Slashdot Mirror
Neighborhood WiFi Security
picaro writes to tell us the New York Times has an interesting piece about the abundance of open wireless connections available due to the lack of the average user's knowledge. The article also takes a look at how the prevalent attitude is that tapping in to these connections does not equate to stealing and why still other may disagree. From the article: "Piggybacking, the usually unauthorized tapping into someone else's wireless Internet connection, is no longer the exclusive domain of pilfering computer geeks or shady hackers cruising for unguarded networks. Ordinarily upstanding people are tapping in. As they do, new sets of Internet behaviors are creeping into America's popular culture."
Civilization, the death of dreams.
Some cities have implemented systems where you can borrow one of the public bicycles that are painted with an ugly colorscheme and use it to go where you need to go. Someone can then, in turn, borrow that bike from you after you've parked it. It's an interesting system because the bikes are just community property and everyone has the right to ride them.
Ordinarily upstanding people are tapping in. As they do, new sets of Internet behaviors are creeping into America's popular culture.
Yeah, like computer users getting sued by the RIAA when they have never used any P2P software on their machine, for example...
My neighbour bought an access point!
Old joke, I know. But so true. And why? Because without fault, ALL APs are configured to accept any and all connections by default. And why? Because otherwise, clueless people would swarm the manufacturer's call center asking how to connect.
When it's configured in nymphomaniac mode (i.e. do it with everyone you can get), people can connect, they're happy and won't even bother thinking about securing their 'net. At least until the feds knock at their door, asking a few dumb questions about movies and pron.
But that's no problem either, because in our legislative, being clueless on the net is appearantly an excuse for committing any crime. You participated in a DDoS because your computer contains more malware than other programs? No worries, you didn't know, you're not to blame. Your connection was used to run an illegal server? No worries, it wasn't your fault, your computer was abused as a server.
Usually not knowing it's a crime is no get outta jail card. When it comes to the 'net, it is. Maybe 'cause legislators and judges are predominantly clueless in respect to the net as well.
Hey, self interest!
But as long as it's an excuse to shrug your shoulders and claim you didn't know what you're doing, people won't get wiser.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Is Ric Romero writing for the NYT now!?
Can we borrow an 'obvious' tag from our friends at Fark.com?
AT&ROFLMAO
As they do, new sets of Internet behaviors are creeping into America's popular culture.
you mean "SHARING" something?
perpetually dwelling in the -1 pits
In a semi-related story... I was at a friend's place last week and I wanted to transfer to him some audio-recordings of my band's recent practice. I asked him, "Do you have a wireless network or anything set up here?" ... He said how he didn't want to "get into that wireless stuff" because there are apparently so many people who would hack into his wifi network or whatever. That, and there are people who drive around in vans with gear to hijack peoples' wireless networks.
During the minute or so that he was going on about this stuff, I found about 3 open wireless networks in range. I connected to one of them, logged into MSN Messenger and laughed as he saw a little notification pop up on his PC screen that indicated that I had just come online.
If you had to pay for bandwidth based on how much you used, people wouldn't do share. Also, telco companies wouldn't be floating the concept of charging more for various services (e.g. VOIP, or VOD).
Does anyone know why it is that companies don't just charge for bandwidth, the way they do with a colo? Is it really so complicated?
That would be nice to for mom-and-pop -- they wouldn't have big fixed-fees due to heavy users like myself.
http://www.thebricktestament.com/the_law/when_to_
I was sitting at a McDonald's with my laptop during a road trip. There were two wifi networks available. One was titled 'McDonald's' and the other was titled 'BetterThanMcDonald's.' I used the latter. I love when people do that..
--- We need more Ron Paul!
I've often thought about openning my AP, but I just know that after a week or two some jerk is going to use my DSL connection as his own personal torrent link. If I was using someone's DSL connection I'd limit myself to just normal browsing and light email. Those morons ruin it for everyone else.
With regard to securing access points, I've thought of a better way of setting things up properly (someone may already have thought of it). You plug your computer in to the AP for the first time via an Ethernet cable. You go into the settings, and click an option to setup the AP. The AP creates a secure WPA key using random characters. It then spits out a small script for you to download. You execute the script as Administrator or root, and it automatically configures your OS for the AP, with the right key and everything. After this you can use the AP wirelessly.
