Is It Possible To Salvage Open WiFi?
from the would-be-nice dept
We recently wrote about how a guy had his home raided by gun-toting law enforcement officials accusing him of downloading child porn when it really came from someone else who had hopped on his open WiFi router. While the lesson we got out of it was that law enforcement needs to rethink when it calls in SWAT teams and beef up their own technical knowledge, the lesson that many others were pushing was that you must lock up your WiFi router. This is unfortunate for a few reasons. There definitely are times when it makes sense to lock up your WiFi, but there are also advantages to having an open router.
The folks at the EFF are trying to salvage the idea of open WiFi by kicking off a call for an Open Wireless Movement. To make this work, they note that the two key reasons why people encrypt their WiFi is so that (1) they don’t have all their bandwidth sucked up by others and (2) to avoid security issues with unencrypted content being accessible to others on the network. Rather than using that as an excuse for saying everyone should lock down their WiFi, the EFF suggests making a WiFi system that can remain open while solving both those issues:
The best solution to this problem is to have WiFi routers which make it very easy to share a certain amount of bandwidth via an open network, but simultaneously provide an encrypted WPA2 network that gets priority over the open network. Some modern routers already support multiple networks like this, but we need a very simple, single-click or default setting to get the prioritization right.
[…]
There is currently no WiFi protocol that allows anybody to join the network, while using link-layer encryption to prevent each network member from eavesdropping on the others. But such a protocol should exist. There are some technical details to work through, but they are manageable.
But, overall, the proposal is to push for people to recognize that open WiFi isn’t evil and often has tremendous benefits:
Most of us have had the experience of tremendous inconvenience because of a lack of Internet access. Being lost in a strange place with no way to find a map; having an urgent email to send with no way to do so; trying to meet a friend with no way to contact them. Even if we have data plans for our mobile phones, we’ve probably had these experience in cities or countries where our phones don’t have coverage or don’t have coverage for less-than-extortionate prices. We may even experience this problem at home, when our Internet connection dies while we urgently need to use it.
Finding yourself in one of these binds is a bit like finding yourself parched and thirsty while everyone around you is sipping from nice tall glasses of iced water, or finding yourself cold and drenched in a rain storm because nobody will let you under their umbrella. At those moments when you are lost, or missing a deadline, or failing to meet your friend, it is almost always true that Internet data links are traveling through your body in the form of electromagnetic wireless signals — it’s just that people have chosen to lock those networks so that you can’t make use of them.
To be honest, I doubt this will get that much traction. There just aren’t enough reasons for people to purposely leave their WiFi open, no matter how nice it would be. Combine that with more modern wide-area wireless networks, and this becomes less and less of an issue.
Filed Under: encryption, open wifi, wireless
Comments on “Is It Possible To Salvage Open WiFi?”
Download quotas
Open Wifi on home connections has never had any traction in countries where download quotas are the norm (such as here in Australia). Traffic prioritisation may deal with bandwidth hogs, but why would anyone pay extra for more quota than they plan to use themselves?
Given how much harder it is to have a private home Wi-Fi network that allows you to share files and printers between your own machines, while only sharing the net connection with arbitrary clients (as compared to just locking down the whole thing), deliberately running an Open Wifi connection has always struck me as something that is always going to remain a pretty rare occurrence, even in countries where download quotas don’t knock it on the head.
Re: Download quotas
Hi, fellow Aussie 🙂 I’m with iiNet, and one function the routers come with is some BS called ‘Tomizone’. It allows you to run a ‘paid’ but unsecured connection.
This is the bugger I have (it has really poor wireless range anyway but also does 2 VOIP lines) –Belkin site http://tinyurl.com/3dkrnnd — iiNet-supplied with custom firmware. The theory is however they connect, their usage and my mac address are reported back to Tomizone who send me some cash.
So I guess in essence, even with capped internet, that sort of thing does exist, and I guess it also confirms that firmware to do it does exist already.
I currently pay for more than I need (50g peak and off at 20mb/s) but conversely if I am on holidays or my kids visit, I can stay unshaped.
