An observation I would make is that the number of mac addresses per person at the tech heavy meeting has climbed substantially over 1 (not to 2 yet) so it's not so much that everyone brings a laptop... it's that everyone brings a laptop, a pda and a phone, or two laptops. In a year or two we'll be engineering around 2 radio's per person in five years who knows.
We did the wireless network at LCA '06. Due to abuse at LCA '05 we required everyone to register their mac address to their registration code before we let them onto the network. This means we have a nice database of MAC's <-> people. We saw: 199 people with 1 MAC address registered 102 people with 2 MAC addresses registered 9 people with 3 MAC addresses registered 5 people with 4 MAC addresses registered 1 person with 6 mac addresses registered We did have a lot of problems with devices that didn't have a web browser (so had to ask us to add their macs manually, there were 11 people who had this that aren't accounted above). Mostly voip phones, but it's amazing how many people have random bits of hardware that will do wifi! This is perhaps biased as there was also wired ethernet available to some people in their rooms (about 50 rooms IIRC), so some of those 102 people would have a MAC for their wireless and a seperate MAC for their wired access. We also ran soft AP's on soekris boxes running Linux, so we could hook into the AP at a fairly low level. We firewalled all DHCP replies inside the AP so it wouldn't forward any DHCP replies received from the wireless to another client on the AP or onto the physical L2[1] As an experiment we firewalled *all* arp inside the AP's so ARP spoofing was impossible. ARP queries were snooped and an omapi query was sent to the DHCP server asking who owned the lease, and an ARP reply was unicast back to the original requester[2]. This reduced the amount of multicast/broadcast (which wireless sends at basic rate) on the network, as well as preventing people from stealing IPs and ARP spoofing. To stop people from spoofing someone elses MAC, we also had lists of which AP a MAC was associated with, if a MAC was associated with more than one AP we could easily blacklist it and visit people in the area with a baseball bat. We didn't see much abuse, (and didn't have people complain about abuse so I guess it's not just that they hid it from us), I think mostly because people knew that we had IP<->MAC<->name mappings, and abusers knew they could easily be tracked down. One of the more interesting things was that during the daytime we were a net importer of traffic as people did their usual web surfing, but at about 10pm at night we suddenly became a net exporter as people started uploading all their photos to flikr. ---- [1]: All client to client traffic in managed mode is relayed via the AP. [2]: Amusing story, one of the developers had written a patch to detect if someone else was using the same IP on the same L2 and produce a warning. He tried it on our network and found that it didn't work. After much head scratching he discovered what we were doing :)