Paper Suggests Letting The Government Use Your Router In An Emergency
from the not-as-crazy-as-it-sounds dept
Jon Brodkin, over at Ars Technica, has an interesting discussion about a paper from some researchers suggesting that we could augment first responder communications efforts by letting them make use of the public’s WiFi routers. Basically, if I understand the proposal correctly, if turned on, it would make use of your router to try to form an ad hoc mesh network with other, similar routers in the area that, in theory would only be used by those public safety first responders. It’s no secret that there are efforts underway to make sure that emergency personnel have better access to communications spectrum, and this is, at the very least, a creative way of attacking the problem.
The theory is that this doesn’t impinge on anyone’s security, because it would effectively carve out a separate service on the router, not unlike home WiFi routers that offer up different logins for residents and “guests.” Of course, theory and reality aren’t always one and the same, and Brodkin reached out to Bruce Schneier who raised his concerns:
“The problems are the same,” Schneier told Ars. “Once you build such a system, you have to build the security to ensure that only the good guys use it. And that’s not an easy task. It is far more secure not to have the capabilities in the first place.”
That said, if such a system were purely voluntary, and individuals were able to offer up such connectivity for first responders (or even for anyone else), would that necessarily be so bad? I’ve been skeptical in the past of attempts to create truly comprehensive mesh networks building on people’s home WiFi routers, and there hasn’t been much success there. But, perhaps there’s something interesting in special use cases, such as one involving first responders. I agree with Schneier that there could be some risks, but I’m not sure how they would be much different than running a basic guest access WiFi network that doesn’t involve a password. As long as you’re not using that network for sensitive and unencrypted info, it seems like a similar level of risk.
Filed Under: first responders, government, mesh networks, privacy, routers, security, sharing
Comments on “Paper Suggests Letting The Government Use Your Router In An Emergency”
Seems like a pretty good idea to me.
The only downside I could see is the potential for someone to hi-jack the system to direct emergency services incorrectly (to waste resources or even delay aid). Even that would be difficult/impractical if the system were only in use for full blown emergencies.
Re: Re:
Another downside is that a first responder (or someone pretending to be a first responder) would use it to download a film and then you’d get sued. But, other than that, I like the guest access / mesh idea generally, and this is an interesting extension.
Re: Re: Re:
I doubt the **AA would cut the victims any slack, tens of thousands per song and much more for a movie.
This looks more like an excuse than an honest proposal. How hard is it to solve the problem and how is this the best solution?
Can't imagine it working
First, within days of this being implemented someone would publish an exploit to take advantage of this.
Second someone would make use of it to distribute some porn or malware and then it would make the old routers unstable.
and as this is not a good idea, you can bet your bottom dollar that senators will be queuing up to propose this goes forward into law as soon as possible, with the usual ‘whatever goes wrong, the tech guys will be able to fix it’! fucking morons!!
802.11u
The 802.11u standard has provision for both emergency services (providing access for emergency responders) and emergency alerts (like the U.S. national public warning system). It is also used by Wi-Fi Alliance’s “Hotspot 2.0”.
It is not like a normal “open” guest network. It is more like Hotspot 2.0 (no surprise, since both use the same standard). I did not find it on a quick read of the 802.11u standard, but the emergency responders would probably be authenticated by a remote server via EAP-TLS, be restricted to accessing a few specific networks, or both.
The 802.11u standard also has provisions for an emergency alert service, similar to the U.S. national public warning system.
Schneier
He works for BT doesn’t he?
BT already has a system whereby any BT ISP user can user any other user’s wifi via their home login – Surely Schneier would have been consulted about this one.
Is this also the same Bruce Schneier who keeps (kept until recently?) his home wifi open to anyone?
Who are the 'bad guys' again?
?Once you build such a system, you have to build the security to ensure that only the good guys use it.”
And who are the bad guys again? Oh right, the bad guys are those people that download illegal content through an unsecured wi-fi connection. We certainly can’t let those public service connections happen. We can’t upset the MAFIAA, can we? Not for something as mundane as emergency services.