Error: Reason not good enough
While I understand and, to some extent, agree with EFF’s argument, I think they will need a much stronger argument than this to encourage open wi-fi.
In the UK, BT pretty much force this on people as their BT HomeHub router acts as a BT OpenZone and FON hotspot. Not free – subscribers only.
Every other ISP explicitly prohibits sharing in the T&Cs.
Worse, the Digital Economy Act means you’re legally liable for any copyright infringement or other activity that happens on your connection. So expect Internet cafes, libraries etc with wifi to become a thing of the past.
Re: Re:
How does BT forcing your home router to be publicly available interact with the Digital Economy Act. It doesn’t seem to make sense to hold someone responsible if they have no choice. Is there some detail that straightens this out?
Re: Re: Re:
The UK’s RIAA would assume that since the router was at his house, MetalSamurai did it.. and unless the person who did the device can be produced, it’s automatically MetalSamurai’s fault.
Re: Re:
In france, “free” (free is the name of the ISP)offers the same service. All “free” Home routers have two wifi networks one WPA-ecrypted for the subscriber, and one for the other free-subscribers.
The dark ages
We’re currently still living in the dark ages in many ways, but the future is looking more and more like a place where every device is going to be connected to the net anyway using means other than wifi (though wifi in some form may well exist as well for more insulated clouds, like company-specific ones.)
Personally I don’t miss having open wifi access points at all – my phone is always connected via 3G and can share that via wifi if I need to get another gadget online. The speeds are even quite acceptable – the only unacceptable part is the artificially high cost that has been applied to that sort of thing.
Like most things, once we sort out our main problem as a species (using hostile concepts like money and trade instead of actual cooperation), there is zero technical reason why we wouldn’t have very fast and totally ubiquitous wireless access on every electronic device that can use it.
One-click setup
The Apple Airport Express supports a secondary “guest” network (unprotected) that can be set up with a single click.
Re: One-click setup
But is it prioritized lower than your network usage. If not, then you may find yourself going VERY SLOWLY.
Re: One-click setup
Close, but no cigar. What you are referring to is the Airport Extreme. The guest network is a separate WI-FI network that can be protected or unprotected. However, if it is protected, all the guests still use the same pre-shared password, just one that is different than the primary network. What is possible, but I am guessing Apple isn’t doing this (I don’t own any Apple equipment), is that a guest uses that pre-shared password and a, guest supplied, individual salt to generate a unique encryption key. That would allow each guest user to have a secure connection to the access point. Even with that capability, the Airport Extreme would not qualify because the guest has to know the password already or ask someone who does.
It’s been a while since I looked into third-party BIOSes for routers. Do any of the popular ones offer what the EFF wants?
Re: Re:
the problem is with that “3rd party” when they want it common place
Possible Solution (seen on slashdot comments)
Certain router firmwares let you set up multiple SSIDs. You could connect trusted computers direct to the internet via an encrypted SSID. All untrusted computers would connect to an anonymous unencrypted SSID that routes all of their traffic through an onion proxy network like Tor or I2P.
That would probably stop ICE from kicking down someone’s door at 3AM, and it would also stop residential internet providers from determining that someone has opened their internet connection to the public, which is universally against ISP terms of service. It also might be a boon to some of those onion proxy networks by letting people choose to become relays and exit nodes on the fly. The police would hate an initiative like that.
+1 for the dual WiFi networks. I have one locked with and another named “BeNiceShareInternet” that is open. So far none of my neighbors have taken the hint :/
I leave mine open on purpose. I do most heavy work at school where I have a fast connection, and I’m gone almost all day, so if someone gets use out of it, more power to them. Sadly, my neighbors do not really reciprocate. I live in a dense complex, and a few months ago when my DSL went down for 2 days I had to walk with my laptop all the way around to the other side of the complex to find an open signal (among dozens of locked). Of course, I know how to break encryption if needed but I would only do that in an emergency (which I can’t really imagine what that would be, exactly).
Basically, I do it because I’m a nice person. So, I guess I’m a part of this “movement” already. I check periodically and I’ve never had anyone seriously hogging bandwidth (I think most people get that that’s uncool).
I had the Neighbor Problem
A few years ago my router was giving me fits when trying to lock it down, so I just left it open.
