Yay, free wireless internet. Unencrypted logins, passwords and bank/credit card info magically delivered to my sniffer.

Or I could run a poisoned hotspot and redirect all banking info to a text document.

Really, when will people learn?

ts

Why should I pay my $60 a month and let a bunch of freeloaders use my bandwidth?

corrosive

So it's okay to not worry about an RIAA suit because the odds are small you'll be caught. Far enough, but just like when you've been caught speeding, accept the ticket with grace, knowing you chose to break the law.

I posted late the last time, and what I said was I know the young student who is sitting outside your house, using your bandwidth. He's up to no good.

karlawithak

"I spoke to several lawyers about this, and in their lawyerly way they outlined several other risks with leaving your network open."

He needs better lawyers. Even if just leaving it open isn't illegal (it is in some places) you are almost certainly on the hook for what people do on your router, even if you can prove it wasn't you (which you probably can't).

liku

I use my internet access to run my business, and after hours, I use it to run my life and for entertainment. It's a service that I require the full use of. And I know from past experience of running an open network that allowing others to share my bandwidth degrades the service I rely on.

There is an excellent argument for shared bandwidth as a public good, and if that's the case, then more people should support municipal wifi. When you expect altruism, some people will share but most people won't. This leads to an unreliable patchwork. If there's a case for open wifi as an emergency service or to benefit the community as a whole, then let's all pay for it together.

s5

Sheesh ... this blog needs an edit feature (or I need to read my posts before posting.)

I wrote:

"Many of them have been told to stay off the Internet, but if they connect to my WAN and surf, but if they continue their habits using my network, I'm the one who looks responsible."

I meant:

"Many of them have been told to stay off the Internet, but if they continue their habits using my network, I'm the one who looks responsible."

Lytspeed

I agree with Jimmer. I'm not too worried about file sharers usurping my network, but I am concerned about pedophiles. I work for a municipality, and I'm well aware of how many registered sex offenders are in my neighborhood (and most neighborhoods, frankly.) Many of them have been told to stay off the Internet, but if they connect to my WAN and surf, but if they continue their habits using my network, I'm the one who looks responsible.

The same goes for people searching for warez on less than reputable sites. The last thing I need is someone who doesn't know what he's doing getting a network-aware worm that infiltrates my home network.

If these dangers weren't there, I would be happy to share my Wi-Fi, and I have done so with neighbors that I trust. But as long as the possibility exists that I could get slammed for someone else's illegal activity (the serious stuff, not the DRM dodging), I'm keeping my WPA in place.

Lytspeed

Once they make the internet free then I will. But for now I will continue to hoard my bandwidth because I pay for it.

tybraun

Dozens and dozens and dozens of (rather stupid) people download child porn or engage in chat with minors intending to have sex with them. Some are your neighbors. Triple the risk if you live in an apartment. How do the police find them? They subpoena the IP address subscriber info - in this case, your router's IP address. So, don't worry about having to answer the door when the police are there. When they have a search warrant to copy your hard drive, they usually don't knock for very long.

Jimmer

I think the proper solution TS is not at the level of the transport, but at the application. HTTPS should (and, frequently) used to secure banking. Credit card info should never be sent over the clear.

Wired internet is only marginally safer. I saw somebody doing an arp poising attack on my old ISP; thats just as threatening as anything you could do over wifi.

I run an open access point. Come, use my internet.

Madd_Matt

Sharing your wifi with others is find and dandy. But it's foolish to do it blindly. As other commenters have indicated, you can be accused of downloading some questionable content. And from what we've seen in the RIAA cases, the "I have an open network, it wasn't me." defense doesn't work too well in court.

I agree with HZHOU. Someone out there needs to create a tutorial on how to allocate and isolate your wifi for public usage. Along with bandwidth throttling, content/site filtering, and short IP leases.

greenbot

@B@tM@n:

Actually, there's a good analogy with the car. Leaving your network open is akin to leaving the keys in the ignition with the doors unlocked.

If you did so... you could be considered an accessory to any major felonies committed with your car. You could even be charged as an accessory with the theft itself!

- Any damages to property that is caused by the vehicle will probably end up on your insurance, or on you.
- Any damages to the vehicle, if it is recovered at all, are strictly your responsibility.
- If the person who stole your car is injured as a result of any failure of any part of the car... you will be at fault. Insurance MIGHT cover it, or it might be a negligence case (if you were aware of the problem and had not bothered to fix).

All of this is extremely unlikely. Most of the time, a judge would simply consider you to be a victim. However, these things ARE possible... and it's quite possible that an insurance company might push for charges against you.

Let's say you have the best case scenario where no damage is done and you are not found responsible for any crime. You'd be lucky if any insurance company ever takes you in again after they find out that you didn't take the very basic steps to protect the vehicle. Your rates will be sky-high forever if they do.

The most important thing to remember here is:
Failure to prevent crime... IS A CRIME!

guardianfox

I've run an open WiFi router for years. I finally stopped because I got an email from the security unit at my ISP indicating that there was spam email coming from my connection, and unless I literally wiped out my hard drives I'd be disconnected. Seriously.

I called the phone number to find out if the email was legit, and it was. I explained to the security guy that this spam email thing seemed very unlikely, as I had only Macintosh computers in my apartment, which weren't susceptible to such hijacking. He agreed. But then he dropped the bomb: did I have a WiFi router? Was it passworded?

Doh! Yes I did and no it wasn't. I knew at that moment exactly what was going on. One of my neighbors was using my WiFi and was infected with god-knows-what.

To prevent my connection from being shut down I restricted my WiFi by MAC address. Problem solved.

Scott D. Feldstein

I would have to agree with this post:

[securosis.com]

dakrone

The argument that one should protect his/her bandwidth since he/she paid dearly for it sounds funny. How much bandwidth do an average household really use? Imagine someone stretches out his arms tring holding air in his house and saying "it's mine!"

Security is a concern and one really shouldn't open his network unless he knows how to administer his network.

