Slashdot Mirror
Neighborhood WiFi Security
picaro writes to tell us the New York Times has an interesting piece about the abundance of open wireless connections available due to the lack of the average user's knowledge. The article also takes a look at how the prevalent attitude is that tapping in to these connections does not equate to stealing and why still other may disagree. From the article: "Piggybacking, the usually unauthorized tapping into someone else's wireless Internet connection, is no longer the exclusive domain of pilfering computer geeks or shady hackers cruising for unguarded networks. Ordinarily upstanding people are tapping in. As they do, new sets of Internet behaviors are creeping into America's popular culture."
Civilization, the death of dreams.
Some cities have implemented systems where you can borrow one of the public bicycles that are painted with an ugly colorscheme and use it to go where you need to go. Someone can then, in turn, borrow that bike from you after you've parked it. It's an interesting system because the bikes are just community property and everyone has the right to ride them.
Ordinarily upstanding people are tapping in. As they do, new sets of Internet behaviors are creeping into America's popular culture.
Yeah, like computer users getting sued by the RIAA when they have never used any P2P software on their machine, for example...
My neighbour bought an access point!
Old joke, I know. But so true. And why? Because without fault, ALL APs are configured to accept any and all connections by default. And why? Because otherwise, clueless people would swarm the manufacturer's call center asking how to connect.
When it's configured in nymphomaniac mode (i.e. do it with everyone you can get), people can connect, they're happy and won't even bother thinking about securing their 'net. At least until the feds knock at their door, asking a few dumb questions about movies and pron.
But that's no problem either, because in our legislative, being clueless on the net is appearantly an excuse for committing any crime. You participated in a DDoS because your computer contains more malware than other programs? No worries, you didn't know, you're not to blame. Your connection was used to run an illegal server? No worries, it wasn't your fault, your computer was abused as a server.
Usually not knowing it's a crime is no get outta jail card. When it comes to the 'net, it is. Maybe 'cause legislators and judges are predominantly clueless in respect to the net as well.
Hey, self interest!
But as long as it's an excuse to shrug your shoulders and claim you didn't know what you're doing, people won't get wiser.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Is Ric Romero writing for the NYT now!?
Can we borrow an 'obvious' tag from our friends at Fark.com?
AT&ROFLMAO
As they do, new sets of Internet behaviors are creeping into America's popular culture.
you mean "SHARING" something?
perpetually dwelling in the -1 pits
In a semi-related story... I was at a friend's place last week and I wanted to transfer to him some audio-recordings of my band's recent practice. I asked him, "Do you have a wireless network or anything set up here?" ... He said how he didn't want to "get into that wireless stuff" because there are apparently so many people who would hack into his wifi network or whatever. That, and there are people who drive around in vans with gear to hijack peoples' wireless networks.
During the minute or so that he was going on about this stuff, I found about 3 open wireless networks in range. I connected to one of them, logged into MSN Messenger and laughed as he saw a little notification pop up on his PC screen that indicated that I had just come online.
Share your toys with the other children
and as Wifi is local (+/-300m) you are actually adding value your community and contributing to society, which makes a change from the usual selfish me me me i gots mine attitude that some people would advocate
be part of team community, you will get more done
If you had to pay for bandwidth based on how much you used, people wouldn't do share. Also, telco companies wouldn't be floating the concept of charging more for various services (e.g. VOIP, or VOD).
Does anyone know why it is that companies don't just charge for bandwidth, the way they do with a colo? Is it really so complicated?
That would be nice to for mom-and-pop -- they wouldn't have big fixed-fees due to heavy users like myself.
http://www.thebricktestament.com/the_law/when_to_
I was sitting at a McDonald's with my laptop during a road trip. There were two wifi networks available. One was titled 'McDonald's' and the other was titled 'BetterThanMcDonald's.' I used the latter. I love when people do that..
--- We need more Ron Paul!
I've often thought about openning my AP, but I just know that after a week or two some jerk is going to use my DSL connection as his own personal torrent link. If I was using someone's DSL connection I'd limit myself to just normal browsing and light email. Those morons ruin it for everyone else.
With regard to securing access points, I've thought of a better way of setting things up properly (someone may already have thought of it). You plug your computer in to the AP for the first time via an Ethernet cable. You go into the settings, and click an option to setup the AP. The AP creates a secure WPA key using random characters. It then spits out a small script for you to download. You execute the script as Administrator or root, and it automatically configures your OS for the AP, with the right key and everything. After this you can use the AP wirelessly.
There would be some problems though, mostly checking the OS type and having to write scripts for Windows, OS X and Linux. But I reckon it could be done.
Just out of interest what does your contract with your ISP have to say about sharing your connection ?
In the UK all the ISPs I have ever dealt with have stipulated no sharing, not even a home network with two plus computers.
Not something I keep to mind, but worth bearing in mind if things ever do get nasty.
ERR 411[Max number of witty sigs reached]
I think it's probably because the fairly large percentage of low-bandwidth users (simply email & minimal surfing, no mp3s/videos/p2p) would be a total loss of profit to the ISPs, if they started charging based on actual bandwidth usage.
They can make an unbelievable amount of money because while the ISP might pay for their connection by bandwidth used, their users (you and I) are paying a flat-rate (and probably artificially large) monthly fee regardless of bandwidth usage.
What I'm trying to get across is, they can charge a nice high monthly fee, which might easily cover, let's say, 20gb of up/down bandwidth per month. If an ISP's user is only using 1-2gb per month for their email, random family photo attachments, and maybe a few mp3s from iTunes... Well.. the ISP just got enough money to cover 20 gb of bandwidth, but only 2gb were used.
