Summersault Blog

I did an interview this morning with Chris Nolte on 1490 WKBV AM about the “dangers of unsecured home wireless networks.” I thought I would post a few follow up notes about that issue here:

The general problem is that a lot of vendors that make home networking products want their items to be as easy to use “out of the box” as possible, and so they make the default mode of a wireless access point to be one where anyone can join the wireless network created by that device. For the average home user, this means that as soon as they plug in their wireless router to get their own laptop connected wirelessly, they’re also providing a free ride to anyone within a radius of that signal.

Why is this bad? A few possible scenarios:

• Your neighbors can use your Internet connection for free
• If someone else is using up the bandwidth you’ve been allocated, that’s less bandwidth available for your own usage
• Someone could use your network to send spam or otherwise launch attacks against other computers on the Internet - and it would appear to come from your house
• If your network is especially insecure, a malicious third party could listen in on your Internet activities and gain access to sensitive information, possibly leading to identity theft

The first one isn’t so awful, right? Well, ask your Internet service provider how they feel about it, if they’re giving access to three houses on your street for the price of one. Certainly, future ISP business models will have to deal with this phenomenon, and some have already started to be creative about it rather than fight it.

But the other possibilities are fairly serious concerns, especially if you’re looking at having your network used for malicious activity against you or others. So what can you do? A few suggestions:

• Make sure your wireless network cannot be accessed without knowing a secure password
• Turn off your device’s feature that tells it to “broadcast” the name of the wireless network (known as the SSID)
• Enable encryption so that communication between your own laptops and the wireless device is not easily readable
• Limit what computers are allowed to use the wireless device by maintaining an access list of MAC addresses

This goes for home users, but certainly any business or organization with a wireless access point should take measures to secure their networks too. It wasn’t too long ago that you could walk around the blocks near the Summersault office and get onto an internal network of an area bank without any problems - yikes!

There are, of course, some projects that are putting a positive spin on the possibilities of open wireless networks. For one, it can be a good way to share resources with your neighbors, if you do get permission from your ISP. The FON.com project provides a “bandwidth sharing” arrangement that takes this further, where if you open your network to anyone who is a FON member and needs it when in your area, you get access to other people’s networks when you travel. Pretty innovative stuff.

For more general information about this issue and things to be aware of, you can check out StopWirelessHackers.com. Don’t get too wrapped up in the hysteria that sometimes accompanies the matter when it’s presented in the media; for the average user, chances are that there’s not someone creeping around your house snooping in on your network. That said, taking some basic steps to secure your wireless connection is a really good idea.

This entry was posted on Friday, April 7th, 2006 at 7:38 am and is filed under Internet / Networking, Richmond Happenings. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.