Slashdot Mirror
Neighborhood WiFi Security
picaro writes to tell us the New York Times has an interesting piece about the abundance of open wireless connections available due to the lack of the average user's knowledge. The article also takes a look at how the prevalent attitude is that tapping in to these connections does not equate to stealing and why still other may disagree. From the article: "Piggybacking, the usually unauthorized tapping into someone else's wireless Internet connection, is no longer the exclusive domain of pilfering computer geeks or shady hackers cruising for unguarded networks. Ordinarily upstanding people are tapping in. As they do, new sets of Internet behaviors are creeping into America's popular culture."
Ordinarily upstanding people are tapping in. As they do, new sets of Internet behaviors are creeping into America's popular culture.
Yeah, like computer users getting sued by the RIAA when they have never used any P2P software on their machine, for example...
The problem with securing your machines and opening the AP is that certain ISP services (mainly SMTP servers for outgoing mail) don't require any authentication as the ISP assumes that who ever has physical access to the connection is the authorized user. Someone 'sharing' the connection could be using it to borrow the ISP SMTP server for sending out spam or other unwelcome email.
Of course this can be resolved by putting the access point on the right side of well configured firewall, just pointing out there is more to consider than just securing your machine.
All I got was "That shouldn't be allowed".
Under my own initiative, I then put a fairly long encryption key on their network and password protected the router config. I know it's weak security, but it's better than none at all.
That is how much people care about security. I explained to my uncle the other day about how spyware can log your key presses and report them back to a server. He was shocked and outraged, for about 1 second. Once his computer was clean enough to be usable, he was satisfied (this is a home & business computer, used for EBAY).
Nobody gives a shit about anything to do with computers. It seems that the current parent generation was lead to believe that technology would make life easier and do all the work for them, when the reality is that it's actually replaced much of the work. God knows what long term effects this will have on computing.
Traffic shaping will do the trick just fine.
Have two HTB branches: one for yourself, one for good-neighbour sharing. You can set it up so the latter will be starved or almost-starved whenever you need the bandwidth. And then you can fine-tune the branches to care about TOS, etc.
Besides, traffic shaping is mandatory anyway if you want to even think about using ssh while you're downloading something.
The creatures outside looked from Alt-Right to Antifa; but already it was impossible to say which was which.
In other words, everyone except IT-techs have a carte blanche? Because you can't expect the ordinary user to know or even have a firewall, virus utilities or packet filters?
And is it not negligence when I see my computer slow to a crawl (because it's filled with trojans that hook every single API in the system) and ignore it? Is it not negligence when I see sexpages pop up even if I surf towards Disney (because my machine is filled with adware bombers)? Is it not negligence when my connection is noticably slowing to a crawl (when my computer is spewing out torrents of spam)?
When I leave my door unlocked (just closed, but unlocked), I'm considered negligent when someone breaks into my house and steals my possessions, my insurance will brush it off and I'll sit here alone in my empty home. Worse, when I leave my car keys in the car and someone steals it, committing a crime in the process far worse than stealing my car (like, say, withdraw some money from the local bank using his iron mastercard...), I'm probably guilty of aiding a criminal.
Why is that different when it comes to computers and computer criminality?
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
I have read about other people's posts abot leaving your access point open and sharing the connection. Around here (Puerto Rico), people would just mess your resources up. I have a 1024 Kb down/ 512Kb up cable connection that I distribute among my two computers (one for light e-mail and downloading and another that I connect through the net from work). and I personally took care of security (MAC address filtering + best encryption supported by the AP).
The things is, people have attempted to get in and disable my equipment. People can and will use the wireless connection to do mischievous things. They get no access from me.
Open access is fine if you have an agreement with your neighbohrs and/or you have a common wifi provider (many new housing development are now including wifi from the get go). Otherwise, is just asking for trouble.
--MaxPowerDJ
You are right, the only person who should bring the network to is knees is me.I do this by configuring my router so the bittorrent ports go to my machine, and not to any of those evil piggybackers.
I actually run an open network for a number of reasons
-I cant be bothered to set up access for overnight guests and other visitors
-I explicitly allow a neighbour to share
-I dont think classic WEP, that some of my hardware is, is at all secure.
-Knowing the net is open forces me to lock down the boxes better. All firewalled, no SMB connectivity (SSH/SCP to the server only).
And finally: I like it when I get free networks when I travel, and want to share the joy. Saturday: father in law's house, public network "linksys". Last summer -stuck at my mother's house for a few days. Public network from a neighbour. I dont care whether these people did it on purpose or through ignorance, I benefit, and their cost is minimal.
I believe that you can get firmware for the linksys WRT54G boxes that let you throttle guests...
-steve
At first I was thinking - whoa, you're very open minded. Then I realized you wrote wifi instead of wife. I need some coffee.
I understand what you're saying about the open access, and it's a nice thing to do - but there's no way in hell I'm going to go through the federal investigation process or even chance the possibility of going to prison, for my neighbors kiddie porn habit. Sorry. My life and the potential hassle is worth way more than him saving $39.95 on his cable bill. You're being nice, and that's applaudable, but if anything does happen - you're going to have a tough time proving it was not you.
You: but I have logs!
Them: How convenient. The accused has evidence pointing to someone else. Is it unaltered proof?
You: Of course! These are the raw server logs!
Them: Logs, from your firewall?
You: Yes!
Them: A firewall which you have administrative access to, and can change the logs at will?
You: Uh, yeah. But I didn't change them.
Them: So the logs very well could be altered. And it would be in your best interest for that to happen?
You: WTF man... I didn't do it.
Don't expect your freeloader neighbor to step up and take a federal sentence when it comes down to it, and don't put your life in a position where it depends on the justice system to "get it right". Ken Lay, OJ, and lots of others are walking around free men today..
I was told that I could listen to the radio at a reasonable volume from nine to eleven...