This situation has existed for a very long time in regards to net access - since dialup net access because a common thing, essentially. I remember fixing a family's computer and for whatever reason having to check out their dialup account configuration at their ISP. I noticed they only spent like 10 hours online per month, but of course their package allowed something like 100 hours. The ISP surely loved them...
A lot of ISPs here in the UK do indeed offer plans with a monthly bandwidth usage cap. If you exceed the cap, you pay for the extra you use, generally in 1GB chunks. I beleive that some ISPs offer the user the choice to have their access cut off if they exceed the cap, rather than be charged for more.
Those plans tend to be a little cheaper than the uncapped ones, but not by as much as you might expect. For example, I have an uncapped plan, which is only a couple of pounds more per month than my parents' capped plan (same connection speeds, same ISP).
It's official. Most of you are morons.
Leaving an open wifi connection is a perfectly sensible thing to do.
The inconvenience of a possible occasional loss of bandwidth is more
than offset by the fact that this makes it impossible for the RIAA to
prove that you were the one sharing copyrighted music [or downloading
kiddie porn, hosting "terrorist" websites etc etc].
I not only run an open node, but make sure that my neighbors know that it's there. Failing to secure an access point isn't a lack of user knowledge, it is common courtesy.
All I got was "That shouldn't be allowed".
Under my own initiative, I then put a fairly long encryption key on their network and password protected the router config. I know it's weak security, but it's better than none at all.
That is how much people care about security. I explained to my uncle the other day about how spyware can log your key presses and report them back to a server. He was shocked and outraged, for about 1 second. Once his computer was clean enough to be usable, he was satisfied (this is a home & business computer, used for EBAY).
Nobody gives a shit about anything to do with computers. It seems that the current parent generation was lead to believe that technology would make life easier and do all the work for them, when the reality is that it's actually replaced much of the work. God knows what long term effects this will have on computing.
I was on my way to Toronto, stopped in a Tim Horton's, and because I was working on something rather important and there was a heavy wind/snowstorm going on I whipped out my laptop. I couple sitting at the table over from me wanted to check their email, but was unsure of how I was getting internet. I explained that I was getting internet from some generous local person, they tried to get wireless working, though their laptop's card wasn't powerful enough. So I gave them Netstumbeler and taught them how to use it. I'll bet they're going to be wardriving alot more now ;P
The thing was, these guys had an open mind about security, they didn't mind trotting into other people's wireless network any more than I did. It is because of the generosity of the people who left the access points open.
I leave mine open on a another network, just on principle. I limit the bandwidth to un-filtered addresses, just due to the generosity I've received in connecting to others.
Yes, it's "stealing" when some luser has left their wifi open. Don't want somebody using a service you're providing? Turn it off. If it's still open, don't bitch when somebody uses it, you deserve it. I for one keep my network secure, and just in case anybody does get on through the WEP, my LAN is firewalled by my gentoo linux box.
My node is called HELLOWARDRIVER.
I think a lot of people have an open WiFi connection for the rest of the world to use. This however is not only because they want to give some protest but also to simply add a other node to the ever growing number of open "uplinks".
As more and more people are doing so at the moment it becomes easy for traveling laptop users to get online everywhere they want. Closing you "uplink" will become more and more rude in the global opinion I think. Sharing the connection will become more natural to people as they become more aware of the benefit they have from the open uplinks offered by other users.
WiFi will become eventually something like opensource code, sharing and be shared only here we are not talking about code but about internet access. You give access to users and those users give you access in return.
At least this is my opinion.
Regards,
Johan Louwers
Regards, Johan Louwers.
This can never happen. The simple fact is that a bandwidth-based price scheme that keeps profit at the same level as today would demonstrate to people quite clearly just how badly they are getting ripped off. Light and heavy users alike would be outraged at the suddenly very clear abuse that is being perpetrated by ISPs. This is why they are pushing for a tiered internet instead. All the extra money, none of the extra service.
Actually, it is 100% possible for you to set up traffic bandwidth shaping so that any particular IP is only allowed a certain amount of bandwidth, for example.
... It's a bit technical but a useful resource nonetheless.
Use a UNIX-like machine as a router/firewall for your network, and you suddenly have amazingly detailed networking possibilities within your reach. I strongly suggest reading the Linux Network Administrator's Guide. Even though it's getting a little outdated it has some downright cool-ass information within.
Of course, few users are technically adept enough to actually set up a router like this, but I'm sure it has been used a lot for people who want to keep their wifi access "open", but safely limited.
On a related note there are pre-built linux firewall packages out there which will surprisingly easily allow you to do what I was just talking about.
Also, here is the Linux Advanced Routing & Traffic Control HOWTO
... I can't stand when summaries read stuff like "available due to the lack of the average user's knowledge".
Lots of APs are open not because the user doesn't know how to secure them, but because they don't give a crap. I personally have run an open AP for years. It is more convient (any device someone brings into my house has access, they don't need to get any keys), and the odds of any of my non-techie neighbours having WiFi are slim to none, so I really don't give a hoot about someone stealing my connection.
I wonder when/if we're going to start seeing stories about people setting up open WAP's as honeypots? In other words, set up an open AP, for the sole purpose of comprimising hapless piggybackers that connect to it with relatively unsecured machines -- I think it would be hilarious and a nice little piece of payback for those folks that thinks it's okay to piggyback off resources that someone else if paying for (with a little publicity might make people think twice about piggybacking).
Of course if you're too clueless (or too lazy) to take any steps to secure your wireless network then you probably shouldn't be complaining when someone else takes it upon themselves to utilize the resources that you've basically left laying around in public, I mean it's akin to putting a wad of money out on the sidewalk in front of your house and expecting it to be there next week.
