Neighborhood WiFi Security 328
picaro writes to tell us the New York Times has an interesting piece about the abundance of open wireless connections available due to the lack of the average user's knowledge. The article also takes a look at how the prevalent attitude is that tapping in to these connections does not equate to stealing and why still other may disagree. From the article: "Piggybacking, the usually unauthorized tapping into someone else's wireless Internet connection, is no longer the exclusive domain of pilfering computer geeks or shady hackers cruising for unguarded networks. Ordinarily upstanding people are tapping in. As they do, new sets of Internet behaviors are creeping into America's popular culture."
RTFM (Score:5, Interesting)
Take a bike, leave a bike (Score:5, Interesting)
I have WiFi access! (Score:5, Interesting)
Old joke, I know. But so true. And why? Because without fault, ALL APs are configured to accept any and all connections by default. And why? Because otherwise, clueless people would swarm the manufacturer's call center asking how to connect.
When it's configured in nymphomaniac mode (i.e. do it with everyone you can get), people can connect, they're happy and won't even bother thinking about securing their 'net. At least until the feds knock at their door, asking a few dumb questions about movies and pron.
But that's no problem either, because in our legislative, being clueless on the net is appearantly an excuse for committing any crime. You participated in a DDoS because your computer contains more malware than other programs? No worries, you didn't know, you're not to blame. Your connection was used to run an illegal server? No worries, it wasn't your fault, your computer was abused as a server.
Usually not knowing it's a crime is no get outta jail card. When it comes to the 'net, it is. Maybe 'cause legislators and judges are predominantly clueless in respect to the net as well.
Hey, self interest!
But as long as it's an excuse to shrug your shoulders and claim you didn't know what you're doing, people won't get wiser.
Bandwidth-based pricing would stop this, and other (Score:4, Interesting)
Does anyone know why it is that companies don't just charge for bandwidth, the way they do with a colo? Is it really so complicated?
That would be nice to for mom-and-pop -- they wouldn't have big fixed-fees due to heavy users like myself.
Re:I have WiFi access! (Score:5, Interesting)
Usually not knowing that what you are doing is not a crime is no defence, true. Generally though, not knowing that you're not doing something is, unless the prosecution can prove negligence.
Until and unless there's a crime of failing to take reasonable steps to secure a PC or similar, people are going to "get away" with it.
Note that if you claim that it wasn't you, it was someone else using your connection without your knowledge, but the prosecution can demonstrate that actually it most likely was you and that you left your connection unsecured in order to provide yourself with that excuse, you'll likely not be believed.
Re:Take a bike, leave a bike (Score:2, Interesting)
Re:Take a bike, leave a bike (Score:1, Interesting)
Sharing schemes never work without close policing. Most people are honest, but too many are not.
Trajedy of the Commons (Score:5, Interesting)
With regard to securing access points, I've thought of a better way of setting things up properly (someone may already have thought of it). You plug your computer in to the AP for the first time via an Ethernet cable. You go into the settings, and click an option to setup the AP. The AP creates a secure WPA key using random characters. It then spits out a small script for you to download. You execute the script as Administrator or root, and it automatically configures your OS for the AP, with the right key and everything. After this you can use the AP wirelessly.
There would be some problems though, mostly checking the OS type and having to write scripts for Windows, OS X and Linux. But I reckon it could be done.
What does your ISP have to say ? (Score:3, Interesting)
In the UK all the ISPs I have ever dealt with have stipulated no sharing, not even a home network with two plus computers.
Not something I keep to mind, but worth bearing in mind if things ever do get nasty.
Re:RTFM (Score:4, Interesting)
If I could be sure everyone would only use it for browsing, email, IM and the odd bit of downloading then I'd be for it, other than that, I would rather not risk it.
As for being able to prove it wasn't you, should someone hop on and do some dastardly deed, I'd be interested to know how. Has anyone tested that theory? I'd hate to be the first person to go to court, try and prove it wasn't me, and find out the court wasn't having any of it!
Wardriving not for the 'geek' anymore (Score:3, Interesting)
I was on my way to Toronto, stopped in a Tim Horton's, and because I was working on something rather important and there was a heavy wind/snowstorm going on I whipped out my laptop. I couple sitting at the table over from me wanted to check their email, but was unsure of how I was getting internet. I explained that I was getting internet from some generous local person, they tried to get wireless working, though their laptop's card wasn't powerful enough. So I gave them Netstumbeler and taught them how to use it. I'll bet they're going to be wardriving alot more now ;P
The thing was, these guys had an open mind about security, they didn't mind trotting into other people's wireless network any more than I did. It is because of the generosity of the people who left the access points open.
I leave mine open on a another network, just on principle. I limit the bandwidth to un-filtered addresses, just due to the generosity I've received in connecting to others.
