Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Neighborhood WiFi Security

ScuttleMonkey posted more than 8 years ago | from the put-out-an-electronic-welcome-mat dept.

328

picaro writes to tell us the New York Times has an interesting piece about the abundance of open wireless connections available due to the lack of the average user's knowledge. The article also takes a look at how the prevalent attitude is that tapping in to these connections does not equate to stealing and why still other may disagree. From the article: "Piggybacking, the usually unauthorized tapping into someone else's wireless Internet connection, is no longer the exclusive domain of pilfering computer geeks or shady hackers cruising for unguarded networks. Ordinarily upstanding people are tapping in. As they do, new sets of Internet behaviors are creeping into America's popular culture."

Sorry! There are no comments related to the filter you selected.

RTFM (5, Interesting)

xgadflyx (828530) | more than 8 years ago | (#14856728)

Some users say they have protected their computers but have decided to keep their networks open as a passive protest of what they consider the exorbitant cost of Internet access.
That would be the category I fall under. I think everyone should follow the sharing principle, lock your box, and open the AP. No matter what deviant may come around and use your access, you can always prove it wasn't you. Now it may be a hassle and even cost a bit of cash..., which we all know sucks, but I've been sharing my wifi for nearly 3 years now and have had no problems. Plus, I've always appreciated the neighborhood open-ness eg. when cable modem users go down and the DSL subscribers are still kicking it, just hop right over and keep on keeping on.
"I'm sticking it to the man," said Elaine Ball, an Internet subscriber who lives in Chicago.
"Whoa sweetheart, slow down. We're just talking about sharing internet connections, nothing more" -me, an internet subscriber who lives in Columbus First post?

Re:RTFM (4, Insightful)

jonv (2423) | more than 8 years ago | (#14856786)

The problem with securing your machines and opening the AP is that certain ISP services (mainly SMTP servers for outgoing mail) don't require any authentication as the ISP assumes that who ever has physical access to the connection is the authorized user. Someone 'sharing' the connection could be using it to borrow the ISP SMTP server for sending out spam or other unwelcome email.
Of course this can be resolved by putting the access point on the right side of well configured firewall, just pointing out there is more to consider than just securing your machine.

What does your ISP have to say ? (2, Interesting)

rednuhter (516649) | more than 8 years ago | (#14856794)

Just out of interest what does your contract with your ISP have to say about sharing your connection ?
In the UK all the ISPs I have ever dealt with have stipulated no sharing, not even a home network with two plus computers.
Not something I keep to mind, but worth bearing in mind if things ever do get nasty.

Re:What does your ISP have to say ? (1)

dotnetatemybaby (948280) | more than 8 years ago | (#14856827)

That's hardly a universal thing anymore - I've been looking at moving ISP recently (since the one we were using was bought out by PlusNet, one of the worst DSL ISPs in the UK) and many seem fine with sharing the connection on a home network, some even offering free multiple static IPs if requested. Open wireless is probably another matter entirely though...

Re:What does your ISP have to say ? (1)

ettlz (639203) | more than 8 years ago | (#14856855)

In the UK all the ISPs I have ever dealt with have stipulated no sharing, not even a home network with two plus computers.

Really? Who? And how can they tell if you use an NAT layer?

Many of them object to you running an "open gateway". I don't see why they'd be bothered by free-for-all wireless, so long as you take the rap for anything bad that happens with your connection (such as AUP breaches).

Re:What does your ISP have to say ? (3, Informative)

lga (172042) | more than 8 years ago | (#14856869)

Many ISPs in the UK now actually give out free wireless routers with a new broadband connection - it is seen as an extra draw for new customers and a marketing advantage to get them to sign up for more expensive packages. And no, most are not encrypted by default.

BT Broadband [bt.com] give away a wireless modem with their more expensive connections and Wannadoo [wanadoo.co.uk] include a wireless router and claim that it is secure, although I haven't tried it.

Re:What does your ISP have to say ? (1)

Secrity (742221) | more than 8 years ago | (#14856951)

I suppose it would come down to whether users universally know how to secure a WiFi connection. From my observation the majority of users don't have the foggiest notion of how to secure anything on their computer. I wonder how many users have their own WiFi connection, but out of ignorance, accident, or screwy client software; are using somebody else's WiFi connection.

Re:What does your ISP have to say ? (1)

bogd (912084) | more than 8 years ago | (#14856957)

I've seen that with many ISPs - and I still do not understand why. As long as I'm paying the ISP for the bandwidth, it should be my problem what I do with it. I can decide to use it all, or I can decide to share it with my friends - my call.

Re:What does your ISP have to say ? (3, Informative)

richy freeway (623503) | more than 8 years ago | (#14857002)

They don't mean that you CAN'T use more than one computer, just that they won't support such a setup. If you ring their tech supp and you're using anything but the standard hardware they sent you (usually a USB modem) they'll refuse to help.

Re:RTFM (3, Interesting)

Steinfiend (700505) | more than 8 years ago | (#14856808)

I'm sure I'm supposed to be more public spirited than this, but I can't really bring myself to open up my WiFi to other people. I don't think its the money aspect really, 40 bucks a month isn't so much as it would break me. However, I need my Internet connection to be available when I need to use it. I work from home quite regularly and have to either SSH or RDP into work, or sometimes even the reverse, SSH back home from work. If some wonderful neighbor of mine has picked that exact moment to download the latest IT Crowd episode (great show by the way!), then my ability to do the job for which I am paid would suffer.

If I could be sure everyone would only use it for browsing, email, IM and the odd bit of downloading then I'd be for it, other than that, I would rather not risk it.

As for being able to prove it wasn't you, should someone hop on and do some dastardly deed, I'd be interested to know how. Has anyone tested that theory? I'd hate to be the first person to go to court, try and prove it wasn't me, and find out the court wasn't having any of it!

Re:RTFM (4, Insightful)

KiloByte (825081) | more than 8 years ago | (#14856858)

Traffic shaping will do the trick just fine.

Have two HTB branches: one for yourself, one for good-neighbour sharing. You can set it up so the latter will be starved or almost-starved whenever you need the bandwidth. And then you can fine-tune the branches to care about TOS, etc.