Securing your WAP isn't any great task, the OEM's producing these devices for home/small business networks have made it very easy to do, have for the most part documented it well and there are a plethora of resources on-line to supplement the OEM documentation. No excuse not to do it, unless of course you really don't care that any Tom, Dick or Harry can connect to your home LAN and basically do whatever they want with that connection, including poking around on every machine you have connected to it as well utilize your Internet connection for whatever they feel like doing with it.
If you're going to offer a free wifi access point then please also run a Tor exit node.
it's a blue bright blue Saturday hey hey
The darker side of this...
1. Take one internet connection
2. Obtain a computer running something like linux w/two NICs
3. Connect first NIC to internet
4. Connect second NIC to an open AP
5. Place in crowded area
6. Run ethereal/tcpdump etc. on the linux box
Hey presto - everything in the clear is recorded. Don't get me wrong - not advocating this behaviour - but it's a clear risk for the people "borrowing" internet.
"Christine and Randy Brodeur confronted neighbors after discovering that some had illicitly piggybacked onto their wireless Internet access."
Go cry to someone else. What a bunch of dumb asses! If you don't secure your network and someone else hops on it's your fault. It's like leaving the keys in your car with the engine running. You are just asking to get your car stolen. There are plently of resources on line that will show you how to secure your network. Randy, if you would have confronted me I would have slapped you in your stupid face.
One is connected to my cable modem, and is linked to the second one through a vlan. The second one's wifi card is in client mode, and connects itself to the AP of a little shop under my flat, using it as its default gateway. Add a little script on the first one which will change the routing tables to use the second router as gateway if my cable provider's gateway is unaccessible, and there you have it: totally transparent, free redundant connection for the whole network. Even the machines without wifi since their gateway is still the first router...
I'm going to shape the traffic on the second one to limit p2p use on that connection since the purpose is not to suck their bandwith to death though...
I don't know about everyone else by my broadband is expensive. I am not 100% that I want the entire neighborhood benefitting from my $45.00 a month to stream video and choke my connection. Remember that social ideas are always spoiled by the greedy - and that describes most of humanity.
I meta-moderate because I care.
I wouldn't look up the consequences of a "free" and open connection to the internet.
The worst part is that you can actually catch everyone's traffic, maybe that's the illegal part of this so called "problem". Sharing isn't illegal, and about ignorance that's another subject
I don't post any links
I have read about other people's posts abot leaving your access point open and sharing the connection. Around here (Puerto Rico), people would just mess your resources up. I have a 1024 Kb down/ 512Kb up cable connection that I distribute among my two computers (one for light e-mail and downloading and another that I connect through the net from work). and I personally took care of security (MAC address filtering + best encryption supported by the AP).
The things is, people have attempted to get in and disable my equipment. People can and will use the wireless connection to do mischievous things. They get no access from me.
Open access is fine if you have an agreement with your neighbohrs and/or you have a common wifi provider (many new housing development are now including wifi from the get go). Otherwise, is just asking for trouble.
--MaxPowerDJ
Sorry, it does Happen. Here in Belgium 99% of the broadband providers limit your transfers to a certain monthly amount (usually 10GB, but the more you pay the more you get). And as far as I know only 3 providers give unlimited transfer. Two of them are cable operators, in which one gives you the no limits connection as standard and the other one charges you 60+ a month for unlimited access. And these 2 companies only offer their services in certain parts of Belgium.. The third one is an ADSL provider which gives you a 500MB limit but once you go over the limit you only pay 5 per month no matter how far you go.
We have that here in NZ too, and it SUCKS!
the major issue being that NZ telecom's idea of a fair price per unit of data bears little or no resemblance to reality.
And the company that owns the big cable hook up to australia is aparantly spitting because they are massively below capacity, and massivly below thier revenue point.
All this time I had honestly thought it was natural for "animehouse" to appear in that list out of nowhere and have my connection knocked off, due to natural crowding from being in a metropolitan area. Guess I shouldn't be on Slashdot.
When I did open my APs for the public, I just limited the connection speed for the unknown people down to 96 kbit/s and allowed usual web and ssh traffic to pass.
That's not bandwidth based. That's a flat rate plus a limit. Shafted two times over.
At first I was thinking - whoa, you're very open minded. Then I realized you wrote wifi instead of wife. I need some coffee.
I understand what you're saying about the open access, and it's a nice thing to do - but there's no way in hell I'm going to go through the federal investigation process or even chance the possibility of going to prison, for my neighbors kiddie porn habit. Sorry. My life and the potential hassle is worth way more than him saving $39.95 on his cable bill. You're being nice, and that's applaudable, but if anything does happen - you're going to have a tough time proving it was not you.
You: but I have logs!
Them: How convenient. The accused has evidence pointing to someone else. Is it unaltered proof?
You: Of course! These are the raw server logs!
Them: Logs, from your firewall?
You: Yes!
Them: A firewall which you have administrative access to, and can change the logs at will?
You: Uh, yeah. But I didn't change them.
Them: So the logs very well could be altered. And it would be in your best interest for that to happen?
You: WTF man... I didn't do it.
Don't expect your freeloader neighbor to step up and take a federal sentence when it comes down to it, and don't put your life in a position where it depends on the justice system to "get it right". Ken Lay, OJ, and lots of others are walking around free men today..
I was told that I could listen to the radio at a reasonable volume from nine to eleven...
Have a look at Fon, which is a wifi sharing scheme (backed by Google/Skype/Ebay).
But at least they didn't play the TERRORIST card.
Telcos do charge for bandwidth. As an example, BellSouth has three tiers of residential service based upon how much bandwidth that you want. The nature of typical network traffic is that it is typically not uniformly distributed (often Poisson distributed). The sale of the bandwidth to me assumes my network usage is indeed uniform. If someone else has a peak when I am at a lull, why not share (it causes me no harm and may help if they reciprocate)?