Most of us need tutorials on how to share one's bandwidth securely.

hzhou

To Liku- if someone steals my car and commits a crime- am I responsible? Nope. I would rather preserve my privacy by bringing a crowd to my net connection than be in a glass jar for everyone to see.

As far as my wifi networks- I use a hybrid approach and still maintain the cloak of plausible deniability. I freely distribute my network password to friends and neighbors.

As a consultant, I even encourage community based wifi projects. I've even got some home owner associations keep the same keys and only use WEP encryption.

1. It's cheap for everyone

2. It actually protects privacy from prying eyes.

I don't trust my ISP or any other business or online entity to have my best interest at heart.-Surprise-they don't care.

3. The threat of legal battles is ridiculous-the more of these cases that come to court- the more they will be thrown out.

QUESTION-how many of those who don't pirate media- pirate wifi? you're still a pirate. Want to know why it feels right? Because it is. Society and the law will never catch up. As Shakespeare put it "This above all, -to thine own self be true"

Live long and Linux!:P

B@tM@n

Actually I use a two tier system to share and have my privacy. I got some fon routers for free on Fon's Birthday so I have my linksys router with DD-WRT installed. In one of the ports I have a fon router. most of you probably think that's stupid. But I already had it configured (the linksys) so I didn't want to mess with anything else plus it allows me to monitor and control the Fon router and bandwidth much better.

liquidglass

@ts: learn... to use SSL?

What good does a sniffer do if folks are smart enough to encrypt their traffic? Unless they're also dumb enough to ignore warnings of a MITM attack, this risk is overblown.

Charles Duffy

I very much like the theory of Fon and would be very happy if I could convince myself that it would be a good idea to use it. In the US free official WiFi spots are kinda common (at least in the cities), but here in the Netherlands they are so few that its negligible. Using the unofficial WiFi spots (read: people who forgot to protect their WiFI so that they unknowingly end up as free WiFi spot provider) has some shaky moral ethics and is also becoming more and more scarce now luckily most clueless users have somebody telling them to secure their network and helping them to do so (not one open WiFi left in my street at least, used to be dozens only a year ago).

BUT

Unless I can be guaranteed that I am not to be held responsible for what people do using my internet connection, I will certainly not use Fon.

I am not even concerned by filesharing (as getting prosecuted here in the Netherlands is even more unlikely as in the US as downloading is legal and active prosecution of uploading is completely lacking), but much more so of indeed illegal hardcore pr0n, pedophelia, criminal activities and terrorist communications.
In Europe now, over all the anti-terrorrist paranoia caused by the fact that alas most politicians in power here actually believe the GWBush scare stories, full logging of all internetactivities is needed for ISPs and anyone acting as an ISP. This is the only thing that gets you out of a lot of trouble if your IP ends up in a supposedly terrorist communication that our great secret service thinks to recognise.
Ok, even without that you might be getting of the hook after a full criminal court case, but your life is ruined for at least several years meanwhile.

OK, chances might be very very low. But why run any risk for that amount of trouble if you can avoid it?

Besides: I also think there are too many freeriders in the world for Fon ever having a real chance. See only the upload/download ratios of just about any P2P system or the real reason why the in theory great system of communism (not the way the Soviets implemented it, but the way Marx intended it) will never work.

xahmol

I, like some others, use La Fonnera to provide people with cheap (and 15 mins free) access to my internet.

That way, people do get wireless access if they do not have it, but they must pay a bit, so they aren't likely to take the piss....

prupert

If I lived in an area where it was even possible to see my neighbors wi-fi then I wouldn't mind running unsecured wi-fi for people.

Woodsyx

"If you're a file sharer, you know that the likelihood of you being caught is very similar to that of being hit by an asteroid."

I would say that there's 26,000 people that think we should be spending a lot more money than we are on planetary defence...

goodevans

It's profitable to theorize about all the terrible privacy violations that open wifi can trigger, but it would help prove your point if you link to an actual account of the FBI beating in someone's door because of their open internet.

Perhaps it would be beneficial if LH ran an article on different softwares that allowed us to pin point which connections are abusing our shared internet.

TunaFish

Great idea LH!
Whilst the idea of a free WiFi for all, is good in theory, i suppose the idea of someome leeching your connection for whatever reason, music, film and what not, or something more sinister leaves you open to suggestions of misdeamours for which you're liable for, the excuse " I believe internet should be available for all! "wouldn't stand up in court against child porn allegations or pirate warez against you for not securing your router. It's a very real threat.

BryanC

@rogerkaplan: Paranoid or not, of each of above examples (apart from the file downloading one) court cases have actually occurred in the Netherlands the past year.

There were two or three cases were persons were charged for spreading paedophilia which he claimed he never had but was caused by his open WiFi network.
One of them was a District Attorney which claimed criminals framed him. OK, he did win the court case in the end, but he also did loose his job and had to move because the neighbourhood threats.
Another case was a teacher, same story, won the court case, but lost his job and had to move.

Yes, one court case on 17 million citizens is a small chance. But I gladly do not want to run any chance I can avoid without giving anything up I really miss to be that one.

xahmol

Mine is locked because no one is helping me with my internet bills. Pay and it's open for you. =]

wwilsonxp

Jeez, people are paranoid. Live in the moment. A pedophile will not use your network connection. Really. The FBI is not monitoring you and will not break down your door. Really. If you see something on the 11PM news, it's enough of a singular event that it won't happen to you. Really.

I lock my network because I don't have the expertise to harden my computers or the time to keep all patches timely, and it's a lot easier to depend on a single router firewall. But guess what, I use WEP, because some of the older music players don't support WPA. And I live in NYC - I can see a dozen neighbors' networks from my laptop, and yes, most of them are open. I'll bet the router password hasn't been changed either...

rogerkaplan

I think this:

In my house, i use a network wi-fi closed.
But, me and my neighbors, built together in building an open network. It was a great idea and we have no problem today.

lupatini

@goodevans: So ROFL. But yes, that is a way of saying what I wanted to say in a much shorter form.

xahmol

I would actually like to secure my wireless network, but my FIL gave me the Netgear router and has no documentation whatsoever on how to do it, what the keys are or anything. So my neighbors get free internet.