Besides, traffic shaping is mandatory anyway if you want to even think about using ssh while you're downloading something.

Re:RTFM (1)

farker haiku (883529) | more than 8 years ago | (#14856925)

As for being able to prove it wasn't you, should someone hop on and do some dastardly deed, I'd be interested to know how.

Chances are, if they hop onto your protected network, they've been sniffing packets for a while. Everyone here should know that mac address spoofing is trivial. If they spoof their mac address to be yours, chances are you won't be able to prove that you didn't do it...

Re:RTFM (1)

LurkerXXX (667952) | more than 8 years ago | (#14856943)

As the other post said, traffic shaping is the way to go. I have an OpenBSD box set up as a firewall. Any bandwidth I need, I get. If I'm not using 100% of it, whatever is left is open for folks visiting the little-old-lady next door. She doesn't use a computer herself, so it would be silly for her to buy a line. When her kids or grandkids come over to visit her and bring their laptop, I don't have a problem with letting them tap into my line for a few hours using the excess bandwidth.

Re:RTFM (1)

mistigri (152379) | more than 8 years ago | (#14856950)

Personnally, the day I bought a wireless router, I asked my neighbours whether they'd be interested in using the connection. One of them said yes, and I granted him access. No money involved.

Re:RTFM (1)

rolfwind (528248) | more than 8 years ago | (#14856982)

I'm in your camp. The last thing I need is for all the people around me surf/downloading pron on my dime. And I don't exactly want to waste my time "proving it wasn't me" if the RIAA/MPAA/Childporn_Police come knocking on my door because somebody decided to do something on my connection they wouldn't dare do on theirs.

I honestly don't understand all the openess hype in this instance. Just because it's wireless? When I was in college a few years back, everybody shared their broadband with ethernet cables as well as their cable with a few feet of coaxial (adjoining apartments).

Re:RTFM (0)

Anonymous Coward | more than 8 years ago | (#14856839)

No matter what deviant may come around and use your access, you can always prove it wasn't you.
Ok, so lets say that the next door neighbor's kid starts downloading tons of copyrighted music with your connection; How would you prove that it wasn't you? Maybe you keep your router / WAP logs indefinitely, but even still I doubt the RIAA would care much.

Even worse maybe the guy next door is trading in child porn on the internet, it all uses the same IP going out, this just seems like a really bad idea.

Open Access Points (4, Insightful)

TPS Report (632684) | more than 8 years ago | (#14857024)

That would be the category I fall under. I think everyone should follow the sharing principle, lock your box, and open the AP. No matter what deviant may come around and use your access, you can always prove it wasn't you. Now it may be a hassle and even cost a bit of cash..., which we all know sucks, but I've been sharing my wifi for nearly 3 years now and have had no problems.


At first I was thinking - whoa, you're very open minded. Then I realized you wrote wifi instead of wife. I need some coffee.

I understand what you're saying about the open access, and it's a nice thing to do - but there's no way in hell I'm going to go through the federal investigation process or even chance the possibility of going to prison, for my neighbors kiddie porn habit. Sorry. My life and the potential hassle is worth way more than him saving $39.95 on his cable bill. You're being nice, and that's applaudable, but if anything does happen - you're going to have a tough time proving it was not you.

You: but I have logs!
Them: How convenient. The accused has evidence pointing to someone else. Is it unaltered proof?
You: Of course! These are the raw server logs!
Them: Logs, from your firewall?
You: Yes!
Them: A firewall which you have administrative access to, and can change the logs at will?
You: Uh, yeah. But I didn't change them.
Them: So the logs very well could be altered. And it would be in your best interest for that to happen?
You: WTF man... I didn't do it.

Don't expect your freeloader neighbor to step up and take a federal sentence when it comes down to it, and don't put your life in a position where it depends on the justice system to "get it right". Ken Lay, OJ, and lots of others are walking around free men today..

Fon (1)

MZ80K (939278) | more than 8 years ago | (#14857030)

Have a look at Fon [fon.com] , which is a wifi sharing scheme (backed by Google/Skype/Ebay).

Take a bike, leave a bike (5, Interesting)

BadAnalogyGuy (945258) | more than 8 years ago | (#14856730)

Some cities have implemented systems where you can borrow one of the public bicycles that are painted with an ugly colorscheme and use it to go where you need to go. Someone can then, in turn, borrow that bike from you after you've parked it. It's an interesting system because the bikes are just community property and everyone has the right to ride them.

Re:Take a bike, leave a bike (1)

necro2607 (771790) | more than 8 years ago | (#14856743)

That's pretty cool. I've heard of people proposing the same thing regarding cars or motorcycles.. of course the potential for abuse is plainly obvious - what is to stop someone from borrowing one of the cars and totally trashing it? heh... A new avenue for aimless destructive rebellion, or whatever...

Re:Take a bike, leave a bike (2, Interesting)

ihuntrocks (870257) | more than 8 years ago | (#14856777)

When you have potential for community property, there will always be the potential for individuals to abuse this, and some will. I'm not quite sure if I feel that tapping into nearby unprotected WiFi is actually immoral or even "stealing" in this case. The average user does not come close to using their full bandwidth potential. These same average users, however, are then paying for things they are not using, and those tapping in are merely using the excess in most cases that will never be missed. Above average users would probably secure their networks in the first place :-) On another note, sharing WiFi access promotes information sharing (which is neither positive nor negative, it is all in how the individual uses it). Feedom of information and ideas, rather than the cloistering and supression of the same is what brought us out of the dark ages. I think that viable community driven and supported publicly accessable WiFi would be a great help to our culture. Information shouldn't be horded an doled out to only those who can afford it, it's not a luxury. Just my two cents.

