posted March 05, 2008 08:11 AM         

My Open Wireless Network

Whenever I talk or write about my own security setup, the one thing that surprises people -- and attracts the most criticism -- is the fact that I run an open wireless network at home. There's no password. There's no encryption. Anyone with wireless capability who can see my network can use it to access the internet.

To me, it's basic politeness. Providing internet access to guests is kind of like providing heat and electricity, or a hot cup of tea. But to some observers, it's both wrong and dangerous.

I'm told that uninvited strangers may sit in their cars in front of my house, and use my network to send spam, eavesdrop on my passwords, and upload and download everything from pirated movies to child pornography. As a result, I risk all sorts of bad things happening to me, from seeing my IP address blacklisted to having the police crash through my door.

While this is technically true, I don't think it's much of a risk. I can count five open wireless networks in coffee shops within a mile of my house, and any potential spammer is far more likely to sit in a warm room with a cup of coffee and a scone than in a cold car outside my house. And yes, if someone did commit a crime using my network the police might visit, but what better defense is there than the fact that I have an open wireless network? If I enabled wireless security on my network and someone hacked it, I would have a far harder time proving my innocence.

This is not to say that the new wireless security protocol, WPA, isn't very good. It is. But there are going to be security flaws in it; there always are.

I spoke to several lawyers about this, and in their lawyerly way they outlined several other risks with leaving your network open.

While none thought you could be successfully prosecuted just because someone else used your network to commit a crime, any investigation could be time-consuming and expensive. You might have your computer equipment seized, and if you have any contraband of your own on your machine, it could be a delicate situation. Also, prosecutors aren't always the most technically savvy bunch, and you might end up being charged despite your innocence. The lawyers I spoke with say most defense attorneys will advise you to reach a plea agreement rather than risk going to trial on child-pornography charges.

In a less far-fetched scenario, the Recording Industry Association of America is known to sue copyright infringers based on nothing more than an IP address. The accused's chance of winning is higher than in a criminal case, because in civil litigation the burden of proof is lower. And again, lawyers argue that even if you win it's not worth the risk or expense, and that you should settle and pay a few thousand dollars.

I remain unconvinced of this threat, though. The RIAA has conducted about 26,000 lawsuits, and there are more than 15 million music downloaders. Mark Mulligan of Jupiter Research said it best: "If you're a file sharer, you know that the likelihood of you being caught is very similar to that of being hit by an asteroid."

I'm also unmoved by those who say I'm putting my own data at risk, because hackers might park in front of my house, log on to my open network and eavesdrop on my internet traffic or break into my computers. This is true, but my computers are much more at risk when I use them on wireless networks in airports, coffee shops and other public places. If I configure my computer to be secure regardless of the network it's on, then it simply doesn't matter. And if my computer isn't secure on a public network, securing my own network isn't going to reduce my risk very much.

Yes, computer security is hard. But if your computers leave your house, you have to solve it anyway. And any solution will apply to your desktop machines as well.

Finally, critics say someone might steal bandwidth from me. Despite isolated court rulings that this is illegal, my feeling is that they're welcome to it. I really don't mind if neighbors use my wireless network when they need it, and I've heard several stories of people who have been rescued from connectivity emergencies by open wireless networks in the neighborhood.

Similarly, I appreciate an open network when I am otherwise without bandwidth. If someone were using my network to the point that it affected my own traffic or if some neighbor kid was dinking around, I might want to do something about it; but as long as we're all polite, why should this concern me? Pay it forward, I say.

Certainly this does concern ISPs. Running an open wireless network will often violate your terms of service. But despite the occasional cease-and-desist letter and providers getting pissy at people who exceed some secret bandwidth limit, this isn't a big risk either. The worst that will happen to you is that you'll have to find a new ISP.

A company called Fon has an interesting approach to this problem. Fon wireless access points have two wireless networks: a secure one for you, and an open one for everyone else. You can configure your open network in either "Bill" or "Linus" mode: In the former, people pay you to use your network, and you have to pay to use any other Fon wireless network. In Linus mode, anyone can use your network, and you can use any other Fon wireless network for free. It's a really clever idea.

Security is always a trade-off. I know people who rarely lock their front door, who drive in the rain (and, while using a cell phone), and who talk to strangers. In my opinion, securing my wireless network isn't worth it. And I appreciate everyone else who keeps an open wireless network, including all the coffee shops, bars and libraries I have visited in the past, the Dayton International Airport where I started writing this, and the Four Points Sheraton where I finished. You all make the world a better place.
article source

+++++++++++++++

posted March 05, 2008 08:03 PM         

I myself have a open wireless network. While I am aware of the possiblities of future problems, it doesn't concern me. One reason is I live in a rather rural area ... I have only 4 neighbors with nothing but hayfields and hwy surrounding our lil circle. Of those 4 neighbors, all but one have internet. So why would they use mine? I can pick up one of my neighbors wireless signals, but it's not strong enough for me to do anything. Maybe I ought to drive around with my PSP to see just how far my signal reaches though, outta curiosity.

When some friends moved in next door It was going to take weeks for the cable company to come out and create a connection for them, there for they would also be without internet for that period of time. And he coudln't have that (we call him Mr. Best Buy, always has the latest and greatest of technology and multiple cell phones he carries around - it's crazy)So we filled him in on the secret that if he had wireless capabilities he could jump on our network. Needless to say he was a happy camper. Like yourself, we didnt notice any sluggishness. My Fiance plays PS3 online with this friend, who's also using our network, while I am online using the computer with no signal problems what so ever ... although, like yourself as well, we've upgraded to one of the fastest speeds our provider offers. (we're impatient like that

posted March 07, 2008 09:25 AM         

I'm not alone after all *sigh

Thanks Ang for your thoughts and time

Your input is greatly appreciated

---------------------

Anyone else wanna spill the beans?

------------------------------
The Anti Boredom Campaign

posted March 07, 2008 01:52 PM         

It will either show you the mac addresses or IPs of the various computers that are logging in.

To access your router type 192.168.0.1 or 192.168.1.1

Now if you don't know your pw just type "admin" as the username with no password.

Look for the network settings, click around and see if you can find a list of users or a network history.

If you are having a ton of people you don't recognize logging in, I recommend you encrypt. This can be an identity theft issue.

posted March 07, 2008 02:54 PM         

Three years ago I saw a news story on young kids, 12 and 13, in NYC War driving in taxi cabs because they were too young to drive. They attached Pringles Potato Chip cans with wire to their gaming laptops and drove around the city stopping in front of buildings and finding thousands of open wireless routers.

While sitting in a cab with a TV reporter, they stopped in front of a building while a woman was on her computer inside. They accessed her credit card numbers, her bank account numbers and ATM card numbers, etc. After they recorded her numbers the reporter rang the doorbell, she came downstairs and the reporter interviewed her, informed her that these 12 year old kids just accessed all of her important bank information and financial information just by sitting outside her building in a taxi cab with a laptop and a Pringle's Can.

Check out this video and some others on "War Driving" and don't think that just because you live in a rural area that you are not vulnerable:
http://youtube.com/watch?v=UToqMfN9FhQ

This kid is saying some interesting stuff, but it's the stuff that they are editing out that is probably the most important.

If you want to be a good host to your friends with laptops, give them the password when they come to your house, it's very easy. Please YFIS, please do it. It may not be only about you, it could be someone that you speak with or e-mail on your computer who you are making vulnerable to this kind of thing as well.