Infrastructure is uber-expensive. Competition is good. :-)
/month; 10/month if you subscribe to our main content producer (UOL/Abril), with many newspapers/weekly magazines articles available. US$ 30 for the telephone bill if you use the net everyday, but not heavily.
I was a partner in an ISP years ago, and we operated at a loss for a long time. I don't know in the US, but down here ISPs have a lot of competition -- their prices are kept quite low this way (and our telcos do NOT offer flat-rate POTS lines, so the dial-up must be CHEAP because the phone bill is usually expensive for a heavier dial-up user.) Typical pricing for dial-up here (in US$): 0 to 5
In the larger cities (>100k ppl) usually you have _at_ _least_ 2 or 3 wideband options; in my city (3rd largest in Brasil, 3M ppl), we do have 6 different WB options (two cable, two ADSL, two WiFi), and at least four of those are available in any given area inside the city's limits. Typical pricing here: US$ 50/mo for 1MBps, no bandwidth cap.
It's better to be the foot on the boot than the face on the pavement. ~~ tkx Kadin2048
I've been entering your house, drinking your milk and using your computer every time you left the door open.
What are you going to do about it?
I just found, during a firmware upgrade for my Linksys Wireless G VPN Router, that there is a new feature built in which allows you to configure your access point to use a paid, third party service through "Boingo" (dunno what that is, don't want to spend the 2 seconds it will take to find out) to charge for your access.
Yes, folks, the Linksys router you bought can now be configured with one of those "Welcome" screens just like at McDonald's, so you can welcome your neighbours to your wireless access point and start charging them by the hour to pay your monthly broadband bills!
Upgrade your firmware today and start making $$$ from your home!
A good reason to run an open access point on your broadband connection is that if you're ever sued by RIAA/MPAA or suspected of anything, you've got the possible defense that it was someone else connected to your access point. Lock it down and it had to be you. Of course, running an open AP makes it more likely that someone else will get on and seed a torrent of Bambi or upload midget pron, but you take your chances.
I'm using encryption, MAC address filtering, and SSID broadcast is disabled. I just don't want any computers on my net I have no control over. And if anyone thinks I'm selfsih or anti-social, tough.
Most of us run open access points NOT because we don't understand security, but because we fight the whole ANAL RETENTIVE security arguement.
COMMUNITY COMMONS ARGUEMENT
A. I run an open access point. Anyone who wants to connect travelling through my neighborhood can. If some goofy little neighborhood kid wants to get on, fine too. Likewise any leech. They can't be on 24/7, they have to sleep sometimes.
B. Even though I am a poweruser and do heavy P2P downloading, 90% of the bandwidth goes unused.
C. When I go travelling, I can my laptop and connect to others ACCESS POINT who share my philosophy and run their ACCESS POINT open. Its incredibly AWESOME. If I am lost, I can and have fired up Google Earth from a parkinglot, and zoom down in on the city and even locate my desitation, and have it plot my fastest travel path. I can check my email, and IM my friends, and even post to Slashdot.
D. My network works. It is very useful. Yours, with encryption, doesn't. Nobody can connect to it but hackers who break the WEP key and you your anal retentive self. In fact, I challenge the whole arguement that hackers are bad. I myself am a hacker. I write the software and create the networks and repair the computers that make it all work. I don't break systems, I fix them, and keep them running. Anyone who does otherwise is not a hacker, but a poser calling themselves a hacker, or you calling them a hacker. Go slander some other group. If it wasn't for hackers you wouldn't have that computer in front of you that you are reading this on now. Period.
E. Any computer you break of mine, I can fix. Mostly my computers by now are pretty resilient after years of experience. And for the hugest part, most users are well behaved and just want to get on the web, listen to music, and IM chat. If they look at taboo girlie pictures or lolicon or bomb making texts well fine, because even though I have little interest in such stuff, I fight CENSORSHIP WITH A FIERCE PASSION as well. Its nothing but bits over a wire and data on a harddrive and pixels on a screen, and if you say I am breaking the law just by having or viewing any data, well frankly you can go F yourself.
F. Hackers fought hard to get computers out from behind the glass walls of corporate and government datacenters in the 60's and put them into the hands of the people, and though most of you forgot, I did not. At the very core of hackerism somewhere is central concept that computer access and access to data networks should be available. Not necessarily totally free, but at least open and not for only a privledge few.
Chose which side you stand on. Are you with us or against us. Because if you are against us, stay on your own closed little networks at home or in the office and leave our open networks for ourselves and those that share our philosophy.
I route all unknown traffic on my wireless to gay porn....
(not that there is something wrong with that...)
Here's my wishlist for a Wireless AP hardware solution:
:(
1) the ability to easily set up a DMZ. I can firewall off my internal network easy enough, but if we want Joe User to do it, it needs to be easy and obvious to set up a free area that is distinct from the walled off internal network.
2) Bandwidth throttling based on the above mentioned DMZ. If you are in the DMZ, you may use x% of the available bandwidth. If you are on the internal network, regular rules apply.
3) Hot chicks in every box.
4) Mesh network capabilities. Each unit should seek out other units in range and create an ad hoc mesh network. This would be the first step toward taking the Internet back from the corporations currently in control.
5) Real range. I mean like at least 50 yards, but I'd prefer a lot more. When it comes to range, there is no "too much" only "not enough".
That's what I want to see in a next-gen wifi router. I guess I shouldn't hold my breath.
- Tom Caudron
- http://tom.digitalelite.com
-Tom
We have plaster and wire mesh walls, and steel beams holding up the ceiling and floors. Not only can I not see my AP from outside, I also can't use the cordless phone in the garden. I don't get calls on the mobile when at home though, so there are positives.
So, solution to the parents being tech clueless is to just have them redecorate in a more rustic style.