There would be some problems though, mostly checking the OS type and having to write scripts for Windows, OS X and Linux. But I reckon it could be done.
Just out of interest what does your contract with your ISP have to say about sharing your connection ?
In the UK all the ISPs I have ever dealt with have stipulated no sharing, not even a home network with two plus computers.
Not something I keep to mind, but worth bearing in mind if things ever do get nasty.
ERR 411[Max number of witty sigs reached]
I think it's probably because the fairly large percentage of low-bandwidth users (simply email & minimal surfing, no mp3s/videos/p2p) would be a total loss of profit to the ISPs, if they started charging based on actual bandwidth usage.
They can make an unbelievable amount of money because while the ISP might pay for their connection by bandwidth used, their users (you and I) are paying a flat-rate (and probably artificially large) monthly fee regardless of bandwidth usage.
What I'm trying to get across is, they can charge a nice high monthly fee, which might easily cover, let's say, 20gb of up/down bandwidth per month. If an ISP's user is only using 1-2gb per month for their email, random family photo attachments, and maybe a few mp3s from iTunes... Well.. the ISP just got enough money to cover 20 gb of bandwidth, but only 2gb were used.
This situation has existed for a very long time in regards to net access - since dialup net access because a common thing, essentially. I remember fixing a family's computer and for whatever reason having to check out their dialup account configuration at their ISP. I noticed they only spent like 10 hours online per month, but of course their package allowed something like 100 hours. The ISP surely loved them...
A lot of ISPs here in the UK do indeed offer plans with a monthly bandwidth usage cap. If you exceed the cap, you pay for the extra you use, generally in 1GB chunks. I beleive that some ISPs offer the user the choice to have their access cut off if they exceed the cap, rather than be charged for more.
Those plans tend to be a little cheaper than the uncapped ones, but not by as much as you might expect. For example, I have an uncapped plan, which is only a couple of pounds more per month than my parents' capped plan (same connection speeds, same ISP).
It's official. Most of you are morons.
I not only run an open node, but make sure that my neighbors know that it's there. Failing to secure an access point isn't a lack of user knowledge, it is common courtesy.
All I got was "That shouldn't be allowed".
Under my own initiative, I then put a fairly long encryption key on their network and password protected the router config. I know it's weak security, but it's better than none at all.
That is how much people care about security. I explained to my uncle the other day about how spyware can log your key presses and report them back to a server. He was shocked and outraged, for about 1 second. Once his computer was clean enough to be usable, he was satisfied (this is a home & business computer, used for EBAY).
Nobody gives a shit about anything to do with computers. It seems that the current parent generation was lead to believe that technology would make life easier and do all the work for them, when the reality is that it's actually replaced much of the work. God knows what long term effects this will have on computing.
I was on my way to Toronto, stopped in a Tim Horton's, and because I was working on something rather important and there was a heavy wind/snowstorm going on I whipped out my laptop. I couple sitting at the table over from me wanted to check their email, but was unsure of how I was getting internet. I explained that I was getting internet from some generous local person, they tried to get wireless working, though their laptop's card wasn't powerful enough. So I gave them Netstumbeler and taught them how to use it. I'll bet they're going to be wardriving alot more now ;P
The thing was, these guys had an open mind about security, they didn't mind trotting into other people's wireless network any more than I did. It is because of the generosity of the people who left the access points open.
I leave mine open on a another network, just on principle. I limit the bandwidth to un-filtered addresses, just due to the generosity I've received in connecting to others.
I think a lot of people have an open WiFi connection for the rest of the world to use. This however is not only because they want to give some protest but also to simply add a other node to the ever growing number of open "uplinks".
As more and more people are doing so at the moment it becomes easy for traveling laptop users to get online everywhere they want. Closing you "uplink" will become more and more rude in the global opinion I think. Sharing the connection will become more natural to people as they become more aware of the benefit they have from the open uplinks offered by other users.
WiFi will become eventually something like opensource code, sharing and be shared only here we are not talking about code but about internet access. You give access to users and those users give you access in return.
At least this is my opinion.
Regards,
Johan Louwers
Regards, Johan Louwers.