Re:Take a bike, leave a bike (1)

necro2607 (771790) | more than 8 years ago | (#14856824)

For sure, I definitely agree. Actually, a small amount of wireless-network-piggybacking is probably acceptable in essentially all cases. I know very very few people who actually hit their ISP's bandwidth limits - actually, just one family. They are using the absolute lowest & cheapest broadband connection, which only offers them something like 10gb/month up & down. They actually get calls all the time from the ISP telling them to either stop going over the limit, or move up to the next higher price point (and at the same time get a *way* faster connection)... Anyway, when people start complaining to me about evil wireless-network hackers, it really falls on deaf ears. If someone hops onto your network to check some email, what's the big deal? Of course, if such a user starts doing malicious things, cracking their file-shares, sniffing traffic on their network etc. then that's definitely cause for anger and frustration. At the same time it's trivial to enable 104-bit encryption, and will prevent most problems - most wardrivers/wifi-piggybackers will just move onto the next wide open network (I know I do)...

Re:Take a bike, leave a bike (2, Funny)

xgadflyx (828530) | more than 8 years ago | (#14856752)

Wow, I thought it was just women they were swapping, I guess they're doing it with bikes now too? Crazy.

Re:Take a bike, leave a bike (1, Interesting)

Anonymous Coward | more than 8 years ago | (#14856779)

Yes, they did it in Cambridge (UK). The city bought and put out dozens of bikes. One week later every single one had been stolen. The scheme folded.

Sharing schemes never work without close policing. Most people are honest, but too many are not.

Re:Take a bike, leave a bike (1, Funny)

babbling (952366) | more than 8 years ago | (#14856780)

Maybe this could work for bank accounts, too.

Re:Take a bike, leave a bike (2, Insightful)

mccalli (323026) | more than 8 years ago | (#14856798)

Can see one rather obvious drawback - I cycle to a place, I come out later expecting to cycle back from that place and...

Oh dear. My mode of transportation has gone. Taxi time...

Cheers,
Ian

Re:Take a bike, leave a bike (0)

Anonymous Coward | more than 8 years ago | (#14856800)

But it would have been double the taxi fare if you hadn't had the bike!

Re:Take a bike, leave a bike (1, Insightful)

Antony-Kyre (807195) | more than 8 years ago | (#14856841)

The difference between your comment and the story at hand is you mention community property, the story mentions personal property.

If city governments were to simply create free WiFi, and someday WiMax, then people piggybacking on other people's connections may become moot.

Re:Take a bike, leave a bike (0)

Anonymous Coward | more than 8 years ago | (#14856851)

Really? Personal property?

How about the personal oxygen that my lawn and landscaping is providing?

Re:Take a bike, leave a bike (1)

Antony-Kyre (807195) | more than 8 years ago | (#14856912)

So you don't consider a WiFi connection coming from someone's residential property to be personal property?

Re:Take a bike, leave a bike (0)

Anonymous Coward | more than 8 years ago | (#14856917)

No more than any other radio waves emanating from their place.

Re:Take a bike, leave a bike (0)

Anonymous Coward | more than 8 years ago | (#14856910)

Which in some, or maybe even most, cities has failed. The thieves learn quickly where this is happening. The bikes end up leaving the country in some cases.

Re:Take a bike, leave a bike (3, Informative)

grimJester (890090) | more than 8 years ago | (#14857003)

It works fine in Helsinki, Finland. The bikes are just bad enough that no one would seriously consider stealing one, but they still beat walking.

It didn't work out in Turku, Finland. They all eventually ended up in the river.

New occurences in American culture... (5, Insightful)

necro2607 (771790) | more than 8 years ago | (#14856737)

Ordinarily upstanding people are tapping in. As they do, new sets of Internet behaviors are creeping into America's popular culture.

Yeah, like computer users getting sued by the RIAA when they have never used any P2P software on their machine, for example...

Re:New occurences in American culture... (1)

strider44 (650833) | more than 8 years ago | (#14856849)

Or perhaps, alternatively, giving people an excuse when the RIAA comes knocking on their door...

Re:New occurences in American culture... (1)

necro2607 (771790) | more than 8 years ago | (#14856919)

Funny that you should say that, because not only has that theory been brought up & torn down before, but the same has occured in the discussion of this same /. article:

http://hardware.slashdot.org/comments.pl?sid=17935 2&cid=14856776 [slashdot.org]

I have WiFi access! (4, Interesting)

Opportunist (166417) | more than 8 years ago | (#14856754)

My neighbour bought an access point!

Old joke, I know. But so true. And why? Because without fault, ALL APs are configured to accept any and all connections by default. And why? Because otherwise, clueless people would swarm the manufacturer's call center asking how to connect.

When it's configured in nymphomaniac mode (i.e. do it with everyone you can get), people can connect, they're happy and won't even bother thinking about securing their 'net. At least until the feds knock at their door, asking a few dumb questions about movies and pron.

But that's no problem either, because in our legislative, being clueless on the net is appearantly an excuse for committing any crime. You participated in a DDoS because your computer contains more malware than other programs? No worries, you didn't know, you're not to blame. Your connection was used to run an illegal server? No worries, it wasn't your fault, your computer was abused as a server.

Usually not knowing it's a crime is no get outta jail card. When it comes to the 'net, it is. Maybe 'cause legislators and judges are predominantly clueless in respect to the net as well.

Hey, self interest!

But as long as it's an excuse to shrug your shoulders and claim you didn't know what you're doing, people won't get wiser.

Re:I have WiFi access! (4, Interesting)

Tim C (15259) | more than 8 years ago | (#14856776)

Usually not knowing it's a crime is no get outta jail card.

Usually not knowing that what you are doing is not a crime is no defence, true. Generally though, not knowing that you're not doing something is, unless the prosecution can prove negligence.

Until and unless there's a crime of failing to take reasonable steps to secure a PC or similar, people are going to "get away" with it.

Note that if you claim that it wasn't you, it was someone else using your connection without your knowledge, but the prosecution can demonstrate that actually it most likely was you and that you left your connection unsecured in order to provide yourself with that excuse, you'll likely not be believed.

Re:I have WiFi access! (1)

rtb61 (674572) | more than 8 years ago | (#14856889)

Whether you are guilty or innocent, loss of all your computer hardware for a few months, whilst the investigation is under way, seems like quite a severe punishment,especially for those that cannot afford a temporary replacement.