Re: Who are the 'bad guys' again?
And who are the good guys again? Oh right, the Department of Homeland Security. Or perhaps the fine folks at RIAA and MPAA will be bestowed emergency powers themselves when the threat level reaches vermilion due to the rising tide of copyrighterrism.
Re: Who are the 'bad guys' again?
In the case of first responders, you can set up a Wireless router in the 5GHz spectrum to allocate bandwidth and separate radio frequencies so they can utilize them freely without worrying about people pretending to be them.
So as public WiFi guest accounts idea fails, we still have ways to set the router to allow them specific access.
Re: Re: Who are the 'bad guys' again?
I think rather than go through all this ‘hoop jumping’ it may be better to redefine ‘bad guys’. I’m not so sure about “So as public WiFi guest accounts idea fails”. Do I really have someone that WANTS to break into my router to perform malicious action rather then just mooch off my internet?
I’m sure there are some, but the vast majority are the latter case. But to the MAFIAA one use is no [criminally] different then the other, hence my point. They’re the only thing really standing in the way of a general government statement of position that we can leave our wifi open and not be held personally liable for civil misuse.
Wait a second ...
On the surface, this sounds like a good use of technology, but then you have to realize, in a time of public emergency, what happens to the power that those routers need? Yeah, electricity is generally one of the first services lost.
Re: Wait a second ...
I don’t see WiFi coverage being consistent enough to make this practical and I think there are other potential problems.
Scenario 1: Disaster happens, a child dies, and emergency communications fail because the nearest router (yours) doesn’t support the feature or you chose to disable it (It’s voluntary, remember?). Parents of the dead child sue you, the owner of the router. You might prevail, but it would suck to be you.
Scenario 2: same as above, but rather than suing, the parents instead lobby Congress that a law is required, in the child’s name of course, to make the Emergency Communication feature mandatory on all routers so this tragedy “will never happens again” (Think of the Children, Key to the Constitution, and all that). This would make all non-compliant routers illegal.
If home router manufacturers begin providing the capability to support Emergency Responders I see the probability of both scenarios occuring. I see Scenario 2 being more likely after a large disaster or if several children are affected.
If the general public is to provide and support any Emergency Response communications I see potential problems without strict liability protections in place.
Re: Wait a second ...
This solution certainly doesn’t meet the standards of reliability in every situation, but public emergencies take many forms.
For example, a fire at a transformer recycling plant is unlikely to cause any power outage, but is certainly an emergency.
I’ll look at their proposal. As long they get rid of all the taxes on my connection and it does not compromise security, I’m in. I don’t think people are lining up to download porn when the neighbor’s house is on fire, but if they do I will be able to show the log that says my connection was preempted.
Setting Up
“But, perhaps there’s something interesting in special use cases, such as one involving first responders. I agree with Schneier that there could be some risks, but I’m not sure how they would be much different than running a basic guest access WiFi network that doesn’t involve a password. As long as you’re not using that network for sensitive and unencrypted info, it seems like a similar level of risk.”
I think I have a solution to the issue of someone using your network outside your house. You can allow them to set your router to assign specific MAC addresses to access your network as they pass by. That way it automatically connects the first responders.
The first responders would have a totally different network space and only would be allowed guest access.
There are two things I see that would concern me. Viruses getting into the network from the people running them. The other is people being able to hack police records.
I don't see the point
Why not just give away a separate device to anyone who will take one that does nothing but emergency mesh networking? One that can’t communicate with my wireless router …. give it to me and ask me to plug it in in a corner of my living room and forget about — happy to do that for the good of the community.
Re: I don't see the point
You make a very good point as well as to why there is a point. The only real place I can see this working is in small towns and cities like Mount Vernon, Ohio. Franklyn County, Ohio has a public WiFi network meshed throughout various majorly populated areas, especially in down town Columbus.