Actually, it is 100% possible for you to set up traffic bandwidth shaping so that any particular IP is only allowed a certain amount of bandwidth, for example.
... It's a bit technical but a useful resource nonetheless.
Use a UNIX-like machine as a router/firewall for your network, and you suddenly have amazingly detailed networking possibilities within your reach. I strongly suggest reading the Linux Network Administrator's Guide. Even though it's getting a little outdated it has some downright cool-ass information within.
Of course, few users are technically adept enough to actually set up a router like this, but I'm sure it has been used a lot for people who want to keep their wifi access "open", but safely limited.
On a related note there are pre-built linux firewall packages out there which will surprisingly easily allow you to do what I was just talking about.
Also, here is the Linux Advanced Routing & Traffic Control HOWTO
I wonder when/if we're going to start seeing stories about people setting up open WAP's as honeypots? In other words, set up an open AP, for the sole purpose of comprimising hapless piggybackers that connect to it with relatively unsecured machines -- I think it would be hilarious and a nice little piece of payback for those folks that thinks it's okay to piggyback off resources that someone else if paying for (with a little publicity might make people think twice about piggybacking).
Of course if you're too clueless (or too lazy) to take any steps to secure your wireless network then you probably shouldn't be complaining when someone else takes it upon themselves to utilize the resources that you've basically left laying around in public, I mean it's akin to putting a wad of money out on the sidewalk in front of your house and expecting it to be there next week.
Securing your WAP isn't any great task, the OEM's producing these devices for home/small business networks have made it very easy to do, have for the most part documented it well and there are a plethora of resources on-line to supplement the OEM documentation. No excuse not to do it, unless of course you really don't care that any Tom, Dick or Harry can connect to your home LAN and basically do whatever they want with that connection, including poking around on every machine you have connected to it as well utilize your Internet connection for whatever they feel like doing with it.
If you're going to offer a free wifi access point then please also run a Tor exit node.
it's a blue bright blue Saturday hey hey
One is connected to my cable modem, and is linked to the second one through a vlan. The second one's wifi card is in client mode, and connects itself to the AP of a little shop under my flat, using it as its default gateway. Add a little script on the first one which will change the routing tables to use the second router as gateway if my cable provider's gateway is unaccessible, and there you have it: totally transparent, free redundant connection for the whole network. Even the machines without wifi since their gateway is still the first router...
I'm going to shape the traffic on the second one to limit p2p use on that connection since the purpose is not to suck their bandwith to death though...
I have read about other people's posts abot leaving your access point open and sharing the connection. Around here (Puerto Rico), people would just mess your resources up. I have a 1024 Kb down/ 512Kb up cable connection that I distribute among my two computers (one for light e-mail and downloading and another that I connect through the net from work). and I personally took care of security (MAC address filtering + best encryption supported by the AP).
The things is, people have attempted to get in and disable my equipment. People can and will use the wireless connection to do mischievous things. They get no access from me.
Open access is fine if you have an agreement with your neighbohrs and/or you have a common wifi provider (many new housing development are now including wifi from the get go). Otherwise, is just asking for trouble.
--MaxPowerDJ
At first I was thinking - whoa, you're very open minded. Then I realized you wrote wifi instead of wife. I need some coffee.
I understand what you're saying about the open access, and it's a nice thing to do - but there's no way in hell I'm going to go through the federal investigation process or even chance the possibility of going to prison, for my neighbors kiddie porn habit. Sorry. My life and the potential hassle is worth way more than him saving $39.95 on his cable bill. You're being nice, and that's applaudable, but if anything does happen - you're going to have a tough time proving it was not you.
You: but I have logs!
Them: How convenient. The accused has evidence pointing to someone else. Is it unaltered proof?
You: Of course! These are the raw server logs!
Them: Logs, from your firewall?
You: Yes!
Them: A firewall which you have administrative access to, and can change the logs at will?
You: Uh, yeah. But I didn't change them.
Them: So the logs very well could be altered. And it would be in your best interest for that to happen?
You: WTF man... I didn't do it.
Don't expect your freeloader neighbor to step up and take a federal sentence when it comes down to it, and don't put your life in a position where it depends on the justice system to "get it right". Ken Lay, OJ, and lots of others are walking around free men today..