"Since when was it illegal to share your network connection with someone? Last I have heard there was an entire industry devoted to the service. They are called Internet Service Provider."
You are confusing technically possible and legal. Chances are, your ISP made you agree to a contract where you don't sublet your connection. Otherwise, blocks of flats would have one guy paying the bill and everyone else piggybacking on it. It's illegal as in you-signed-a-contract-saying-you-wouldn't-do-it, not illegal as in it's a separate offence in itself.
Miðbraut 8
170 Seltjarnarnes
In the UK I believe that they do that because of the way that the pricing from BT works (where most get the wholesale ADSL connections / connectivity from). Those that don't are paying for bandwidth directly somewhere along the line.
The problem is that customers LIKE fixed costs and don't necessarily know how much "X Gb" is. Some ISPs in the UK (like mine) are going away from fixed limits and using traffic shaping to limit the speed of e.g. P2P connections. They also restrict the use of "servers open to the internet" (but interestingly don't yet, as far as I can see, restrict open Wi-Fi).
It'll surely only be a matter of time before everything is charged per bit - including voice calls.
I don't do it to torment my neighbors though, I just happen to trust the swan guys a whole lot more than the WEP guys to design a network encryption setup that doesn't suck.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
I don't open my AP, and here's why: People still don't understand enough about how their computers and the networks that connect them work to be trusted in my environment. Having recently left college, I was around when my fraternity put in wired ethernet and later wireless APs. We told everyone when we put everything in, "We all share this $N k/sec. line. Do not hog bandwidth. Limit your downloads. This network is intended to allow brothers to do schoolwork in-house, rather than haul to campus." I must say that all of my fraternity brothers were pretty level-headed. None of them would have actively screwed over another brother. But, invariably, once a week or more the net would stop dead because one of them had Kazaa up, downloading seven seasons of anime and leaving their uploads unlimited. They weren't trying to be jerks, they just didn't understand how the network worked and how much bandwidth they were using.
So, I keep my AP closed. If I knew that my neighbors were knowledgeable, I'd open it to them. I open the network to anyone who visits me in my home - where I can click them off if they do something stupid. Unknowns - never on my network.
When I moved into my new place over new year I was told at the last minute by my ISP (who I had primed three weeks before about the move) that I would have to wait a further three weeks.. Now I work from home so this left me with a bit of a problem. Fortunately there were several people with completely unsecured connections, who saved my piggybackin' bacon in those three weeks. Now, I would have like to go and asked their permission, but its difficult to tell in such a densely populated area who the owner would be.. They were weak signals too so could've been anywhere in a wide radius. Perhaps the next generation of WiFi access protocols could allow you to add a name and address tag of sorts.. But maybe someone would present the downside of this to me? I can't think of one right now, but I'm sure there is something..
On a recent trip to Baltimore, I ended up staying in a hotel with one of those $10/day internet fees (bastards). After cursing while the laptop was booting up, I promptly found seven open networks that I could use. bte - Thanks for the bandwidth, "Zeus".
Obviously, I have no real issue about borrowing some bandwidth when I need it. I do try to be polite, however. Checking emails, a couple websites to keep up on news, and then I disconnected. Sure, I could have listened to some internet radio, fired up a couple chat programs and logged into a mmorpg but I feel that would have been rude. Sure, in a coffe-house, but not someone's personal network. If you're going to be an uninvited guest, at least be a good one.
Good points. Perhaps congestion-pricing is the way to go then.
I'm troubled by the fact that flat-rate pricing leads to people responding rationally (e.g. mega BitTorrent use) and then telcos complaining and having to use hardware/software to achieve their goals. All that costs money and wastes time -- better to just do some reasonable pricing in the first place.
http://www.thebricktestament.com/the_law/when_to_
That would be nice to for mom-and-pop -- they wouldn't have big fixed-fees due to heavy users like myself.
As a mom-and-pop, the big fixed fees simply mean dial-up.. I have broadband at work and dial-up at home. My SSID is NoInternet.
The truth shall set you free!
Piggybacking...is no longer the exclusive domain of pilfering computer geeks or shady hackers cruising for unguarded networks.
Some piggybackers don't even realize they're doing so: My parents came to visit, and while I was out, they tried connecting their laptop to the internet. Windows XP automatically connected them to a neighbor's wireless network, and they were reading email in no time. It never even occurred to them that they could connect to someone else's network.
Before anyone tries twisting this to anti-Microsoft bashing, that ease-of-connectivity is a good thing. This is case where the networking manufacturers should be more diligent in having more secure defaults.
- You plug it in. AP starts locked dowwn and redirects all HTTP traffic to a configuration page. The page asks the user to physically push a button on the AP.
- After the button is pushed, for a limited amount of time, all HTTP traffic is redirected to the configuration page.
- User is required to answer if they would like a secure or open network (default secure) and to pick an ESSID.
- Easy secure setup: Random WEP key is generated and sent as a script to configure client. Bookmark is added to allow for futher configuration.
- To authorize a new client, either log in from the already configured client, or push the button on the AP to redirect all clients to the configuration page.
- AP is only compromised for very short time windows.
Make even shorter URLs - 8LN.org
Thank you for your wife's sweet ass
Thank you at night for your 3 megabit lines
Thank you in the morning for your New York Times
Thank you all day, thank you in the evening, thank you in the morn
Thank you for enabling file-sharing on your collection of porn
Thanks for the bike, thanks for the cat
Thanks for leaving your key under the mat
-Eric
SJW: Someone who has run out of real oppression, and has to fake it.
I feel the same way. Also, isn't it nice when you have visitors -- they can just open their laptop and use it. Not 40 minutes of typing strings into little boxes, and streams of error messages. To be honest, it is much easier for me to just leave my AP open, so that each host and wireless card will just work on startup.