LubsyB

This guys is an idiot.

Hell, leave your keys in the car. Then if somebody robs a store and leaves your car back at your house, you can tell the cops "I dont know, the keys were in it".

Its like having to have a fence around your swimming pool. The temptation is there, and if you're not properly protected, you're liable.

I guess this is good news for me, proving that anyone can be a "security expert".

holymogwai

I used to leave mine open all the time for my neighbors to use, but then someone started sucking up all my bandwidth, and so I locked it down for a few weeks. Then, cautiously, I opened it up again. I mean, when I'm out and about I leech off others, it's only fair to give back when I can.

My question is, if you leave yours open all the time, and then for some reason the authorities trace illegal activity to your IP address, isn't the burden of proof on them? If you leave it wide open, there is no way they can prove its you.

But I have to strongly agree with RogerKaplan (above). You hear about this stuff in the news, but it happens to one or two people out of MILLIONS. The media blows these fears completely out of proportion. Yes, it could happen to you, but in reality you are just as likely to win a million dollars at the lotto. How many times have you had that come to pass?

GroovyMojo

I do it for security mainly....and well, I don't want to be affected by other neighbors jumping on my wireless and making it slow.

@TS: "Yay, free wireless internet. Unencrypted logins, passwords and bank/credit card info magically delivered to my sniffer."

Technically, isn't everything that is not being sent over an HTTPS (SSL) site "unsecure"?

Which is why I only use secure gmail, secure baking, etc...

I'd say, when the Internet sites move towards using SSL/HTTPS, or atleast for "logins" - I would consider making my access point open/unsecure.

Im no developer or webmaster, so I don't know what the big deal of just not making a site using HTTPS instead of http....

ahoier

I had someone steeling my internet once. I looked out the window and there was this kid in his car, jamming with his laptop and IPod, happily downloading and slowing my connection to a crawl. I tapped on his window without letting him know I was approaching and told him that the police are on their way. He freaked and left. I went inside and encrypted my network and haven't let it open since. That's my story. If you are running at multi megabits then it would be no problem, chances are your neighbors have the same speed. I am not even close so, for me, it is an issue. I don't want people taking the pathetic 600kbs my ISP gives me.

qpease

Perhaps LH should write an article on all the great information we can get from someone's open access wifi network. From packet,password, and e-mail sniffing, port scanning and hacking into their system.

It's not so much about sharing free internet when you know all your private info is accessible by anyone with a knowhow.

Ken

My WPA password if posted on my fridge, anyone who can get into my house can use my network.

I would open wireless if...

1) I could have the open on a different internet facing IP. I need a way to distinguish it from my own traffic.

2) It was 100% locked out of my home network.

3) I could limit it to unused bandwidth

I have used open AP's in the past, but all my sensitive data goes over SSL ( mail, banking ) and I have a ssh socks proxy setup when I want to do something unencrypted ( really rare these days ).

Honestly I'm surprised as all hell that the open AP problem has not been exploited by more people. When you control the network you can do almost anything to a computer with little effort. You can inject JS into webpages, you can inject malware into downloads, you can strip https redirects from banking sites in order to do MitM attacks, grab cookies, ..... and so much more. People blindly connect and use the network without much though to the consequences. It would probably take a few days to implement a malware AP and in a popular area you could infect hundreds or thousands of systems a day.

snowmoon

Leave your connection open if you enjoy a neighbor downloading kiddie porn and the cops knocking on your door since it is your IP address.

You are going to be held responsible (legally or socially) when something like that happens. Imagine the cops dragging you out of your house in handcuffs with a search warrant and your computer equipment telling your wife/children you are a kiddy diddler, with your kids being taken away by social services and all because of the accusation.

But hey, fight the man! Free is good!

Daniel-Bham

I happily keep my network open.

my SSID is "Connect and get Hacked"...I just think its humorous.

I would be flabbergasted if any of my neighbors learned how to packet sniff....it takes them 2 weeks to reset their wireless router when it goes down. I enjoy checking to see who's been on once in a while, and personally I think its more funny when they risk their personal data on my network.

slingshotmike

We've probably already had more than enough feedback on this but i agree wih sharing my connection. if my computers not secure it's probably little consolation that i have encryption turned on. And with so many anonymous hotspots everywhere, why would you want to sit on my street? Normal monitoring would tell you if there's a problem and using a proxy like squid might be a good idea. I think the idea is not that people use your connection as their primary provider but that you provide workaround when they're in a bind. Courtesy.... I know that's a foreign idea to many people. I personally leave mine open as I live in a very rural area -someone looking for a connection on my road is truly in a bind. I guess the whole idea is rather naive and the only ones who support this way of thinking are the idealistic open source hippies -i think I'd rather be called that than a cynical closed source miser

ububbatu

For those who are complaining about Wifi packet sniffing, consider running two routers. The main one, which runs your protected Wifi, and the 2nd, that runs open Wifi.

dale3h

this makes me sick to my stomach. Open WiFi is stupid for a home network. Sharing your internet connection is NOT like giving to charity. Sometimes you have to do whats best for yourself. Sure the chances of the RIAA knocking on your door or having a pedophile use your connection is low, but why would you want to risk this? He even states in the article that lawyers recommend that you plea bargain. Do you know what you life would be like if people find out that you had child porn downloaded from you internet connection. You will NEVER be able to convince people it wasnt you who did it. Why risk it? Secure you damn network! He said that its to big of a hassle to secure a network. Why is this?? You just turn WPA-PSK on and use a long password from [www.grc.com]

I consider myself a computer geek, and this is the first time I heard of this guy. He is a disgrace to the security community. What a dope.

monkeyboy

I use when I find and let other use mine.
Are we a community or a group of selfish strangers...

kbulfin

@pwni: If you have it filtered, then its not really "Open".

holymogwai

Shame on LifeHacker and Bruce Schneier for the advice provided. Why? There is pending legislation, The SAFE Act, that will criminalize the provider of transport unless they can point out the issuer of the porn. Hard to do on a open wifi node.

