Slashdot Mirror

← Back to Stories (view on slashdot.org)

Sydney Has 10,000 Unsecured Wi-Fi Points

Posted by samzenpus on from the throw-a-dart dept.

daria42 writes "A bunch of researchers have been driving around Sydney, Australia, and scanning for unsecured Wi-Fi networks. You'd think that in this day and age, with all that we've learned about security, that Wi-Fi security would be almost universal ... but the truth is that about 2.6 percent don't even have basic password protection. Extrapolating a little, that adds up to 10,000 unsecured Wi-Fi networks across Sydney alone."

6 of 176 comments (clear)

  1. How many of those were buinesses..... by robthebloke · · Score: 4, Insightful

    .. .providing a nice free service for their customers? heck, I even use the free unsecured internet access on the bus these days!

    1. Re:How many of those were buinesses..... by Cimexus · · Score: 4, Insightful

      That was my thought at first too. Are some of them businesses? Or are some of them 'open' (in terms of not having a WEP/WPA password) but actually still require further authentication once connected (e.g. a VPN or a gateway which requires a username/password).

      However now that I read TFA, I see that the observations were made only in residential areas (i.e. suburban streets). You would not expect to find many businesses in these areas. I'm sure a couple might have been, but not that many. So yeah it'll mostly be clueless people who haven't secured their home WiFi networks, it seems.

      10,000 points in a city the size of Sydney is hardly that amazing though...

  2. Hell we have a few thousand on campus by Sycraft-fu · · Score: 4, Insightful

    We'll probably have 10,000 or more when done. The goal is to have a complete coverage network, I'm talking everywhere, no drops. The building I work in has a couple hundred (we actually found a bug in old Intel wireless drivers, they couldn't handle over 99 visible APs). Every one has an unsecured network on it. The reason is we wish to provide visitors and guests with an easy way to get on the Internet. It is limited, web only, speed filters and so on, but it is open. The same APs also have secured networks on them, there is a WPA2-Enterprise network that you can access with your campus login and password that then has no speed or port restrictions, but of course you need a campus login. There is a VoIP network too (the reason for total coverage) but it is just for testing at this point.

    It has nothing to do with being unaware of security, everything to do with not being assholes. A PSK security system would be worthless. It would be an unadministratable nightmare to try and change the password often enough and distribute it to do any good. Enterprise security works great for students, employees, and so on but isn't very helpful when you are talking guests, or just the public who wants to use our facilities (and we are a public institution and so have a duty to them). So open is the answer. You get on, it directs you to a "You agree to this shit," page, and away you go.

  3. Some might be intentional by the_other_chewey · · Score: 4, Interesting

    Some of those might be intentional: I run an unencrypted wifi AP which is
    bandwidth limited and routed through Tor as a public service. It is used regularly.

    Also not covered will be those with open APs but additional authentification/encryption
    layers, e.g. using a VPN.

    Around here (not Australia, admittedly), open wifi is nearly non-existent (and all open
    ones I've encountered over the last two years or so seem to fall into the categories above) -
    WEP "secured" APs are another story however, there is still a worrying number of those around.
    And I'm certain most WEP users are entirely unaware of their de-facto openness.

    1. Re:Some might be intentional by chewedtoothpick · · Score: 4, Interesting

      What is sad is that most of those WEP AP's were done (some likely recently) by supposedly knowledgeable people, such as WorstBuy's IdiotSquad.

      As a consultant it's infuriating how often I will come across new clients (even many companies) whose WiFi networks were secured by those morons out of incompetence. I have even seen them install small business servers with direct-to-internet connections and not even a NAT firewall, because "You can't have a VPN server behind a firewall" which we all know is bullsh**.

      --
      Erutangis ym si siht.
  4. Re:No password =/= unsecured by Lumpy · · Score: 4, Interesting

    I do it easier.. I have a spare 54GL sitting at the peak of my attic without any internet on it broadcasting about 60 AP's that say... Linksys, netgear, dlink, etc all open and unsecured. The cool part is the AP sits on a metal plate SHIELDING it's signal from my home. you cant see the AP's it's broadcasting from inside the house. (Knowing how RF works is a good thing)

    It had two effects.

    1 - it chased all the neighbors away from the channel I have them all broadcasting on.
    2 - it forced all the neighbors to actually configure their routers to not have the name "linksys, dlink, netgear....." and they added encryption as they all show locks now.

    Works great, and I am sure I give the wardriving kiddies as well as leaches fits when they try to connect to them. the one real AP up there called "FreeWifi" is my throttled and filtered free wifi AP I provide. works great and last time I checked it was getting used at least 5 times a week. It times out and drops you to a capture page every 50 minutes to annoy the cheap neighbors trying to leach. And no it does not mess up my WiFi as I use the channel it's on. it's the quietest channel for 4 blocks around because of my broadcaster.

    --
    Do not look at laser with remaining good eye.