Can we agree that maybe it be a good idea for small towns and cities , but not largely populated areas, to have people living in the town to mesh the network?
Re: Re: I don't see the point
Why not large cities? Wouldn’t that work even better? If it is the number of devices, Couldn’t a device go into standby if it senses too many other ones in it’s range? Wouldn’t you be able to use some sort of spanning tree to avoid circuitous routing? One of these device in every apartment and business in NYC, each with a battery to last between six and 24 hours, and you would have an awesome network.
Re: Re: Re: I don't see the point
meddle, you raise an excellent point which I completely missed. Bare with me, I just had an excellent thought.
It is absolutely a great idea. It is the same for Columbus as well now that I think of it. You nailed it completely with
“One of these device in every apartment and business in NYC, each with a battery to last between six and 24 hours, and you would have an awesome network.”
You are right. Some major cities technically already have it. Now the problem lays within small rural cities or towns. The logistics could turn out to be a nightmare for setting it up for residents in small towns. But you do raise a good point.
Re: I don't see the point
I could understand no wanting to necessitate the manufacture and distribution of devices, they’re probably banking on leveraging existing property to cut costs.
But the part I like best about your proposal is that participation is optional. I would also gladly opt to enable a feature like this on my router, provided I could weigh the pros and cons of doing so. But to have a back-door forced on me by the government seems unacceptable.
I may not like it, but my car may be commandeered in an emergency. That is different than preparing in advance for the action by distributing copies of my key to all emergency personnel. The latter effects my security, the operation of my property, and exposes me to more potential abuse of power.
Re: I don't see the point
I could understand no wanting to necessitate the manufacture and distribution of devices, they’re probably banking on leveraging existing property to cut costs.
But the part I like best about your proposal is that participation is optional. I would also gladly opt to enable a feature like this on my router, provided I could weigh the pros and cons of doing so. But to have a back-door forced on me by the government seems unacceptable.
I may not like it, but my car may be commandeered in an emergency. That is different than preparing in advance for the action by distributing copies of my key to all emergency personnel. The latter effects my security, the operation of my property, and exposes me to more potential abuse of power.
What problem are we trying to solve?
Re: Re:
You’ll never win a congressional seat asking questions like that.
Re: Re:
How to set up a makeshift WiFi network dedicated to emergency services using private home or household networks as a mesh.
Glad to help 🙂
Re: Re:
1. how to destroy the HAM, CB, walkie-talkie, radio communities ? ? ?
(they must be infringin’ or sumpin’! ! !)
2. um, don’t ’emergency responders’ already have these new-fangled wireless-radio thingies ? ? ? *what* is wrong with them ?
3. again, as many posters have pointed out: 90% of the ‘disasters’ we have are where the power goes out (kinda what makes a disaster a disaster); what will this do ?
am i supposed to hook up my little hand-cranked generator radio to power my router ?
4. further, as others have said, don’t trust either the gummint (or their overpaid subcontractors) to ‘do this right’, and only think they will make my system LESS secure, and MORE vulnerable…
DO.NOT.TRUST.THE.BASTARDS.
art guerrilla
aka ann archy
eof
The government is big enough and spending wastefully already. It doesn’t need this.
And it would abuse this system, regardless–just like they do with so many other things (NSA, anyone?)
Can't they already do this?
Don’t routers have that fun FCC sticker that everything (TI-83 calculator inclusive) that says
1. This device cannot be rigged to cause harmful interferance
2. This device must accept any harmful intereferance, even if it causes undesired operation
I figured that was the government catch-all “I need to appropriate your electrons for a minute” coverage.
Re: Can't they already do this?
I think that has more to do with operating on unlicensed spectrum than intentional coercion of the device.
This is no Joke; this type of mesh networking is absolutely needed.
Here in the USA, we no longer have a government ‘of the people, for the people and by the people’. We have a government that is trying as hard as possible to suppress our freedoms and to limit our constitutional rights.