My whole sordid response is located here -- [thirdpipe.com]

You want to provide a connection go with Fon or Meriket. At least they maybe willing to defend you to protect their interests. But standing alone and get implicated may mean civil forfeiture of everything you own.

JohnMc

@GoingLikeSixty: Would not say that to hard. Before I moved in with my girlfriend she had a 80 kilobit/sec connection (believe me, they still exist). When I checked her router I found out that not only it was unprotected, but also that 5 (!) people were active outside her own PC on that connection.
My girlfriend never noticed, guess for just e-mailing and some surfing that she did even the good old 14k4 is working.
But was surprised that so many people took the effort to steal that slow a connection.

xahmol

"all are welcome, all are welcome..." I don't have any security on my router because Netgear said it wasn't needed. My signal is so crappy, nobody would want to be on my network (Thanks Insightbb.com.) When I lose my connection every evening about 9, I log on to my neighbor's network and finish what I'm doing.

It's like a time-clock telling me to quit surfing.
The larger the population the stronger the paranoia.

I guess all the "it's mine, I paid for it," advocate metered broaband?

GoingLikeSixty

Interesting discussion :)

I have my wi-fi configured to the MAC addresses of my PCs but otherwise its open (best speed). I can see from the logs that once in a while someone (or their OS) try to connect and gets rejected and I would not mind them using a bit of bandwidth for a limited lease period but its just too much hassle to administer.

I also think that some of the concerns stated above with regards to completely opening up are quite valid.

On another note there is always the risk someone gets access anyways when using wifi, regardless of what security level you have because nothing is unhackable - it is more a question of making it a bit more difficult (i.e. not worth the effort) and just basic WEP/WPA definately goes a very long way in keeping the amateurs out. I suppose you can use the asteroid analogy here as well, in terms of how often a real hacker will go to work on your wi-fi network.

pwni

@TunaFish: "softwares" isn't a word.

Running an open wifi connection most likely violates the terms of service you agreed to when you signed up for your broadband. If you want unrestricted internet, get a T1 from the phone company. Consumer broadband is heavily discounted, and is heavily restricted.

swalve

15,000,000 music downloaders / 26,000 lawsuits = 1 in 577 downloaders sued

If "the likelihood of you being caught is very similar to that of being hit by an asteroid," should we be buying helmets? One in 577 almost makes it seem likely.

Beki

@rogerkaplan: Oh, and how many people would willingly stick a needle infected with a fatal disease in their veins, even when they are told that the chance of getting the disease is 1 in 17 million and by doing it the one who asks will donate US$ 1 million to charity?

No one, for the same reason, why run the risk if doing so has no benefit for you directly.

xahmol

He sees no good reason not to let others leech his wireless access point? Good for him. I see four reasons.

1. Slows down my connection. Sharing with strangers costs me the extra time it takes to download data. Why should I suffer for them?

2. I have network attached storage. I access it over the web via a secure connection. It makes sense that my home connection would also be secure.

3. Others could do illegal stuff over my WAP, as covered in detail by others. Doesn't matter that I'm not liable, it's still contributing to crime via inaction.

4. I don't trust unsecured connections. For all I know an open hotspot is open because the owner doesn't know anything about security, or he's baiting people to use his hotspot so he can pilfer their data. I wouldn't trust my data over that connection, so I wouldn't expect others to trust mine if it was open.

sumocat

@rogerkaplan: It does influence my action when there is really no inconvenience for me to do so.

To explain: of course I know that just driving a car as way more likely to severely hurt me than having an open WiFi connection. But I also know that giving in to that risk is severely hurting my freedom to go from A to B.

On the other hand: not opening up my WiFi is to no detriment at all for me, I am not the one to benefit from my open WiFi connection.
I might be the one to benefit from someone else opening up their WiFi connection, but here you come to the freerider dilemma again.

By the way: people buy lottery tickets on even smaller chances than 1 in 17 million.

xahmol

The problem with internet sharing is that the number of people who leech always far exceeds the number that host. So the few, generous people get overtaken by the greedy horde. There is no advantage to having an open network. It only invites lower-level hackers to use your router for practice.

quagmire0

@xahmol: So, a risk recorded as 1 in 17 million influences your actions? I suggest you don't look over the court dockets for "unfair" cases which ruined the jobs/lives/sanity of the accused. People have lost big chunks of their lives for being unfairly convicted. Know how I know this? This is fodder for 20/20 and Dateline. So I know that, statistically, the chances of it happening to me are infinitesimal.

rogerkaplan

@corrosive: I think the argument is that you'd be helping anonymity online. This whole "one IP address per person" thing feels a bit grimey to some people (myself included) and it would be nice to remove the assumption of being able to immediately correlate online activity with a real-world person.

That said, I would only run a hotspot using dd-wrt firmware that allows me to throttle their bandwidth.

ronocdh

Can't you google the model number and figure out how to reset it to the factory defaults?

holymogwai

If you are going to run a public WIFI hotspot, do it right.

Info can be found here:
[www.seattlewireless.net]
[wiki.personaltelco.net]
[www.nycwireless.net]

Set up a proper eula page on your node ... one denying permission to use your node for unlawful activities.

Then have port 25 blocked to prevent spammers from spewing with your hotspot ( people will just have to use webmail ), and ports 135, 137, 138, 139, and 445 blocked to prevent other windows vulnerabilities from being exploited through your hotspot.

kbarrett

I believe that allowing others onto your network is in violation of Comcast's TOS. At a minimum they can shut down your access if they don't like you. So, that is a risk worth considering when you decide to open up. Although, in fairness, unless your neighbors are bandwidth hogs, Comcast will probably not notice.

I can't speak to other service providers, but would imagine it is the same.