I do log my DHCP messages, and the leases are set to something astronomical. It's nice to see MAC addresses and hostnames of some of the visitors that happen by.
Zhrodague.net - I do projects and stuff too.
All it would take would be a little wizard that runs when you try and install your new router that prompted for a router password, ESSID & security string so it can generate a 64-bit key, hell even email the bloody info to them once it is typed in. What the hell, give people no option, it'd be better than nothing.
Just because your paranoid doesn't really mean they aren't out to get you
Just found out about this. Pretty funny.
try { do() || do_not(); } catch (JediException err) { yoda(err); }
I was visiting the beach a couple years ago and ended up talking with a young man about Wifi. He'd setup an open access point in a house on the same road I was staying. He told me to feel free to use it. When I asked him the SSID, he said "linksys". Ahhh, "the default setup" I said. "No problem, I'm the only person" he said.
Later that night, I opened up the laptop and immediately net stumbled on 5 open APs with SSID "linksys".
Which one was the one deliberately open, which one was not? There was no way to tell.
I was in Austin a few years ago and noticed a pattern of SSIDs along the line of "JoesFreeAP" or "WelcomeInOne", etc. Using the SSID to signal intent, though, seems a pretty weak solution.
The article also takes a look at how the prevalent attitude is that tapping in to these connections does not equate to stealing and why still other may disagree.
Remember the Slashdot article about the man arrested in St Petersburg, Florida for stealing wireless internet access from another man?
Those new to wi-fi may leave themselves open, but many commercial business places, even those with a secure ap, often have open aps. I would like to propose that business begin using the word "Public" as part of their open connections if they intend/permit public use of the open aps. I think this would clarify the situation for wi-fi users, and help prevent confusion and possible legal charges against users.
Ad Astra Per Asper
Buddy, believe me, you don't want this.
In South Africa I have a hard cap of 3 gig for which I pay around 40 US (250 SA Rand)to the ISP every month. Additionally I pay the Telkom company another 47 US (295 SA Rand) in addition to the 16 US (100 Rand) I pay for line rental.
If the cap is breached, that's it, no more connection until the next month
NOBODY around here uses an insecure wifi for very long.
"I'm a snake if we disagree"-Jethro Tull, Bungle in the Jungle
I take it you've never set foot inside a court of law.
IANAL, but I work in a courthouse, and here's what the in-house staff told me when I bounced your position off them (once they stopped laughing, that is):
If you try to trot in here with evidence which was solely under your control, which you could have altered at will at any time without impartial witnesses, the only way you'll leave that courtroom will be in little, bitty pieces.
'Nuff said.
Regards;
...except that it's an explicit violation of my ToS--and I DO respect contracts I sign.
I would rather see people "stick it to the man" while playing by the man's rules. Fine, form a cooperative and network the neighborhood, whatever. However, people have a very, very distorted view of what they are getting for $49.95. "Piggybacking" so many users maxes out the available bandwidth. If enough people do this, it becomes a tragedy of the commons. So, right, it would take an entire neighborhood of, say, 60 [REASONABLY PRUDENT] connections to truly max out a 4Mbps connection. Well, folks, businesses pay on the order of $3k/month for that kind of connectivity. Is it any surprise that your $50/month internet connection is 1/60th that if you could conceivably put 60 people on it? Is it any surprise that, given that, your internet provider expects you to keep your connection private?
Yeah, yeah, small businesses are offered DSL And Cable too, but they're marketed on the same assumptions as residential plans: namely, that most people will use about 2% of their service. The point is, if a large enough people start piggybacking like this, you'll quickly find yourself paying for cable and DSL the same rates that businesses pay for the T1s to OC192s that your residential and small business connections link to. "The man" is not "sticking it to you." You're just buying a service at a price you can afford in a model your vendor can afford.
. . . . If there weren't so many creeps out there.
Fifteen years ago, the Internet was such a nice, genteel place; college students, professors, engineers, the occasional military professional. The closest anyone got to bad manners was sending an email in all-caps.
Then the General Public wanted in, and the Internet community, being such good people, decided to "share their toys with the other children."
The result: Pr0n, spam, worms, viruses, trojans, DDoS attacks (often preceded by extortion attempts), phishing . . . et-cetera.
A bit of a come-down, I'm afraid; and for some reason it all started when everyone and their dog Spot was given unlimited, effectively anonymous access to the net. Much like your proposal for open wireless. Fancy that.
There will always be jerks out there. There will always be criminals. And I am sure they will all be quite grateful for your largesse.
P.S.: Tell the RIAA and kiddie-porn cops I said "hello."
Regards;
I agree. One lousy little wizard, and they were too cheap to do even that.
I've found LINKSYS SSIDs in government offices, for God's sake. Hanging wide open.
8P
Regards;
Most store-bought routers do have the ability to manage, watch, or log the computers currently connected (by MAC and/or hostname). No reason one couldn't knock the neighbour off if he was overusing when you need it, or blacklist him if he's doign so consistently.
p roduct.asp?sku=USR5420" ... (though not linux supported, should be usable if I paid the $20 for 'driverloader'). It might be fun to one day setup my server to round-robin the wireless connections in the neighbourhood, picking up strong WiFi and perhaps bleeding some of the excess P2P traffic off our own network in a "neighbourhood relay" of local volunteer networks. Overall if enough people joined in we might get an overall better speed by reducing saturation on any given connection...
I think I'd rather come up to a compromise... have him create a shared folder with his downloads, and then let me leech anything I need.
What scares me more is my roomate, he has open writable shares on his open wireless connection... which was to make it easier in transferring files to/from other machines in the house (and with his brother). On the same network, I have a samba server which isn't as easily visible through his wireless router, and a wireless router of my own which is connected to a non-routing port (my server does DHCP), but doesn't broadcast SSID.