The accusations can also be quite damaging all on their own if you consider terrorism and child pornography, especially as both crimes now seeming to fall into the category of guilty until proven innocent, in the public eye.

Re:I have WiFi access! (0)

Anonymous Coward | more than 8 years ago | (#14856903)

So the firm It wasn't me. line of defense would be our best bet?

But she caught me on the counter (It wasn't me)
Saw me bangin' on the sofa (It wasn't me)
I even had her in the shower (It wasn't me)
She even caught me on camera (It wasn't me)

She saw the marks on my shoulder (It wasn't me)
Heard the words that I told her (It wasn't me)
Heard the scream get louder (It wasn't me)
She stayed until it was over

Re:I have WiFi access! (3, Insightful)

Opportunist (166417) | more than 8 years ago | (#14856966)

In other words, everyone except IT-techs have a carte blanche? Because you can't expect the ordinary user to know or even have a firewall, virus utilities or packet filters?

And is it not negligence when I see my computer slow to a crawl (because it's filled with trojans that hook every single API in the system) and ignore it? Is it not negligence when I see sexpages pop up even if I surf towards Disney (because my machine is filled with adware bombers)? Is it not negligence when my connection is noticably slowing to a crawl (when my computer is spewing out torrents of spam)?

When I leave my door unlocked (just closed, but unlocked), I'm considered negligent when someone breaks into my house and steals my possessions, my insurance will brush it off and I'll sit here alone in my empty home. Worse, when I leave my car keys in the car and someone steals it, committing a crime in the process far worse than stealing my car (like, say, withdraw some money from the local bank using his iron mastercard...), I'm probably guilty of aiding a criminal.

Why is that different when it comes to computers and computer criminality?

Re:I have WiFi access! (2, Insightful)

The_Mr_Flibble (738358) | more than 8 years ago | (#14856997)

So If I have a secured access point (using term loosely) and someone gains unauthorized access to it would it be okay for me to poke around on his computer he is using to access it ?

And if it is okay what about an unsecured access point for my personal use with no encryption or security ?

Just because it's not secured doesn't imply that it is free for anyone to use ?

I leave the front door of my house unlocked sometimes does that mean it's okay for someone to come in and use my milk/heat/tv ?

If someone did enter my house they would get badly hurt. Same thing would happen if you used my AP without authorization.

Re:I have WiFi access! (1)

xgadflyx (828530) | more than 8 years ago | (#14856781)

Because without fault, ALL APs are configured to accept any and all connections by default. And why? Because otherwise, clueless people would swarm the manufacturer's call center asking how to connect.
I can agree with that, and that not knowing is just as much of a crime. But all other points you have brought up have nothing to do with the wifi not being locked down, they have to with poor box security. Even if an AP is in nun mode (opposite of nympho mode) an 'laxed security posture will stil get you your @ss handed to you.

Re:I have WiFi access! (1)

elgaard (81259) | more than 8 years ago | (#14856792)


> Usually not knowing it's a crime is no get outta jail card.

It is not about knowing if it is a crime. It is about who is acutally committing a crime.

Just because the traffic was routed through your AP and you ISP does not mean that you or your ISP committed the crime.

Re:I have WiFi access! (1)

shmlco (594907) | more than 8 years ago | (#14856845)

Perhaps not, but the burden of proof is beginning to shift. And I suspect a bit of an inconvenience will be in order after the feds grab all of your computers looking for the download childed porn, mass-mail spam lists, terrorist bomb plans, and/or infringed music and movies.

Re:I have WiFi access! (1)

iwan-nl (832236) | more than 8 years ago | (#14856908)

So not securing your AP automaticly gives you Common Carrier status?

IANAL, but I think you'll still be responsible for any data being sent by your modem. Maybe you'll get off the hook if you can prove beyond doubt that it was someone else who downloaded the kiddy pron, but the feds will still be knocking on *your* door to take you and all your computer equipment downtown.

Personally, that's not a risk I'm willing to take.

Re:I have WiFi access! (2, Insightful)

kyrre (197103) | more than 8 years ago | (#14856810)

Usually not knowing it's a crime is no get outta jail card. When it comes to the 'net, it is.

Since when was it illegal to share your network connection with someone? Last I have heard there was an entire industry devoted to the service. They are called Internet Service Provider.

But that's no problem either, because in our legislative, being clueless on the net is appearantly an excuse for committing any crime. You participated in a DDoS because your computer contains more malware than other programs? No worries, you didn't know, you're not to blame.

You leave your house for work every day at 9 am and return by 6 pm. Outside your house, on your property, some dude hangs around all day, every day, dealing drugs while you are gone. Is it fair to put YOU in jail for 20 years in this case? You should have known that someone can stand on you lawn and sell drugs, right?

I have shared my wlan for 3 years, and will continue to do so in the future.

Re:I have WiFi access! (1)

mwvdlee (775178) | more than 8 years ago | (#14856843)

But that's no problem either, because in our legislative, being clueless on the net is appearantly an excuse for committing any crime. You participated in a DDoS because your computer contains more malware than other programs? No worries, you didn't know, you're not to blame. Your connection was used to run an illegal server? No worries, it wasn't your fault, your computer was abused as a server.

So somebody steals my car and uses it in a bankrobery. Am I now a criminal all of a sudden?

As for the malware; if you're happy that your 2 or 3 anti-malware tools keep your system clean, install a 4th and be shocked by all the previously undiscovered malware it finds. Repeat with a 5th, 6th, etc.

Re:I have WiFi access! (1)

SComps (455760) | more than 8 years ago | (#14856954)

So somebody steals my car and uses it in a bankrobery. Am I now a criminal all of a sudden?


If you leave the keys in it, running and a sign on the windshield "Take me for a spin!" er.. well.. YES! or at least you should be.

Re:I have WiFi access! (1)

Opportunist (166417) | more than 8 years ago | (#14857004)

If said car is not locked and the keys are lying visibly on the dashboard (equivalent of the usual PC on the 'net) then yes, you're in for "forwarding a crime".

Re:I have WiFi access! (2, Interesting)

grand_it (949276) | more than 8 years ago | (#14856940)

Because without fault, ALL APs are configured to accept any and all connections by default.

