If You Don’t Want To Share, Lock The Access Point!
You know, I’m getting sick and tired of seeing the whole debate about whether or not people who are accessing an open WiFi access point are “stealing.” Give me a break. If you don’t want people using your WiFi, configure at least some security.
Ars Technica has a piece covering the ethics of using someone else’s WiFi. They come to the same conclusion that I do. If the WiFi is open, either they are intentionally leaving it open, don’t know, or likely wouldn’t care. Since it’s hard for you to tell the difference, why not use it as long as you’re nice about it?
I also talked about this on Gadgets Weblog as well, though it was before this Ars Technica article came out.
Bookmark with: del.icio.us Digg it Furl iFeedReaders ma.gnolia Maple.nu RawSugar reddit Simpy StumbleUpon
Related Posts:
- Proof of iSkoot Passing Credentials In The Clear
- iSkoot Transmits Your Data In The Clear
- Even With Hotel Broadband, I Still Go EVDO
- Starbucks WiFi To Become AT&T WiFi Locations
- PhoneBoy’s Week That Was 4 November 2007
Pingback by Advertisement » Blog Archive » If You Don’t Want To Share, Lock The Access Point!
[...] Original post by The PhoneBoy Blog [...]
Comment by Aswath
Most of the houses in US don’t have fences, but still trespassing is illegal. No?
I will not use an unknown, open wifi ap because it could be an honey pot.
Comment by Benjamin Johnson
I’m in complete agreement. Personally I’m all for open and free wifi. I have a separate SSID for guests or leechers, I bandwidth throttle and QoS them to a lower priority than - they’re also on a completely separate subnet away from everything of mine. I have heavy logging enabled and restrict access out on port 25 to try and be a good citizen.
Not something that the average person can do - but maybe this should be made easier by the consumer AP manufacturers? Should we have to resort to heavy firewall and Cisco knowledge to simply share some bandwith whth others, whilst still protecting ourselves and the Internet at large?
Comment by Aswath
You are restricting access thereby protecting your local network. Now if somebody uses that free access for some nefarious activity and then you are held responsible for that activity. How will u protect yourself? This is the same point for some of the “services” that give you free voice calling by using another person’s voice service (I am purposefully not identifying the companies).
In my mind the safe thing to do is not share my wifi and not use unknown wifi - it is like hitchhiking.
Comment by Benjamin Johnson
Oh I take your point completely. If someone was to do something illegal through my connectivity then I would find myself in a very sticky situation - and one which was difficult to get out of.
I guess there’s no easy way out of this - you can have as many logins and captive portals as you like - but unless you tie these to some kind of accountable personal information belonging to the user (such as a credit card) then you can’t really have total visability of who is using the network.
Personally I’m prepared to take the risk in order to offer a ’service’ to people. Something which I think is for the greater good. Hopefully in the UK I am not too likely to be prosecuted for the use of my network by others if I have kept reasonable logs of traffic - to demonstrate it really is a ‘public access’ network.
It’s a very interesting discussion, as I personally provide a number of free public access hotspots in public places - and I also work for a company which provides pay WiFi as part of it’s product offering.
Comment by PhoneBoy
The timing of my post–I had done it a few days ago–was good, given that Bruce Schneier wrote something in Wired about this very topic:
http://www.wired.com/politics/security/commentary/securitymatters/2008/01/securitymatters_0110
If one of the most important minds in the security business is willing to go wide open, then it can’t be all that bad, can it?
Comment by Aswath
Granted that I do not have the credentials of Bruce Schneier or you for that matter. But it is reckless for him to suggest there are no problems in running an openwifi. He identifies the risk; his lawyers have advised against it. He lists potential disruptive events that can take place. Still he says that he will continue to do it because there are other coffee shops close by. Is this a responsible behavior from a security professional? If the driving instructor refuses to wear a seatbelt, is it smart to imitate that person?
By the way in Westchester County there is a law that severely restricts businesses running an open wifi.(http://arstechnica.com/news.ars/post/20060421-6647.html) In the final analysis each is to his own, but it is not prudent not withstanding ones expertise.
Comment by spg
perhaps there should be a standard network used by people who intentionally leave there network open. for example any time we run across an access point named ‘PUBLIC’ we would know that it was left oopen intentionally by the owner.
Comment by PhoneBoy
I think if you set it up right, it’s fine–legal issues aside. The only way I’d run an open access point is if I had nothing of value connected to it.