WillScarlett

For those who think filtered MAC addresses is all you need to be "secure", you are wrong. That and some other Myths are below.

[blogs.zdnet.com]

monkeyboy

mines open =]
If somebody in my street cant afford their own internet i see no problem with letting them use mine.

I know most of the people in my street and highly doubt any of them are paedophiles. Being as I've lived near them since when i was really young an they never tried anything! lol

I've considered locking up my bandwidth, but i really dont mind having a 5Kbps slower connection so that somebody else can enjoy the internet =]

Plus my internet is basically free, so meh, i cant complain!

possumboy

It's all well and good for Schneier to discount the legal and financial risks of sharing a personal wifi account, considering he has the financial means and technical know-how to defend himself against any accusations. Many of us are not so priviledged.

I secure my Wifi networks, and I do not use someone else's unsecured Wifi unless I'm given permission. If someone leaves their front door unlocked, can I walk in and get a cola when they're not home, without asking first? Of course not.

muddgirl

Am I the only one who thinks it sucks that one could be implicated for illegal activity based only on an IP address, even if one runs an open hotspot? We used to have a principle in this country called "Innocent until proven guilty..." Land of the Free, indeed.

That said, I have no desire to become a test case. I'll keep my wifi locked.

HeartBurnKid

This is some of the worst "security" advice I've ever heard.

"I risk all sorts of bad things happening to me, from seeing my IP address blacklisted to having the police crash through my door.

While this is technically true, I don't think it's much of a risk. I can count five open wireless networks in coffee shops within a mile of my house, and any potential spammer is far more likely to sit in a warm room with a cup of coffee and a scone than in a cold car outside my house."

Every one of his excuses can be summed up with "It won't happen to me" or "Well look at this other security risk that's even scarier! This isn't so bad!"

Businesses don't have to worry about this liability stuff in the same way that we do because they're, well, businesses. They tend to have lawyers and contingency plans, disclaimers that you must agree to ________ to access their network and that they aren't responsible for what you do with it, they go to great lengths to protect themselves legally.

I can't even imagine the complete and utter destruction this would wreak on your life if you were even so much as accused of being involved with kiddie shit or whatever from someone else accessing your network. I know that it's "innocent until proven guilty" in the courts, but that's rarely the way it works with your neighbors and the public eye.

FullFlava

I'm all for free internet access, and darned thankful when I can find an open network. That said, I'm just not tech savvy enough to feel comfortable leaving my network open. Sure, I could spend a bunch of time learning everything there is to know about security and making sure my tax returns and Air Supply playlists are safe, but I also need to do things like earn money to pay the bills. It's just not that high on my priority list.

PerpetualCarouse

I share my wifi with QOS set up so that I have #1 priority so I don't notice the other traffic. The easiest way to do it safely is by using a second router for your open access point. Not only does this make it easy for you to change your settings on each system without affecting the other, it also prevents ARP cache poisoning. As far as security for them, that is their responsibility.

Will

I filter by MAC for a reason. I'm not worried about being sued or taken to court, as I realize that it's highly unlikely. However, my ISP has a three-strikes policy for DMCA complaints. After the third complaint, they cut off your internet for good.

I absolutely cannot risk that (I already have one complaint from my naive days of Bittorrenting sans PeerGuardian.)

booticon

To all you complete losers who think the "I have to pay for it" argument is weak, I'm sure the access point's owner will be glad to split the bandwidth with you if you'll pick up his or her entire monthly ISP/provider bill.
When we start paying for air, you can bet we'll have closed-system housing.
I don't wear all my pants on any given day, but I sure don't want others wearing them when I'm not in them. Ditto spare rooms, empty seats on my furniture, etc.
If you're going to steal (and it is stealing) access, steal it from the municipality, which is funded more by your tax dollars and less by your neighbor's sweat.
That's what I did to make this post.

OnetimeBlueboy

Crap, please excuse the typos, im slightly tired.

SonicJ

@Jimmer: At work, was recently going through injury/comp claims. A worker of ours (I work for the Fed Gov), was at a hotel in DC. Some Fed Marshalls came, knocked in his door and he got hit with flying shards of it. They were looking for a child molester, and had the wrong room number. But, as to your point, contact with Federal authorities, regardless of whether you're the one they're looking for, is rarely pleasant. Save for me, of course.

PotKettleBlack

I don't understand...why is there this ever increasing encouragement to share your wi-fi with random people? I don't like the idea of sharing my internet with anyone outside of my household. Many people argue that surfing the net takes little bandwith, but how are we to know what the person(s) are doing while connected to your router? They could be streaming youtube videos(Bad) , stage 6 videos (worse, better quality) , plaing online games such as FPSs,MMOS, ect. They could even do some illgial activity, and it go's without saying, you are going to be responsible for it. By the way, it costs money to use broadband, so with that money I pay to embarq, I would like my halo and soldier front sessions to be lag free. (For the sake of agreeing with peopel that make sence here,)Security expert my ass.
The people the seem to have their heads on
straight-------->@Troy.F,UNSTATUSTHEQUO

SonicJ

An open system is easier to manage. If friends/colleagues pop over and they need access I don't have to do anything (isn't this shit supposed to be easy and "just work?). But I'm the paranoid type- so it's SSH, VPN, and https for anything that really matters. Didn't think I'd see so many panties get twisted on this topic...

nat lyon

I like the notion of internet access being a part of "hospitality." You're right - I would always offer my neighbor a glass of water.

But that doesn't mean I'm OK with my neighbor watering his lawn from my outdoor spigot without at least asking me first!

Troy F.

"Security Expert?"

Yeah, whatever. I raise the bullshit flag. I guess common sense goes out the window in order to sound fancy.

I'm an attorney, and I would agree with the assessment that the others apparently gave to him in the article.

I just see no benefit whatsoever to this. Must have been a slow news day at Wired, so maybe he figured the contrarian theory would be fun. I would only like this article if it were April Fools day.