I've tested and reviewed about 20 APs and wireless routers in the last two years. I've found only one that had WPA ebabled by default: Netgear's WGU624 [netgear.com] .

Re:I have WiFi access! (2, Interesting)

Professor_UNIX (867045) | more than 8 years ago | (#14856947)

Because without fault, ALL APs are configured to accept any and all connections by default.

I have just the opposite experience. Ameritech.. err SBC.. err AT&T offers DSL in my area and sold a very popular line of 2Wire wireless routers for home networking as part of their install and I can find at least 12 of these around my neighborhood and they're all locked down with a semi-unique SSID (usually 2Wire_???) and the WEP or WPA key is a number written on the underside of the router. So, by default, these come with encryption enabled. Not that I was up to anything nefarious, I just got one of those 802.11b sniffing handheld gadgets for Christmas and I was driving around wondering how many people around me had computers and wireless. Turns out the only open place was a coffee shop down the street.

Ric - that you? (2, Funny)

Linker3000 (626634) | more than 8 years ago | (#14856762)

Is Ric Romero writing for the NYT now!?

Can we borrow an 'obvious' tag from our friends at Fark.com?

Re:Ric - that you? (2, Funny)

Too many errors, bai (815931) | more than 8 years ago | (#14856995)

"People are now able to connect to the Internet through wireless, or "WiFi", networks. More at 11."

*gasp* (5, Funny)

scenestar (828656) | more than 8 years ago | (#14856765)

As they do, new sets of Internet behaviors are creeping into America's popular culture.

you mean "SHARING" something?

Re:*gasp* (1)

KiloByte (825081) | more than 8 years ago | (#14856923)

Most Americans are christians.

Quoting St. Augustine: "For if a thing is not diminished by being shared with others, it is not rightly owned if it is only owned and not shared".

Thus, those sinners from RIAA/MPAA will burn in hell.

Semi-related story (5, Funny)

necro2607 (771790) | more than 8 years ago | (#14856766)

In a semi-related story... I was at a friend's place last week and I wanted to transfer to him some audio-recordings of my band's recent practice. I asked him, "Do you have a wireless network or anything set up here?" ... He said how he didn't want to "get into that wireless stuff" because there are apparently so many people who would hack into his wifi network or whatever. That, and there are people who drive around in vans with gear to hijack peoples' wireless networks.

During the minute or so that he was going on about this stuff, I found about 3 open wireless networks in range. I connected to one of them, logged into MSN Messenger and laughed as he saw a little notification pop up on his PC screen that indicated that I had just come online.

Didn't you learn at school (0)

Anonymous Coward | more than 8 years ago | (#14856767)


Share your toys with the other children
and as Wifi is local (+/-300m) you are actually adding value your community and contributing to society, which makes a change from the usual selfish me me me i gots mine attitude that some people would advocate

be part of team community, you will get more done

Bandwidth-based pricing would stop this, and other (3, Interesting)

putko (753330) | more than 8 years ago | (#14856768)

If you had to pay for bandwidth based on how much you used, people wouldn't do share. Also, telco companies wouldn't be floating the concept of charging more for various services (e.g. VOIP, or VOD).

Does anyone know why it is that companies don't just charge for bandwidth, the way they do with a colo? Is it really so complicated?

That would be nice to for mom-and-pop -- they wouldn't have big fixed-fees due to heavy users like myself.

Re:Bandwidth-based pricing would stop this, and ot (2, Informative)

necro2607 (771790) | more than 8 years ago | (#14856806)

I think it's probably because the fairly large percentage of low-bandwidth users (simply email & minimal surfing, no mp3s/videos/p2p) would be a total loss of profit to the ISPs, if they started charging based on actual bandwidth usage.

They can make an unbelievable amount of money because while the ISP might pay for their connection by bandwidth used, their users (you and I) are paying a flat-rate (and probably artificially large) monthly fee regardless of bandwidth usage.

What I'm trying to get across is, they can charge a nice high monthly fee, which might easily cover, let's say, 20gb of up/down bandwidth per month. If an ISP's user is only using 1-2gb per month for their email, random family photo attachments, and maybe a few mp3s from iTunes... Well.. the ISP just got enough money to cover 20 gb of bandwidth, but only 2gb were used.

This situation has existed for a very long time in regards to net access - since dialup net access because a common thing, essentially. I remember fixing a family's computer and for whatever reason having to check out their dialup account configuration at their ISP. I noticed they only spent like 10 hours online per month, but of course their package allowed something like 100 hours. The ISP surely loved them...

Re:Bandwidth-based pricing would stop this, and ot (2, Informative)

Tim C (15259) | more than 8 years ago | (#14856807)

A lot of ISPs here in the UK do indeed offer plans with a monthly bandwidth usage cap. If you exceed the cap, you pay for the extra you use, generally in 1GB chunks. I beleive that some ISPs offer the user the choice to have their access cut off if they exceed the cap, rather than be charged for more.

Those plans tend to be a little cheaper than the uncapped ones, but not by as much as you might expect. For example, I have an uncapped plan, which is only a couple of pounds more per month than my parents' capped plan (same connection speeds, same ISP).

Re:Bandwidth-based pricing would stop this, and ot (1)

astro-g (548659) | more than 8 years ago | (#14856976)

We have that here in NZ too, and it SUCKS!
the major issue being that NZ telecom's idea of a fair price per unit of data bears little or no resemblance to reality.
And the company that owns the big cable hook up to australia is aparantly spitting because they are massively below capacity, and massivly below thier revenue point.

Re:Bandwidth-based pricing would stop this, and ot (1)

caffeination (947825) | more than 8 years ago | (#14856836)

This can never happen. The simple fact is that a bandwidth-based price scheme that keeps profit at the same level as today would demonstrate to people quite clearly just how badly they are getting ripped off. Light and heavy users alike would be outraged at the suddenly very clear abuse that is being perpetrated by ISPs. This is why they are pushing for a tiered internet instead. All the extra money, none of the extra service.