I don't mind if others connect to my WAP, but I don't care for making it 100% visible either. I also route all 'net traffic through my server, which handles the DHCP, etc rather than letting the wireless do so. If need be I could use a VPN for encryption or perhaps shape the traffic a bit... but so far nobody is really leeching much of our WLAN so I won't bother.
We have both noticed a lot of open networks in the area though, and I've considered that we do have a couple of motorola USB-wireless cards - which sucks dogmeat in windows due to crap drivers... "http://www.usr.com/products/networking/wireless-
screw that. at the last ITEC show I set up my laptop as a wireless AP with a DNS server running as well as a webserver running serving cached versions of popular websites. I was able to collect 59 ebay usernames and passwords, 20 Yahoo.com username and passwords as well as some mail.google.com credentials.
I then handed the info off to the security presenter that used the information in his talk about how security is not taken serious by employees and showed the proof that even the "pros" here even connected to an AP without verifying it's legitimacy.
If I was a black-hat I would have had lots of juicy data to sell that was insanely easy to gather.
Users, even advanced users are pretty damned lazy when it comes to security
Do not look at laser with remaining good eye.
If you had to pay for bandwidth based on how much you used, people wouldn't do share.
Yes, if ISPs ever start charging for web-site hosting based on usage, the internet would be decimated. Nobody would put up personal pages or blogs or their quirky projects anymore.
I've looked into this from time to time, but overall it seemed quite a lot of trouble. Know any good places to find info on starting traffic-shaping with IPTables (I've heard it's easier on BSD, but I've too little time to switch my server over to that just yet).
How might the world be different if the major wireless router makers provided, by default, a way for users to share their bandwidth riches, without compromising their own access or security?
A good default setup might include features like:
This wouldn't cost the manufacturer much (a few man-months of firmware development?). And under the current pricing model, it wouldn't cost me anything. But it would encourage free access by all, and by making it easier for me to endorse sharing of my bandwidth, it would remove some of the present ambiguity regarding "is this connection intentionally open, or am I in fact stealing this guy's bandwitdth?"
No, I believe he means that people who might not otherwise STEAL are now STEALING.
They're jackasses at best.
The fact that the people they're stealing from others who range from clueless to idiots doesn'tc hange the fact that they are stealing.
If you want to run an open WAP, great. DO it in a way everyone knows it's open, and then nobody is stealing, only you are paying, you feel good, they get free access, everyone is happy. Nothing wrong with that.
But there's precious little moral difference between "piggybacking" (how wonderful it is to create new terms, or usage for old terms, that makes crime and immorality sound OK!) and my "borrowing" your lawn mower, or boinking your spouse, or siphoning some of your gas out of your car. Or using your bus fare, or taking your bike, or otherwise impacting the cost of your getting to work. (Assuming you work. How would I know?)
In at least the way I do it: I simply use DHCP. I ask for an address and DNS info. The network can say "bugger off" or "welcome aboard." The humans involved may be clueless or may be offering access intentionally, but the best indicator available on an open access point is through the simple DHCP request, which can easily be denied.
Your sense of ethics may provide you with a different attitude towards this, but I'm very comfortable with it: I asked for access, and handing me an IP and info on how to resolve names is permission. If someone operates a device that they don't understand in the slightest, they don't have a basis for being pissy about other people getting on the 'net through them. They can RTFM or STFU; they are not being "hacked" and it is not "unauthorized entry."
>>> There are no laws that makes you automatically responsible for traffic on you network, phone lines, etc.
The same is true in the US. The tinfoil hat crowd is proclaiming doom and gloom when in fact I know of no cases where a person has been prosecuted for unwittingly allowing someone else to use their WiFI connection for nefarious purposes.
People are paranoid because nearly everyone in the US is a lawbreaker. No one obeys the speed limit, nearly everyone with a computer pirates music and movies, maybe half the population has drugs or porn in the house, so there's good reason to be paranoid since enforcement of laws becomes a purely arbitrary and political act. Look at our current and past president, one gets impeached for lying about a cum stain on a dress, the other starts a war under false pretenses that results in the deaths of thousands of people, and nothing happens.
I was at a friend's house who didn't have easily accessible Internet, but her neighbor did, an unprotected Linksys 802.11b router. I got online, did what I had to do, and got off. I suppose the moral equivalent would be walking into the unlocked front door of a house, watching their tv and sitting on their couch for a while, then leaving without taking anything. It is hard to argue stealing if they are not actually deprived of anything. Maybe their connection ran a wee bit slower for a few minutes because it was being shared. I can't imagine that in the house/tv situation, after being arrested and brought before a magistrate, that I'd get much more than a slap on the wrist. I would expect the judge to admonish the homeowner to lock their door as well.
Oh there's no doubt in my mind it's stealing....but does anyone really care? Apparently not or there would at least be SOME effort made to educate.
Amateur Match
Open or not, what's the difference? 5 minutes searching on google will show you how to break into pretty much any WEP secured WAP, 64 bit or 128 bit. That's probably 2/3 of the people who have secured internet in the first place. From there, most people leave the router's login (192.168.0.1 or 192.168.1.1) as admin/blank or blank/admin or admin/admin. Even the people who think they are secured are a joke really. Unless you have a strong password and WPA you are pretty much ripe for the picking.
Campbell's new product - "Primordial Soup."