Wi-Fi Honeypots? (Score:4, Interesting)
Of course if you're too clueless (or too lazy) to take any steps to secure your wireless network then you probably shouldn't be complaining when someone else takes it upon themselves to utilize the resources that you've basically left laying around in public, I mean it's akin to putting a wad of money out on the sidewalk in front of your house and expecting it to be there next week.
Securing your WAP isn't any great task, the OEM's producing these devices for home/small business networks have made it very easy to do, have for the most part documented it well and there are a plethora of resources on-line to supplement the OEM documentation. No excuse not to do it, unless of course you really don't care that any Tom, Dick or Harry can connect to your home LAN and basically do whatever they want with that connection, including poking around on every machine you have connected to it as well utilize your Internet connection for whatever they feel like doing with it.
Tor (Score:3, Interesting)
Re:I have WiFi access! (Score:2, Interesting)
I've tested and reviewed about 20 APs and wireless routers in the last two years. I've found only one that had WPA ebabled by default: Netgear's WGU624 [netgear.com].
Using open APs to route the whole network (Score:3, Interesting)
One is connected to my cable modem, and is linked to the second one through a vlan. The second one's wifi card is in client mode, and connects itself to the AP of a little shop under my flat, using it as its default gateway. Add a little script on the first one which will change the routing tables to use the second router as gateway if my cable provider's gateway is unaccessible, and there you have it: totally transparent, free redundant connection for the whole network. Even the machines without wifi since their gateway is still the first router...
I'm going to shape the traffic on the second one to limit p2p use on that connection since the purpose is not to suck their bandwith to death though...
Re:I have WiFi access! (Score:2, Interesting)
I have just the opposite experience. Ameritech.. err SBC.. err AT&T offers DSL in my area and sold a very popular line of 2Wire wireless routers for home networking as part of their install and I can find at least 12 of these around my neighborhood and they're all locked down with a semi-unique SSID (usually 2Wire_???) and the WEP or WPA key is a number written on the underside of the router. So, by default, these come with encryption enabled. Not that I was up to anything nefarious, I just got one of those 802.11b sniffing handheld gadgets for Christmas and I was driving around wondering how many people around me had computers and wireless. Turns out the only open place was a coffee shop down the street.
Re:Trajedy of the Commons (Score:2, Interesting)
Upgrade your firmware! (Score:2, Interesting)
Yes, folks, the Linksys router you bought can now be configured with one of those "Welcome" screens just like at McDonald's, so you can welcome your neighbours to your wireless access point and start charging them by the hour to pay your monthly broadband bills!
Upgrade your firmware today and start making $$$ from your home!
Oh Yeah... (Score:3, Interesting)
I don't do it to torment my neighbors though, I just happen to trust the swan guys a whole lot more than the WEP guys to design a network encryption setup that doesn't suck.
People don't understand yet (Score:4, Interesting)
I don't open my AP, and here's why: People still don't understand enough about how their computers and the networks that connect them work to be trusted in my environment. Having recently left college, I was around when my fraternity put in wired ethernet and later wireless APs. We told everyone when we put everything in, "We all share this $N k/sec. line. Do not hog bandwidth. Limit your downloads. This network is intended to allow brothers to do schoolwork in-house, rather than haul to campus." I must say that all of my fraternity brothers were pretty level-headed. None of them would have actively screwed over another brother. But, invariably, once a week or more the net would stop dead because one of them had Kazaa up, downloading seven seasons of anime and leaving their uploads unlimited. They weren't trying to be jerks, they just didn't understand how the network worked and how much bandwidth they were using.
So, I keep my AP closed. If I knew that my neighbors were knowledgeable, I'd open it to them. I open the network to anyone who visits me in my home - where I can click them off if they do something stupid. Unknowns - never on my network.
Comment removed (Score:2, Interesting)
Re:Wardriving not for the 'geek' anymore (Score:3, Interesting)
Wi-Fi is now a part of most of our daily lives. Some folks have their peeves, convictions, and styles, which give shape to a localized wireless space. In densely populated areas, if one of your neighbors has their AP encrypted, there will be at least 2 APs which are completely unconfigured, and two APs that are obviously configured for use by whomever (with an SSID of "free" or something).
The Internet wants to be everywhere, and the information wants to flow. The {spice|oil|net} must flow.
Re:Wi-Fi Honeypots? (Score:3, Interesting)
Re:I love open wifi.. (Score:3, Interesting)
Anybody working on an 802.11 tipping extension? I've seen this situation before and I'd love to have paypal'ed the guy a buck for bailing me out of a sticky situation.
Re:Take a bike, leave a bike (Score:3, Interesting)
Re:Take a bike, leave a bike (Score:2, Interesting)
So Japan is, or maybe was different. But I'd think that the bike thing would work there still. Hell lots of European cities manage it, and I'd guess small towns could manage it as well. But in a big US/UK city, this sort of scheme is doomed.