Re:Bandwidth-based pricing would stop this, and ot (1)

KiroDude (853510) | more than 8 years ago | (#14856974)

Sorry, it does Happen. Here in Belgium 99% of the broadband providers limit your transfers to a certain monthly amount (usually 10GB, but the more you pay the more you get). And as far as I know only 3 providers give unlimited transfer. Two of them are cable operators, in which one gives you the no limits connection as standard [brutele.be] and the other one charges you 60+ a month for unlimited access [chello.be] . And these 2 companies only offer their services in certain parts of Belgium.. The third one is an ADSL provider [versatel.be] which gives you a 500MB limit but once you go over the limit you only pay 5 per month no matter how far you go.

Re:Bandwidth-based pricing would stop this, and ot (1)

caffeination (947825) | more than 8 years ago | (#14857007)

That's not bandwidth based. That's a flat rate plus a limit. Shafted two times over.

Re:Bandwidth-based pricing would stop this, and ot (0)

Anonymous Coward | more than 8 years ago | (#14857038)

Telcos do charge for bandwidth. As an example, BellSouth has three tiers of residential service based upon how much bandwidth that you want. The nature of typical network traffic is that it is typically not uniformly distributed (often Poisson distributed). The sale of the bandwidth to me assumes my network usage is indeed uniform. If someone else has a peak when I am at a lull, why not share (it causes me no harm and may help if they reciprocate)?

I love open wifi.. (5, Funny)

brxndxn (461473) | more than 8 years ago | (#14856769)

I was sitting at a McDonald's with my laptop during a road trip. There were two wifi networks available. One was titled 'McDonald's' and the other was titled 'BetterThanMcDonald's.' I used the latter. I love when people do that..

This is why... (1)

brunes69 (86786) | more than 8 years ago | (#14856875)

... I can't stand when summaries read stuff like "available due to the lack of the average user's knowledge".

Lots of APs are open not because the user doesn't know how to secure them, but because they don't give a crap. I personally have run an open AP for years. It is more convient (any device someone brings into my house has access, they don't need to get any keys), and the odds of any of my non-techie neighbours having WiFi are slim to none, so I really don't give a hoot about someone stealing my connection.

Trajedy of the Commons (4, Interesting)

Bad to the Ben (871357) | more than 8 years ago | (#14856783)

I've often thought about openning my AP, but I just know that after a week or two some jerk is going to use my DSL connection as his own personal torrent link. If I was using someone's DSL connection I'd limit myself to just normal browsing and light email. Those morons ruin it for everyone else.

With regard to securing access points, I've thought of a better way of setting things up properly (someone may already have thought of it). You plug your computer in to the AP for the first time via an Ethernet cable. You go into the settings, and click an option to setup the AP. The AP creates a secure WPA key using random characters. It then spits out a small script for you to download. You execute the script as Administrator or root, and it automatically configures your OS for the AP, with the right key and everything. After this you can use the AP wirelessly.

There would be some problems though, mostly checking the OS type and having to write scripts for Windows, OS X and Linux. But I reckon it could be done.

Re:Trajedy of the Commons (1)

barefootgenius (926803) | more than 8 years ago | (#14856838)

Just use the Mac address and encrypt it. Its easier, and the amount of people who can/will hack it is small.

Re:Trajedy of the Commons (1)

jareth-0205 (525594) | more than 8 years ago | (#14856844)

I've often thought about openning my AP, but I just know that after a week or two some jerk is going to use my DSL connection as his own personal torrent link. If I was using someone's DSL connection I'd limit myself to just normal browsing and light email. Those morons ruin it for everyone else.


Ye gods, what sort of cynical attitude is that?! You haven't opened up your connection, so actually have no idea whether "those morons" will ruin it or not. Plenty of other people have posted here that people are polite and don't cause problems.

Re:Trajedy of the Commons (2, Funny)

caffeination (947825) | more than 8 years ago | (#14856854)

set_post_tone('non-aggressive');

Man, if only network traffic was divided up into loads of different types. That way you could block certain types of traffic from passing through your network by configuring your router...

Not that this would stop http downloads of isos or anything, but most Average Joe heavy bandwidth use is via the likes of bittorrent.

We could call these types "ports", and there should be at least... pulls random number out of ass... 60000 of them!

Re:Trajedy of the Commons (0)

Anonymous Coward | more than 8 years ago | (#14856958)

set_post_tone('non-aggressive');
  You're so 90's, progress, man, progress!

posts[this].tone = new Mood('Aggressive',false);

Bandwidth shaping with Linux (4, Informative)

necro2607 (771790) | more than 8 years ago | (#14856857)

Actually, it is 100% possible for you to set up traffic bandwidth shaping so that any particular IP is only allowed a certain amount of bandwidth, for example.

Use a UNIX-like machine as a router/firewall for your network, and you suddenly have amazingly detailed networking possibilities within your reach. I strongly suggest reading the Linux Network Administrator's Guide [faqs.org] . Even though it's getting a little outdated it has some downright cool-ass information within.

Of course, few users are technically adept enough to actually set up a router like this, but I'm sure it has been used a lot for people who want to keep their wifi access "open", but safely limited.

On a related note there are pre-built linux firewall packages out there [google.ca] which will surprisingly easily allow you to do what I was just talking about.

Also, here is the Linux Advanced Routing & Traffic Control HOWTO [lartc.org] ... It's a bit technical but a useful resource nonetheless.

Re:Bandwidth shaping with Linux (1)

Shawn is an Asshole (845769) | more than 8 years ago | (#14857019)

You could also install iptables-p2p [freshmeat.net] . It will let you block Fasttrack, eDonkey, Direct Connect, Gnutella, OpenFT, and BitTorrent.

Re:Trajedy of the Commons (1)

TallMatthew (919136) | more than 8 years ago | (#14856885)

I've often thought about openning my AP, but I just know that after a week or two some jerk is going to use my DSL connection as his own personal torrent link. If I was using someone's DSL connection I'd limit myself to just normal browsing and light email. Those morons ruin it for everyone else.

So you're saying you don't share because you assume someone would abuse your connection and, even though no one ever has abused it because you've never actually shared it, you blame "morons" who ruin it for everyone else. Hmm. Sounds like an excuse where one isn't needed.