UnStatusTheQuo

Now that we know from the posters above that all the bad guys use unlocked wifi APs to access the internet, I expect all the coffee shops and airports lobbies will eliminate free wifi due to the liability. Or do you think they've thought about it?

aeronaut

@JohnMc: Am I just misreading this excerpt of legislation? It doesn't criminalize people who share wifi, it says you have to report it if you become aware of illegal activities.

Basically, if you offer wifi in a coffee house and see someone performing "certain illegal activities or [viewing/downloading] an illegal image", you're obligated to report it.

If that's the excerpt that's being cited in the article, I assume it's the one being used to make the point that it criminalizes ISPs, which it doesn't - unless they become aware of and fail to report illegal activities - which is required by law already.

callit

I do this but I also run a PF OpenBSD firewall. I limit the total bandwidth of all connections (except for my known MAC addresses) to 20K/sec down and 5K/sec up. This way if some dude wants to check his email it's cool but my neighbors can suck up all my bandwidth with bittorrent they are SOL. I also use the PeerGuardian ip list loaded directly into my firewall to limit potential harassment.

Rickasaurus

Interesting idea Dale3H. I happen to have a spare WiFi router (and the urge to share), but I lack the technical know-how. Any pointers?

Lars H

@LIKU:
I don't know about other parts of the world, but in the U.S. it's supposed to be innocent until proven guilty. I don't have to proove I didn't break the law, prosecutors or complaintants have to proove I did break the law.

@GUARDIANFOX:
If you own a car, you are expected to know that you shouldn't leave the keys in the ignition. Not everyone is so security savvy with computing devices though, in spite of the fact that it might seem simple to many of us.

@HOLYMOGWAI:
Children don't die when they stumble into an open wifi zone. They can if they stumble into a backyard with an in-ground pool.

I think the issue of liability of those leaving their networks open is something that needs to be considered more deeply, and not simply analogized to a physical situation which arguably has much deeper impact. These are the same types of analogies lawyers would use to try to prove you're liable - bad ones.

Of course it's possible to keep a tight watch over your network, keep the highest security settings, review logs, and even watch raw packet data to be aware of what's going on within your network - but it's not plausible. So where do we draw the lines of what level of security is required? WEP can be broken in a number of minutes. Simple MAC filtering can be broken in seconds. Is this secure? If a hacker breaks into my network, am I responsible? What if I just set the SSID to "Don't use this network"?

callit

I keep an open wireless network. But I live in the country and anyone who gets close enough to use it will get eaten by my dogs.

BlueTuesday

"The RIAA has conducted about 26,000 lawsuits, and there are more than 15 million music downloaders. Mark Mulligan of Jupiter Research said it best: "If you're a file sharer, you know that the likelihood of you being caught is very similar to that of being hit by an asteroid.""

This comment is full of stupid. If the odds of getting hit by an asteroid are 26,000 out of 15,000,000 that means 11,440,000 of the 6.6 billion people on earth will be or have been hit by an asteroid. I'd say the odds of getting caught file sharing is much higher.

Mordakk

TUNAFISH: Ok here is a link to a guy who had his door kicked in by the FBI because of his open WiFi. Literally found it after on the first google search of "open wifi search warrant"

[www.news.com]

Mordakk

There is also another reason why not to share your wifi connection... more and more ISPs are starting to limit "simultaneous connections" per user, for example, 50 to 100 simultaneous connections max.. so it is not only a bandwidth issue anymore. If your neighboor starts a p2p app (or Skype) your idle connections may drop, i.e. your MSN, VNC, etc..

rniella

I run a free wireless connection, and I'm right by an apartment block. What I have is a sign posted in my front window with the password, as well as a redirect telling you to come get that password if you just randomly stumble across the connection. If I get sued, then so be it, but at least the sign will make it look a little better in my favor when I go to court!

unbwogable

@XAHMOL - if you look at fon.com you will see that the Netherlands has excellent uptake of FON. Here in the UK BT and FON have teamed up to provide an officially supported service (I used to worry that Fon users may cause me to hit my bandwidth limit and I'd be penalised, but the BT scenario seems to avoid this)

And from a security perspective: I run an open FON network, a secured WLAN also from the FON router, a gaming WLAN (the kids' Nintendo DS's don't like WPA2 so this is a lower security WLAN) and a corporate WLAN so I can connect to work. All are separated and logged so I can easily show what is my traffic and what isn't.

Very simple.

frog51

I use a modified version of vyatta linux firewall that I
-Block all P2P programs
-uses a black list to block porn/other unwanted sites sites
-IP logs every thing along with the web site visited
-limits traffic to 10 KB/s

with no cat landing page that limits log on time to 30 minutes and warns every one what I am doing. People still use my free wifi to browse the web with out a problem.

I of course use a separate connection for myself that is encrypted with WAP2.

I think Im covered from most illegal activity.

kid99

I'm alarmed by the statement by Mark Mulligan of Jupiter Research, because following his data, your chance of being sued by the RIAA is actually about one in 577 - slightly more than being hit by an asteroid. (Of course, the lawsuits are distributed over a four year period, so the chances are much smaller for any single act of theft.)

Could this possibly be true? I've made only small effort to check his numbers ([sharenomore.blogspot.com]), but do the math yourself.

universzero

I'm not really concerned so much about protecting my bandwidth, but I do wish to protect myself when conducting business on line.

Interesting Article to say the least, first time I posted here, but I've always enjoyed the site.

carydarling

You beat me to it Liquid, I use the same system. The future of wireless is free and universal, I see my offering free wifi as evolutionary pressure on technology.

BFree

What SS talks about is called the "free-rider" effect of free good.

I'm all for opening up my Wi-Fi connection to people who want to use it, but I won't - and it has nothing to do with what I pay my cable company to use their network. What it does have to do with is my responsibility for traffic outbound from my router.

Because I live in a high-traffic area, I'm certain that I get a fair number of wardrivers coming through.

No thanks...

sbossinger

@monkeyboy: What a condescending article.