Stealing access is a crime (see previous article on man charged in Florida http://hardware.slashdot.org/article.pl?sid=05/07/ 06/0217252 )
BUT, most routers in "promiscuous mode" are literally INVITING people to join their network. They broadcast themselves as an open network, and many computers will connect to such a network near-automatically. It is like having a store with an "OPEN" sign-- the network invites those listening to walk in without further announcement.(UNLIKE an unlocked house door, which is open but does NOT announce and invite)
Many users might accidentally connect to such a network without realizing that they have connected to the wrong network (say at home, while believing that they are connected to their own network-- a security risk for the person connecting!)
These people probably have a defense: was invited & didn't know it was wrong.
On the other hand, those who display bad intentions or otherwise indicate that they know they are doing something wrong probably fall afoul of the law.
The person in the Florida case probably falls into this group, simply because he acted surreptitious==indicated that he knew he was doing something wrong.
Unfortunately, this leaves the legality dependent on INTENT, which means that a court decision on subjective things such as behavior would decide the legality after the fact.
Unless routers are secured OR require a "terms of service" which specifies how one is "truly invited", then anybody using a wireless access point could find themselves having to argue over how they were invited. For instance, did you have a vague conversation with your neighbor that he may or may not remember? Did a neighbor say that they "wouldn't mind such connections" in passing without realizing how their bandwidth might be affected?(perhaps while discussing security with them?) Did a neighbor say "sure connect to it" without giving a specific time limit?
If the invitation broadcast by a router is considered "too general" to be binding, them one has to ask how specific an invitation needs to be. Most people would not expect to have to give a written invitation for visitors to a house or business.
William
Why the hell is everything some whiner doesn't like "stealing"? First it's copying music, now it's open Wifi? Gimme a break.
I would tend to leave mine open, outside the firewall, when I had it. On the odd occasion someone was hogging badnwidth, I'd turn it off. Nobody was depriving me of the use of my services, never mind property.
This tendency to insinuate theft into everything rude is getting ridiculous.
Maybe by the time IPv6 finally becomes pervasive we can use all of these unsecured WAPs as part of a big Mesh network to increase bandwidth without laying more fiber (or lighting up more of the dark fiber).
Forget about people "stealing" your pipe when you're actively part of a HUGE MAN (Metro Area Net) pipe.
I was at my buddy's the other day while he was not there. i knew he had wifi and figured he didn't secure it (he is not the type). not only was it not secure in any way, the ssid was the address of his house. that is classic.
In the US, ostensibly the burden of proof is on the accuser. They need to prove it was you, you don't need to prove your innocence. For this reason, open access points are a good legal protection!
My feeling on the matter is that if the AP is open, broadcasting & handing out connections then you're more than welcome to use it. Personally I lock mine down by MAC filtering which easily dissuades the casual attempt to connect. I dont have a problem with sharing, I just have a problem with someone hogging my bandwidth. Maybe one of these days I'll setup 10% of the bandwidth as publicly shared (limit ports, of course).. but until then, if you're stupid enough to leave your AP in promiscuous mode you're gonna catch something.
The two places I've used "free" bikes are Copenhagen in ~2000 and Livermore Labs. Both are big flat areas wonderful for biking in. Livermore Labs is the easy case - it's a square mile campus surrounded by fences and armed guards :-) In Copenhagen, the bikes aren't exactly free - you put a ~4Euro coin in the slot to get the bike, and you get your coin back when you put the bike back on the appropriate bike racks, and as the guidebook says "If you don't feel like returning your bike, some local person will be happy to do it for you" (which proved to be true for a bike parked in a dark alley for 15 minutes :-) The bikes are made in the local prison using a weird design that makes the parts not useful on regular bikes, but I guess teenagers doing stunts don't care much - as long as the coinbox mechanism on the handlebars still works, you'll get your coins back.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
One of my friends says he used to leave his wireless access point open so the neighbor's kid could surf without parental supervision, but eventually somebody started doing enough filesharing that his performance was unusable, so he shut it off.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
This all comes down to reasonable doubt. I'm sure law enforcement doesn't like it, but given the number of wireless APs out there that are deliberatly or accidentally open out there (how is the average joe to know that WEP and setting a non-default channel will NOT keep people out for long) a simple log of activity on a particular IP address may indicate a direction of investigation, but certainly does not constitute proof of guilt.
In spite of the problems for law enforcement, the good neighbor free-sharing is GOOD for society as a whole. Where the various municipal and community WISPs may be killed by lobbiests with under the table bribes, the grass roots approach of simply not bothering to secure APs against more or less harmless (if your machines are set up properly) sharing might succeed.
I don't particularly bother securing my wireless. All of my important traffic goes through ssh anyway. I don't really care if my neighbors know I read /.
If I REALLY cared, I would just send all of my wireless traffic through a crypto tunnel to a hardwired machine and then out to the net, but I don't.
I wouldn't be too surprised to see the various Linux distros for APs supporting prioritization based on MAC out of the box. That way, you could easily configure an open AP that only lets your neighbors have whatever you're not using yourself.
What needs to be re-examined is the current obsessive/compulsive business fad of willingly spending $10.00/penny to make sure nothing slips through the cracks and believing it's actually saving money. Worse, many want to insist that everyone else does the same.
Hate to say this, but RTFM. True they are sent open, but as a number of you have pointed out, it is so simple to make secure. A single page in the manual covers the "complicated" topic and any monkey could secure their Wifi.
Anyway, I point you all to http://news.bbc.co.uk/1/hi/technology/4721723.stm
Thursday, 28 July 2005, UK, a guy prosecuted for Wireless hijacking, interestingly under a communications act. Classed as stealing. Much the same as joyriding a vehicle is classed as stealing.
The person installing the network, be they a home user or a business, has ultimate responsibility for any criminal activity that takes place on that network, whether it be launching a hack attack or downloading illegal pornography.
If you want to help create a hot-spot community there are companies out there that can help and configure everything correctly...
Global dimming - The clock is ticking...
so if you want to paypal me a buck, go for it...