It's OK not to share. The reason this comes up is because it's easy to open an AP and there's so much unused bandwidth on a broadband connection. But it's not as if the bandwidth you don't use is taking food out of other people's mouths. That's nonsense. If you pay for something, it's yours. It's not your neighbor's. If they want high speed access, they can pay for it themselves. Just because something is easy to share doesn't mean you're obligated to share it. And it certainly doesn't make you an angel if you do.

Re:Trajedy of the Commons (2, Interesting)

bogd (912084) | more than 8 years ago | (#14856970)

Linksys has had this for quite a while now - they call it "SES" (Secure Easy Setup). Details here [cnet.com.au] or here [tomsnetworking.com] .

Re:Trajedy of the Commons (3, Insightful)

steve_l (109732) | more than 8 years ago | (#14856989)

You are right, the only person who should bring the network to is knees is me.I do this by configuring my router so the bittorrent ports go to my machine, and not to any of those evil piggybackers.

I actually run an open network for a number of reasons
  -I cant be bothered to set up access for overnight guests and other visitors
  -I explicitly allow a neighbour to share
  -I dont think classic WEP, that some of my hardware is, is at all secure.
  -Knowing the net is open forces me to lock down the boxes better. All firewalled, no SMB connectivity (SSH/SCP to the server only).

And finally: I like it when I get free networks when I travel, and want to share the joy. Saturday: father in law's house, public network "linksys". Last summer -stuck at my mother's house for a few days. Public network from a neighbour. I dont care whether these people did it on purpose or through ignorance, I benefit, and their cost is minimal.

I believe that you can get firmware for the linksys WRT54G boxes that let you throttle guests...

-steve

RIAA (0)

Anonymous Coward | more than 8 years ago | (#14856811)

Leaving an open wifi connection is a perfectly sensible thing to do.
The inconvenience of a possible occasional loss of bandwidth is more
than offset by the fact that this makes it impossible for the RIAA to
prove that you were the one sharing copyrighted music [or downloading
kiddie porn, hosting "terrorist" websites etc etc].

Re:RIAA (0)

Anonymous Coward | more than 8 years ago | (#14856863)

other then it actually being on your hard disk ofc

Re:RIAA (0)

Anonymous Coward | more than 8 years ago | (#14857041)

I hope you feel the same way when the FBI busts down your door in the middle of night because someone else using your AP visited montspace.com [montspace.com] .

Personally, (2, Funny)

hungrygrue (872970) | more than 8 years ago | (#14856815)

I not only run an open node, but make sure that my neighbors know that it's there. Failing to secure an access point isn't a lack of user knowledge, it is common courtesy.

Bizarre attitudes (5, Insightful)

caffeination (947825) | more than 8 years ago | (#14856818)

I got into this article without signing up yesterday. Can't today, so I'm quoting from memory.
...I thought "Oh my God! People could be using my connection too!".
Six months later, however, $Person still hasn't secured her wireless network.
My parents were the same. I took my laptop into the garden, showed them that I could get onto their connection from at least 50m from the house, then I connected to the neighbours' connections and changed their essids to demonstrate how easy such things are. Then I opened ethereal and demonstrated to them how easy it was to read peoples' internet traffic.

All I got was "That shouldn't be allowed".

Under my own initiative, I then put a fairly long encryption key on their network and password protected the router config. I know it's weak security, but it's better than none at all.

That is how much people care about security. I explained to my uncle the other day about how spyware can log your key presses and report them back to a server. He was shocked and outraged, for about 1 second. Once his computer was clean enough to be usable, he was satisfied (this is a home & business computer, used for EBAY).

Nobody gives a shit about anything to do with computers. It seems that the current parent generation was lead to believe that technology would make life easier and do all the work for them, when the reality is that it's actually replaced much of the work. God knows what long term effects this will have on computing.

Wardriving not for the 'geek' anymore (3, Interesting)

brohan (773443) | more than 8 years ago | (#14856821)

This article reminds me of what happened to me last weekend.

I was on my way to Toronto, stopped in a Tim Horton's, and because I was working on something rather important and there was a heavy wind/snowstorm going on I whipped out my laptop. I couple sitting at the table over from me wanted to check their email, but was unsure of how I was getting internet. I explained that I was getting internet from some generous local person, they tried to get wireless working, though their laptop's card wasn't powerful enough. So I gave them Netstumbeler and taught them how to use it. I'll bet they're going to be wardriving alot more now ;P

The thing was, these guys had an open mind about security, they didn't mind trotting into other people's wireless network any more than I did. It is because of the generosity of the people who left the access points open.

I leave mine open on a another network, just on principle. I limit the bandwidth to un-filtered addresses, just due to the generosity I've received in connecting to others.

It's only stealing if you let them (0)

Anonymous Coward | more than 8 years ago | (#14856822)

Yes, it's "stealing" when some luser has left their wifi open. Don't want somebody using a service you're providing? Turn it off. If it's still open, don't bitch when somebody uses it, you deserve it. I for one keep my network secure, and just in case anybody does get on through the WEP, my LAN is firewalled by my gentoo linux box.

My node... (0)

Anonymous Coward | more than 8 years ago | (#14856825)

My node is called HELLOWARDRIVER.

Open access (2, Insightful)

suntac (252438) | more than 8 years ago | (#14856835)

"Some users say they have protected their computers but have decided to keep their networks open as a passive protest of what they consider the exorbitant cost of Internet access."


I think a lot of people have an open WiFi connection for the rest of the world to use. This however is not only because they want to give some protest but also to simply add a other node to the ever growing number of open "uplinks".

As more and more people are doing so at the moment it becomes easy for traveling laptop users to get online everywhere they want. Closing you "uplink" will become more and more rude in the global opinion I think. Sharing the connection will become more natural to people as they become more aware of the benefit they have from the open uplinks offered by other users.

WiFi will become eventually something like opensource code, sharing and be shared only here we are not talking about code but about internet access. You give access to users and those users give you access in return.

At least this is my opinion.