I was told that I could listen to the radio at a reasonable volume from nine to eleven...
But at least they didn't play the TERRORIST card.
I just found, during a firmware upgrade for my Linksys Wireless G VPN Router, that there is a new feature built in which allows you to configure your access point to use a paid, third party service through "Boingo" (dunno what that is, don't want to spend the 2 seconds it will take to find out) to charge for your access.
Yes, folks, the Linksys router you bought can now be configured with one of those "Welcome" screens just like at McDonald's, so you can welcome your neighbours to your wireless access point and start charging them by the hour to pay your monthly broadband bills!
Upgrade your firmware today and start making $$$ from your home!
I don't do it to torment my neighbors though, I just happen to trust the swan guys a whole lot more than the WEP guys to design a network encryption setup that doesn't suck.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
I don't open my AP, and here's why: People still don't understand enough about how their computers and the networks that connect them work to be trusted in my environment. Having recently left college, I was around when my fraternity put in wired ethernet and later wireless APs. We told everyone when we put everything in, "We all share this $N k/sec. line. Do not hog bandwidth. Limit your downloads. This network is intended to allow brothers to do schoolwork in-house, rather than haul to campus." I must say that all of my fraternity brothers were pretty level-headed. None of them would have actively screwed over another brother. But, invariably, once a week or more the net would stop dead because one of them had Kazaa up, downloading seven seasons of anime and leaving their uploads unlimited. They weren't trying to be jerks, they just didn't understand how the network worked and how much bandwidth they were using.
So, I keep my AP closed. If I knew that my neighbors were knowledgeable, I'd open it to them. I open the network to anyone who visits me in my home - where I can click them off if they do something stupid. Unknowns - never on my network.
When I moved into my new place over new year I was told at the last minute by my ISP (who I had primed three weeks before about the move) that I would have to wait a further three weeks.. Now I work from home so this left me with a bit of a problem. Fortunately there were several people with completely unsecured connections, who saved my piggybackin' bacon in those three weeks. Now, I would have like to go and asked their permission, but its difficult to tell in such a densely populated area who the owner would be.. They were weak signals too so could've been anywhere in a wide radius. Perhaps the next generation of WiFi access protocols could allow you to add a name and address tag of sorts.. But maybe someone would present the downside of this to me? I can't think of one right now, but I'm sure there is something..
1) the ability to easily set up a DMZ. I can firewall off my internal network easy enough, but if we want Joe User to do it, it needs to be easy and obvious to set up a free area that is distinct from the walled off internal network.
Well, give 'em some time. It is easy enough with an industrial grade (IE: Cisco) router. The Linksys stuff will get there eventually. Actually, there is a DMZ option on my Linksys. It should be easy enough to set up a second router on its own subnet and plug the AP into it. But I know what you mean, Joe Sixpack would never be able to figure that one out.
2) Bandwidth throttling based on the above mentioned DMZ. If you are in the DMZ, you may use x% of the available bandwidth. If you are on the internal network, regular rules apply.
See above.
3) Hot chicks in every box.
Already there: http://www.page3.com/
4) Mesh network capabilities. Each unit should seek out other units in range and create an ad hoc mesh network. This would be the first step toward taking the Internet back from the corporations currently in control.
Does anyone know of a real world mesh network? Not a test, not some grad student's thesis, but a real, I can buy/download software today mesh net?
5) Real range. I mean like at least 50 yards, but I'd prefer a lot more. When it comes to range, there is no "too much" only "not enough".
There are 2 ways to increase range: Increase power levels (not permitted due to FCC rules), or decrease noise (get rid of all those microwave ovens, cordless phones, other APs, and the sun). WiMAX may change this, since it will be possible to license bandwidth, but I doubt that non-incorporated Americans will be able to get one.
"Well, good luck finding a judge that doesn't run a bestiality site."
Just found out about this. Pretty funny.
try { do() || do_not(); } catch (JediException err) { yoda(err); }
The article also takes a look at how the prevalent attitude is that tapping in to these connections does not equate to stealing and why still other may disagree.
Remember the Slashdot article about the man arrested in St Petersburg, Florida for stealing wireless internet access from another man?