDSTech wiki?

njpomeroy
New Member
Posts: 12
Joined: Tue Jan 13, 2009 10:34 am
Location: Elk Grove, CA, USA

I don't mean to be a wet blanket on a tangent, but...

Postby njpomeroy » Thu Nov 05, 2009 2:53 pm

jmessinger wrote:This was mentioned in conjunction to a comment about priesthood leaders expressing concern that under this access that youth might spend sacrament meeting browsing Facebook etc on their iPhones (which, btw I would be concerned about too).


Anyone with an iPhone already has access to the internet over the cellular network, and doesn't need WiFi access. Anyone with access to a smart phone with a data plan (blackberry, palm pre, windows mobile, whatever) has access to the internet without the use of WiFi. Anyone with any kind of cell phone has access to SMS texting and text to web service interfaces, etc.

*This particular concern* is a social problem, and cannot be regulated by a technical solution (like most social problems). No amount of filtering, access control, or configuration will make people stay engaged in Sacrament/Church meetings.

jmessinger
New Member
Posts: 26
Joined: Sun Feb 22, 2009 3:57 am
Location: Brisbane, Australia

Postby jmessinger » Fri Nov 06, 2009 5:33 am

Thanks everyone for your responses.

Yes, we are still on the Odyssey client, running the moroni script. The email response we received to our request made reference to public access, and reading further into it, seemed to imply that the passkey would be public, which seemed a little odd to me. jdlessley's comments on this make sense in that access to the passkey would be less tightly controlled. Sounds like we are simply moving to an access model like that in the US, where the stake president can authorise access to the wireless network, as mentioned by RussellHltn.

Our STS unfortunately does not really have anything to do with the computers, he only operates the satellite equipment when we receive a broadcast, so the stake president tends to rely on me (stake clerk) for advice on the computer equipment due to my employment in an IT related field :)

Seems like we will end up seeking clarification direct from our ICS office. My purpose in bringing this to the forum was to see what we could find out about this before responding to ICS and sounding totally ignorant of what is going on. I think I can be confident in expecting that what we will get is what has been described in the various responses to my post. Thanks again for your responses, this is what I like about this forum. :D

applestamps-p40
New Member
Posts: 7
Joined: Tue Jun 09, 2009 8:34 pm
Location: Denver, Colorado, USA Golden Stake

Postby applestamps-p40 » Wed Mar 03, 2010 8:47 am

jmessinger wrote:Thanks everyone for your responses.

Our STS unfortunately does not really have anything to do with the computers, he only operates the satellite equipment when we receive a broadcast, so the stake president tends to rely on me (stake clerk) for advice on the computer equipment due to my employment in an IT related field :)
:D


As an STS, I wish I could get away with your STS's hands off approach. :) Life would be easy if I only had to worry about broadcasts. Direct him to the description of the calling in the handbook. I think at one time broadcasts were all the STS had to deal with, but as previously mentioned in this thread, the STS is now responsible for all computers in the stake. to quote:

"You manage Church computers in the stake, including those in family history centers. Duties include ordering, installing, scheduling, reassigning, supporting, and arranging for repairs and disposal of Church computers."

from:

http://lds.org/ldsorg/v/index.jsp?locale=0&sourceId=2ed43a0a65730110VgnVCM100000176f620a____&vgnextoid=b7498868fc1aa110VgnVCM1000003a94610aRCRD

Let us know how the change from Odyssey to LDS Access goes. It is on my todo list in our stake center.


Return to “Meetinghouse Internet”

Who is online

Users browsing this forum: No registered users and 1 guest