Regards,
Johan Louwers

Re:Open access (1)

caffeination (947825) | more than 8 years ago | (#14856887)

Such a convention would also collectively protect users. If unsecured wireless internet sharing was a common practice, even cultural, it would be much harder for the RIAA to use IPs from server logs to prosecute. The IP adress would finally lose its undeserved and erroneous image of being in any way a reliable tie to a user.

Wi-Fi Honeypots? (4, Interesting)

ROOK*CA (703602) | more than 8 years ago | (#14856898)

I wonder when/if we're going to start seeing stories about people setting up open WAP's as honeypots? In other words, set up an open AP, for the sole purpose of comprimising hapless piggybackers that connect to it with relatively unsecured machines -- I think it would be hilarious and a nice little piece of payback for those folks that thinks it's okay to piggyback off resources that someone else if paying for (with a little publicity might make people think twice about piggybacking).

Of course if you're too clueless (or too lazy) to take any steps to secure your wireless network then you probably shouldn't be complaining when someone else takes it upon themselves to utilize the resources that you've basically left laying around in public, I mean it's akin to putting a wad of money out on the sidewalk in front of your house and expecting it to be there next week.

Securing your WAP isn't any great task, the OEM's producing these devices for home/small business networks have made it very easy to do, have for the most part documented it well and there are a plethora of resources on-line to supplement the OEM documentation. No excuse not to do it, unless of course you really don't care that any Tom, Dick or Harry can connect to your home LAN and basically do whatever they want with that connection, including poking around on every machine you have connected to it as well utilize your Internet connection for whatever they feel like doing with it.

Re:Wi-Fi Honeypots? (1)

necro2607 (771790) | more than 8 years ago | (#14856931)

I've thought of this so many times... it is why I don't use plaintext protocols unless I really need to, when I am on some random person's wireless network.

Even then, imagine someone having some really advanced software that will pick up on me trying to establish an SSL (or otherwise encrypted) session, and execute a MITM (man-in-the-middle) attack, entirely automatically?

Man, that would be a damned cool piece of software to have on my network router...

Tor (2, Interesting)

quokkapox (847798) | more than 8 years ago | (#14856927)

If you're going to offer a free wifi access point then please also run a Tor exit node.

A wonderful way to gather POP3 passwords I'd say (0)

Anonymous Coward | more than 8 years ago | (#14856929)

The darker side of this...

1. Take one internet connection
2. Obtain a computer running something like linux w/two NICs
3. Connect first NIC to internet
4. Connect second NIC to an open AP
5. Place in crowded area
6. Run ethereal/tcpdump etc. on the linux box

Hey presto - everything in the clear is recorded. Don't get me wrong - not advocating this behaviour - but it's a clear risk for the people "borrowing" internet.

Wahhhh (0)

Anonymous Coward | more than 8 years ago | (#14856930)

"Christine and Randy Brodeur confronted neighbors after discovering that some had illicitly piggybacked onto their wireless Internet access."

Go cry to someone else. What a bunch of dumb asses! If you don't secure your network and someone else hops on it's your fault. It's like leaving the keys in your car with the engine running. You are just asking to get your car stolen. There are plently of resources on line that will show you how to secure your network. Randy, if you would have confronted me I would have slapped you in your stupid face.

Using open APs to route the whole network (2, Interesting)

HawkingMattress (588824) | more than 8 years ago | (#14856941)

I have two routers, both running openwrt.

One is connected to my cable modem, and is linked to the second one through a vlan. The second one's wifi card is in client mode, and connects itself to the AP of a little shop under my flat, using it as its default gateway. Add a little script on the first one which will change the routing tables to use the second router as gateway if my cable provider's gateway is unaccessible, and there you have it: totally transparent, free redundant connection for the whole network. Even the machines without wifi since their gateway is still the first router...
I'm going to shape the traffic on the second one to limit p2p use on that connection since the purpose is not to suck their bandwith to death though...

Wow... (0, Troll)

endrue (927487) | more than 8 years ago | (#14856945)

I don't know about everyone else by my broadband is expensive. I am not 100% that I want the entire neighborhood benefitting from my $45.00 a month to stream video and choke my connection. Remember that social ideas are always spoiled by the greedy - and that describes most of humanity.

The worst part isn't using the "free" connection (1)

Alex Nabrozidis (959156) | more than 8 years ago | (#14856962)

I wouldn't look up the consequences of a "free" and open connection to the internet.
The worst part is that you can actually catch everyone's traffic, maybe that's the illegal part of this so called "problem". Sharing isn't illegal, and about ignorance that's another subject

Open Wireless connections? No way! (4, Insightful)

MaxPowerDJ (888947) | more than 8 years ago | (#14856968)

I have read about other people's posts abot leaving your access point open and sharing the connection. Around here (Puerto Rico), people would just mess your resources up. I have a 1024 Kb down/ 512Kb up cable connection that I distribute among my two computers (one for light e-mail and downloading and another that I connect through the net from work). and I personally took care of security (MAC address filtering + best encryption supported by the AP).

The things is, people have attempted to get in and disable my equipment. People can and will use the wireless connection to do mischievous things. They get no access from me.

Open access is fine if you have an agreement with your neighbohrs and/or you have a common wifi provider (many new housing development are now including wifi from the get go). Otherwise, is just asking for trouble.

Oh, so THAT'S why it's so slow. (1)

Brushen (938011) | more than 8 years ago | (#14856986)

All this time I had honestly thought it was natural for "animehouse" to appear in that list out of nowhere and have my connection knocked off, due to natural crowding from being in a metropolitan area. Guess I shouldn't be on Slashdot.

Open AP, but limited speed for free access. (0)

Anonymous Coward | more than 8 years ago | (#14857000)

When I did open my APs for the public, I just limited the connection speed for the unknown people down to 96 kbit/s and allowed usual web and ssh traffic to pass.

Oh no! Kiddie porn!!! (2, Insightful)

1u3hr (530656) | more than 8 years ago | (#14857034)

The NYP can't resist: David Cole, ... for Symantec ...said savvy users could use the computer as a launching pad for identity theft or the uploading and downloading of child pornography.

But at least they didn't play the TERRORIST card.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?