I understand in metropolitan areas that MAC filtering is useless, however if you knew where I live you wouldn't be too worried either.

Even then, MAC spoofing is kind of a pain in the ass. You have to packetsniff then change your MAC. Even in this day and age most people don't do anything to encrypt their wireless network, so why bother with all that stuff when you can just drive down a little further and get a completely open access point?

booticon

Like many Americans, I have often downloaded music and movies illegally. I do this because I hate the commie movie and music industry, and because I hate spending money.

I thought that I was safe from the RIAA because of the fact that finding me was like finding a needle in a haystack, until I read this:

The RIAA has conducted about 26,000 lawsuits, and there are more than 15 million music downloaders. Mark Mulligan of Jupiter Research said it best: "If you're a file sharer, you know that the likelihood of you being caught is very similar to that of being hit by an asteroid."

Now I'm starting to worry. As you may well know, my biggest fear in life is getting hit by a meteorite. I thought it was a good fear to have, because it was so unlikely. But when I read this, I realized that if I download music often, and my chances of getting caught by the RIAA are similar to that of being hit by a meteorite, then that effectively doubles my chances of getting hit by a meteorite. Because good luck in one place transfers to bad luck in another..

Mark Mulligan, you bastard! Why must you torment me? And is it any coincidence that the man who works at Jupiter Research would use a comparison that contained another astronomical object?

So now, I realize that it is my duty as an American to continue downloading music illegally, even if I'm putting myself in great risk of being hit by a meteorite. Just as our forefathers put their lives at risk for the greater good, I must persevere, knowing that my patriotism will someday be remembered by the good lady America herself.

j0j0b33n

@andykay: There's a difference between driving a car (using gas, putting miles on, possibly getting into an accident), using a pool (dirtying things up, requires hopping over a fence onto private property, I'm liable if you drown), and using wifi.

That said, you can steal my cable connection all you want and I really don't give a crap. No skin off my nose.

HeartBurnKid

Please! Open up your wi-fi to me so I can have the internet for nothing. While you're at it, please leave your keys in the car so I can use that, let me hook into your cable connection so I can get that for free and let me swim in your pool whenever I feel like it. Same theory, no?

andykay

Yeah if you are going to Australia or if you are looking for a free wifi hotspot in an Australian city, there is a google map linked in here ([mye65.blogspot.com]) which you can use to locate a hotspot near you. People should post other locations if they know of any. All decent restauranteurs should consider providing free wifi.

myturnnow

Open wireless access points! What a great way to make someone's life a living hell! Make threatening emails, down load child porn, suck up bandwidth, and all from someone else's router and ISP. Yeah, you might eventually be proven innocent, and I'm sure your employer is going to understand that time off you need to take to defend yourself, and that legal aid lawyer will put up great defense after you burn up your savings in legal defense.

shroutosaur

I agree with batman - no reason too be so scared of everything. You might get killed in a car crash, does that mean you never leave home? No, because you have to take _small_ risks in life, not aonly to enjoy yourself but to help others as well.

I call my SSID "for acces call xxxx", so if anyoe wish to use my wi-fi, they can, I just want to hear who they are first. I'd actually rather run an open accespoint, but I'm really not good enough at network admin to do that. I need a guide about how to do it in the most secure way.

EmilBB

I would want to be able to limit services available by MAC and protocol (MAC authenticates, e.g. BitTorrent access granted; MAC doesn't authenticate, everything but web, SSH, AIM, &c. disabled), simply for QoS reasons: if I have a mission-critical application running in a VPN across the network and someone's pounding the bandwidth with a Bon Jovi anthology, it could turn into a Bad Thing (TM).

I run an open access point using an Atheros-based PCI card in my Linux desktop to bridge to the Ethernet internal network. This kind of access restriction takes some clever iptables/dhcp tweaking, but an amusing example can be found here:
[www.ex-parrot.com]

I'm not sure if a Linux-enabled Linksys router could do the same, but if your desire to be a good bandwidth Samaritan conflicts with a limited budget (&c.), that's at least an option.

tek1024

Exactly the reason I have my access point open. If the RIAA every comes knocking I can just wipe my hard drive and say it must be some kids wardriving.

NateNateNate

Wow, just the comments going back and forth would make an interesting story. I see two camps here:

One camp is optimistic and thinks most people are good, and sharing is a natural thing to do.

The other camp assumes that the world is infested with child porn sickos and don't want to share with slacking freeloading Spammers.

All I have to say is that if you're one of the 76% listed who have no problem using other's open WiFi, but aren't one of the 15% who are also willing to share, then you need to stand in the corner of shame.

WickedGlee

Also, ONETIMEBLUEBOY, thanks for the ad hominem argument, it really contributed to the discussion.

ChromeSishi

Has anyone mentioned yet that all the evil pedos in your neighbourhood will come use your wifi? Someone should mention that I think, maybe a hundred more times?

ChromeSishi

I got my Fon router for free at the time, and I still share my internet through it. With Fon, only other fon members can login onto the non-secured hotspot (the secured one is for private use). Unless you live in the center of town, you won't have many people accessing your Fon spot (or in my case, close to none, living in a residential area :) ).
Still, its nice that its there, just in case.

unruled

I see a lot of comments... I read through a lot of them and most of them share the same concerns.

I would love to open my internet to let someone going by use it. The only thing is there are so many things that can be done that are bad. Wireless is great and sometimes you just need to go on and say check your email or with the iPod touch now grab a quick map.

Im not sure if there is anything that can protect yourself from blame. I mean what if I was actually downloading that movie and not my neighbor? I doubt that argument would work anywhere because you have a non-existent downloader that you only know the MAC of (if lucky) and macs can easily be changed.

awdark

my network's locked down because i have a slow connection (not even 1 meg) and it kind of creeps me out to see strangers' itunes libraries show up. i'm all for open networks, though. all these articles almost persuaded me to unlock mine.

nekochan

"Furthermore, the risks of running open Wi-fi are not much more than the risks of connecting your personal computers to the public Internet via wire."