When the revolution comes and the people of the United States try to take back the government and restore our constitutional rights, the first thing to go will be communications.
The administration will use ’emergency powers’ to cut off all traditional, cell phone and internet communication. At that point, a mesh network will allow ‘we the people’ to communicate and organize an effort to restore our constitutional rights. If using the excuse of ’emergency responders’ to get the mesh network up and running works, then I?m all for it.
Re: Re:
… wouldn’t the government be in control of an “emergency switch” mesh network?
Yeah, because they wouldn’t ever abuse it.
Um, what was wrong with people being nice and leaving guest/open wifi ? Oh yeah, the government wanted everyone to think that was immoral and damn near a crime in itself. But now they want access again? I think no.
Re:
Another downside is that the emergency access could be leveraged to gain access to your private home network, and result in a means by which hackers could attack.
Of course, that’s true when you’re running a WAP right now anyway, so perhaps the risk isn’t much greater.
No....
How long would it take for this to be cracked? A couple days? Maybe? Nothing is totally secure, this included.
Would they reimburse people on data caps? Sorry there is an emergency, but ever since some companies started charging $10 per GB overages, I think people better be reimbursed.
And of course there is the untrustworthy government issues.
Wait a second ...
I have my broadband equipment and WAP plugged into a UPS that can run it for a couple of days if the power goes out. Doesn’t everybody?
I don't see the point
Large cities already have mobile network coverage…It’s called the cellular network (for cell phones) They already have the infrastructure set up. Small towns on the other hand have very unreliable cell coverage.
I kind of agree with meddle. Having a battery-backup powered router in the town hall and maybe a few businesses around the area to help cover the cell network’s dead zones seems to be the best idea. With most ISP’s now considering download limits, I’m in no way even considering opening my wifi network for “guest” access.
Setting Up
But you’d have to know the MAC addresses they use in advance.
Personally, I run my wifi open anyway, specifically so that random strangers can use my internet feed, but have a fancy firewall to segregate that traffic out from my personal LAN traffic (and to let me blacklist machines if needed).
If you set this up right (it’s not hard), then this can’t happen as you won’t be sharing traffic between the public and private sides at all.
That’s an interesting thought…
not as bad as police, but still...
If I can be held legally liable for everything that goes through my router, I do not want to hand the keys to my router to every fireman in town.
Won’t happen.
For every good guy using it there will be most likely be about 5 bad guys abusing it.
If it can be made it can be hacked.
A prelude to further intrusion
First of all, I support the general concept, and if we lived in a world where federal agencies respected the spirit of the constitution more than the desires of corporations and their ***AA lackeys I would probably support he specific proposal.
But I’m afraid it is a prelude to building in access for any agency with any vaguely defined national security/cyberthreat/copyright infringement etc. etc. agenda. In other words I’m afraid it will be expanded and abused, and I’m speaking more from a public policy and legal perspective, although the technical and hardware aspects are also relevant.
Pay me...
The thought of this being imposed on anyone is worrying and would be a hackers dream if they could break into that part of your router to do any number of things that would ultimately have *your* fingerprints on it.
That said, if my city offered me amnesty on that portion of my router and some form of relief on my yearly property tax then I’d happy install whatever router mod they had (obviously I’d install another router for myself).
Actually, would make more sense if they simply gave me a generic router than I plug into my network but I can’t access ? I would still want amnesty on whatever the hell goes through it though.
First responder WiFi
While this sound like a good idea it is a really bad idea. I am currently with a Fire Department and as an EMT for 20+ years. Today we are being required to upgrade our communications to a very expensive digital system. We don’t have the funds to add some other WiFi thing nor could it really be of use given our training constraints. Most of our folks are volunteers and we need to train on Urban Interface fires like the recent Waldo Canyon fire, HAZMAT etc. not on an obscure alternate communications method.
The big question that is unanswered is how do we know to switch to it? With our that it is useless at best and at worst will get someone killed.