Apologies for the cheesy Photoshopping, but hopefully this might alert you to a computer security issue that has the potential to either a) cost you money, b) cause your broadband to slow to a trickle, or even potentially c) have you under suspicion for criminal activity. Consider this a public service announcement.
Wi-Fi is the cheesy marketing name (IEEE 802.11, the name of the engineering standard, sounds much more serious, doesn’t it?) for the short-range wireless networking built in to most modern laptop computers. Most of the time, it’s used for an internet-connected base station to provide Internet access – the Internet equivalent of the cordless telephone. Base stations are ubiquitous in airports, universities, coffee lounges, and the like (if often outrageously expensive to use). And it’s becoming quite common in homes too; not only to connect laptop computers, but also to connect desktop computers or even printers without the hassle of running network cables.
The beauty of wifi is its ease of setup – you drag a wifi-equipped computer in range of a base station, and, generally, it just works. However, this very convenience poses a not insubstantial security risk in home or small business use. Big companies generally set up fairly elaborate security on top of wifi to ensure that only people they want use it (in the case of wifi in airports and Starbucks, that tends to be people who pay through the nose for it), but home users often leave their systems on “open access” to make setup easier and quicker. In any case, it’s only short-range – who’d bother to sneak into your garden to steal your internet? Unfortunately for you (in this case), if somebody uses something like this – a big directional antenna which boosts the signal strength hundreds of times, your signal is usable from far further away than would otherwise be the case.
Well, two friends of mine have separately reported it happening to them recently on their home networks. In both cases, they found out when they exceeded their bandwidth quota and their internet slowed to a crawl. But they got off reasonably lightly – there’s nothing stopping the bandwidth leeches using your network for rather unsavory activities – like sending comment spam to LP and getting your address banned, distributing warez, hacking other computers, or even, theoretically, distributing kiddie porn. Look, most of the time, they’ll probably just be swapping pirated movies, but, still, that’s your internet connection they’re doing it over, and copyright infringement is a crime and one that the American copyright cops have been chasing home internet users for. Furthermore, they can also listen to your internet traffic. Generally, any financially sensitive stuff is sent using an encrypted connection (when you visit online banking, you’ll notice that the web address has “https” instead of “http” in front of it. The “s” indicates a scrambled connection), but everything else, including which sites you visit, is visible to the leechers. Most probably have no interest in your own internet traffic, but nevertheless, they certainly can monitor everything.
So what should you do? Simple. Enable network security on your wireless router, and, if at all possible, ensure you use WPA or WPA2 (which are indeed secure) instead of WEP (which is like a padlock on a farm gate – an indication to keep out, but easily broken if anyone bothers to try). Setup depends on your model of wireless router, but it’s generally pretty easy. And if you don’t have any laptops with wireless networking but have a wireless router, turn off the wireless network entirely!
Robert,
No need to go for something as expensive as the antenna you linked to – although it would no doubt be better. My favourite is the Pringle can antenna.
Stealing bandwidth can be done cheaply.
Robert, are you a lawyer?
c) have you under suspicion for criminal activity.
While suspicion is free and easy for the cops, actually being legally liable for someone elses activities while leaching is in the opnions I’ve heard not the case.
And how can they listen to your internet traffic? I don’t believe this to be true for the averagely sophisticated leacher.
wilful,
I think he is saying that, for example, should someone download kiddie p()rn using your modem you will be a suspect in its downloading. The usual way of tracking these, once the server has been found, is to check the IP address of the people downloading the subject material. Your modem being used makes you a suspect.
To follow up Andrew’s point – eventually the police would be able to establish that your computer hadn’t been used for downloading this stuff, and there’d be no criminal case to answer. But that would likely only occur after a forensic examination of your computer, a rather unpleasant interrogation, and severe embarrassment to you and your family.
As for listening to your internet traffic, this does the basics, and it’s free. Casual leechers won’t bother, but it’s not difficult to so if somebody is that way inclined.
If someone does do something illegal with your equipment and you are inplicated it is colloquially known as “being Hanneefed”.
Can I give a different perspective.
There is a school of thought that suggests keeping your wireless router wide open on the grounds that if every man and his dog can go through your router then no-one can be blaimed for any of it. I’m wondering how long until that legal loophole gets closed.
The second point is that I have set my SSID to include my mobile number. If there was someone who wanted to leech a bit of bandwidth (assuming they don’t cause me to hit my download limit), what do I care. I’d like to see this sort of thing to be more common.
In your piece Robert you complained about the high prices of using access points at airports, etc. Put aside leechers causing you to exceed your bandwidth cap, that’s a fairly simple technical issue to solve. Similarly, traffic shaping and prioritisation can ensure that you always get preference over your leechers. What would happen if everybody made their access point available to some/all comers? It would drive the price of the expensive access points down. Just think about it, you’re away in a strange city, you find an access point and the person offers it to you to use. When that person is in your city, the favour is returned.
Of course, this maybe pinko commy, collectivist tendencies getting the better of me.
Fozzy: that’s fine – but my home wireless network is private. If I want to offer passers-by use of my internet bandwidth, I’ll do so without exposing my private network traffic to them. Furthermore, I’ll set it up so that they can’t push me over my bandwidth caps.
There’s a world of difference to taking advantage of somebody explicitly offering to make something available, and finding something unsecured and taking advantage of it.
I’ll leave my wireless network open. If someone wants to free-ride a little what do I care?
Because they’re not using it to check their Gmail account and do a little Facebooking. In both cases, they were creating gigabytes of traffic. That either means that they were a) swapping P2P files (most likely), or b) sending spam.
These people were not free-riding “a little”. They were systematically exploiting goodwill for dodgy purposes.
Pringle can antenna has been shown to not work (or so my physics supervisor told me)
Yeah. I foolishly left my wireless nw open. If someone had just used it to look at gmail etc I wouldn’t have care, or, probably even noticed. It was when they used my monthly bandwidth (12G) in 2 days that I noticed. Fortunately my traffic just gets shaped, but the leecher wasn’t to know that I don’t get billed for excess traffic.
I often drive past my local computer store at 1 am and theres a row of teenagers with their laptops sitting on the footpath leeching the computer store’s wireless to play World of Warcraft, heh.
“theres a row of teenagers with their laptops sitting on the footpath leeching the computer store’s wireless to play World of Warcraft, heh.”
These teenagers clearly need a talking to. “Leeching” anything at all is an official part of the Teenage Playbook, true, but playing ‘World of Warcraft’ when they could be doing something far more peculiar, antisocial and imaginative is clearly a violation of the rules. Flag on the play: fifteen yards penalty, and first down — grownups.