How is me, putting my own personal computer that I KNOW is going online, not different than perv sitting down the road using my connection to download kiddie porn?

holymogwai

@holymogwai: Schneier is not an idiot. If you read his article, you would see that the major premise he has is that it's a balance of RISK. To him, the benefit of good-will outweighs the risks. Furthermore, the risks of running open Wi-fi are not much more than the risks of connecting your personal computers to the public Internet via wire. With the correct security practices in place, you are not opening up your hard disks to public access or publishing your account numbers when you open up your Wi-fi network.

Having said that, my home wireless network is weakly secured with WEP and the key is taped to my desk for any house guests to copy.

Posco Grubb

This is the first time I've commented in months, just to say that this is the dumbest lifehacker article ever posted, and whoever this security expert is does not know anything.

Karl

@UnStatusTheQuo: Err, Bruce is not a "security expert" he is "THE security expert." Don't dismiss his views on security.

That all said, I have yet to see a single convincing argument of the benefits of having an open network that aren't counterbalanced by a dozen reasons not to do it.

No one should be cavalier about getting taken to court. If someone did download files, especially pedo, using your network, at least one person you know will look differently at you forever no matter if you prove your innocence or not.

It takes 5 minutes to secure your network from 99% of the people that want to get in and will prevent 99.9% of the headaches you could get from leaving it open.

Let free wifi be your municipality's headache, not yours.

psxndc

I have to disagree with Bruce's viewpoint on this one. It is irresponsible to provide unfiltered internet access to minors. While parents will do all within their power and/or skill set to lock down the home computer(s), having a reckless/careless/cavalier neighbor providing unfettered access to anything under the sun is inappropriate, misguided and just plain rude.

spuddude

POSCO GRUBB you are missing what many are saying. It has little to do with your IT RISK and everyting to do with your legal/financial RISK.

I don't think there is much balance in losing your home in a civil forfeiture to some perp who just happened to send his sisters nudes in a wardrive drive by as equitable.

JohnMc

Callit, you need to read the entire HR legislation. Plus you miss the point. As you state, you have to report it. Well report what? On an open AP you won't be able to legally 'pass the buck' which this law initiates. So the AP provider is left as the last known source of the porn. So it will You or whomever left defending themselves.

ISP's are already recording the IP's of distributors of porn when found. The generosity is not worth the legal risk.

JohnMc

@JohnMc: Information is never dangerous. Anybody who tells you it is is the real danger.

HeartBurnKid

CALLIT, I am glad you used the car analogy. But you missed what is the primary concern. Ever wonder why cars require ignitions. Better do you leave the keys in your car? That's open source isn't it?

You don't leave the keys in your car for the simple reason that if you did and the their causes a death you might have civil liability as a result. Some states even go so far as to say in so doing you forfeit the right to a claim on your insurance.

Open AP's are generous and dangerous.

JohnMc

How on earth are you supposed to know if a network is open intentionally or not? Very shortly after I moved to this neighborhood we received fliers indicating that FREE Wi-Fi would be beaming into our homes - sure enough I plug in my computer and instantly found a connection. I used it for 2 months before I realized it wasn't the CORRECT free connection... There are 1/2 a dozen cafes near me with free wi-fi and at least 15 signals appear at any given time (2-3 of which are open). I've been told that if it's open, it's probably intentional - so use at will.
If people aren't intentionally sharing - why don't they KNOW they're sharing? Shouldn't they understand their setup well enough to lock it if they want to? Isn't clear to them that they're open?
As far as the kiddie-porn argument goes - How many pedophiles do you think are out there? By the number of statements on here, you would think every 3rd person is lusting after toddlers and downloading oodles of kiddie porn! Gimme a break!
And if a person can be prosecuted simply for someone going through their server - why hasn't EVERY SINGLE INTERNET SERVICE PROVIDER been shut down by the FBI?

Temper

If I have some of that 30-50MBit bandwidth, I'd leave mine open, but at 3Mbit I'd be giving up speed that I cherish greatly.

My worry about getting busted for others' downloads (like from using suspect public trackers, etc) is that I'm quite sure my ISP would still hold ME, as account holder, responsible. "Wardrivers did it" isn't likely going to be a valid argument.

Chris Moran

I run a Fon box on my home network, give and receive alike. Besides, with how connected we are these days, its pointless to not have some sort of Internet access available. I mean, most of us have it in our cell phones, why not just simplify the great resource that the Internet already is by sharing it for others to benefit from as a token of good faith?

At least, that's my view on the whole thing anyway.

itrenorg

I am an attorney who defends RIAA file-sharing cases: [recordingindustryvspeople.blogspot.com]

I am confident that I could successfully defend a person whose open wifi was used for copyright infringement. I am also confident I would charge many thousands of dollars to do so. So by all means,if you've got that kind of coin laying around, and you've got nothing better to do with it, run your open wifi network. As for me, I've got WPA on my wireless and I enourage my clients to do the same.

MikeWas

IF I had a second router, THEN I would do a FON sorta thing and spit my network in 2, one open and 1 secure. If I didn't have shared windows folders, I would happily have an open network.

devcoder

I like the idea of sharing my wifi with neighbors, but as many have noted, the risks are too great. In the past, I have shared connections with neighbors(with their permission). It seems like if you want to share your wifi, you could always use your email address as the network name. If people wanted to use it, they could ask permission via email. As an added benefit, you might just get to meet your neighbors, which doesn't always happen here in the big city. Of course there are probably lawyer types out there who would say that you would then be more liable for anyone you expressly permitted to use your network who then went an did something illegal. I guess it doesn't pay to be nice.

andersch

For some reason, I have this odd feeling that it seem the people who don't leave their router open "Just isint cool". Meh, if you think that the whole "I pay for" Arguement sucks, why not just make an open source shower? Just let a bunch of random peopel come use it too. Why not? it doesn't matter your paying for it.

sonicj