Internet access became really slow. I turned on logging and found my neighbor was running 24-7 file sharing on my Internet connection.
I was forced to figure out how to get it locked down.
All it takes is one inconsiderate person who probably thought he was anonymous and undetected.
Friends don't let friends run open Wifi
Anybody here heard of FireSheep? It’s a free program that let’s script-kiddies (or anyone else) hijack any unencrypted (URLs that start with http instead of https) session on an open wifi. For fun download it and then go to public place with an open wifi. It will actually show you the pictures of the people that are logged on.
It lets them send email as you. It lets them transfer money out of your bank account if you’ log into your bank. It let’s them post on your Twitter account. It lets them post from your Facebook account.
So, tell me again why you want more open wifi hot spots?
(The ?good? news is that FireSheep is causing more sites to switch to SSL.)
Re: Friends don't let friends run open Wifi
Anybody here heard of FireSheep? It’s a free program that let’s script-kiddies (or anyone else) hijack any unencrypted (URLs that start with http instead of https) session on an open wifi. For fun download it and then go to public place with an open wifi. It will actually show you the pictures of the people that are logged on.
Which is why this article pointed out that there should be open, but encrypted, WiFi.
FireSheep is a redherring in this discussion.
It lets them send email as you. It lets them transfer money out of your bank account if you’ log into your bank. It let’s them post on your Twitter account. It lets them post from your Facebook account.
Almost none of that is really true. Pretty much all bank accounts are encrypted these days. I can’t believe any are still unencrypted. I can’t think of any webmail services that aren’t encrypted. And more and more of both twitter and facebook are encrypted.
So, tell me again why you want more open wifi hot spots?
As was stated in the article, the idea is to create encrypted but open Wifi.
Re: Re: Friends don't let friends run open Wifi
Mike,
I think the problem here is that “open” can refer to an unencrypted WI-FI network as well as one that is promiscuous (i.e. allow anyone to join). I think what Rob is referring to are potential security problems when using an unencrypted WI-FI connection. The lack of security depends on what the user is doing with it. My webmail has a choice of using HTTP or HTTPS. You are right about banks though, I can’t imagine any using HTTP still.
Maybe I can get people to start using the word promiscuous for these networks despite its negative connotations. There is a precedent for its use to describe NICs that did not filter received frames based on MAC address.
Re: Re: Friends don't let friends run open Wifi
I’m all for the “idea” but I want to survive in the “real” world while working toward it. Yes, I’d like to have open wifi. I also work with a guy that had been retired but had to go back to work after all his retirement funds were siphoned from his various accounts. He made a mistake on the Internet, not wifi, that lead to this happening. I’m just urging caution.
I don’t think wifi is evil any more than I think guns are evil, but both must be used carefully.
Maybe I misread the article as encouraging everyone to start using any and all open wifi connections they encounter. I’m just saying use caution, something I don’t read any not of caution in this article.
The first thing that might be helpful is to find a new name for the secure version of “open wifi” (which my quote from the EFF says doesn’t exist yet.)
Maybe the EFF should have kicked off the Secure Wireless movement.
Re: Re: Maybe this is off-topic and maybe it's a red herring but ...
For details of how Firesheep exposes wifi security issues that have been around for a decade or more, read or listen to episode #272 of Security Now from 28 Oct 2010 on this page:
http://www.grc.com/securitynow.htm
Both audio and transcripts are available.
In this episode Steve quotes what ConsumerAffairs.com today wrote:
“Computer security specialists have issued a warning about Firesheep, a new downloadable add-on to the Firefox browser. If the person in a coffee shop with you has it, they can see exactly what you’re doing online.
“The feature was reportedly created by a Seattle software developer, whose purpose was to demonstrate how vulnerable unsecured networks are. Unfortunately, he’s unleashed a tool that can turn a computer amateur into an accomplished hacker. With Firesheep, a computer user can log onto a public network, in an airport or coffee shop, and get a list of all the computers that happen to be connected to the network at that moment. “Simply by double-clicking on one of the names, the Firesheep user can access whatever that computer user is doing online. If they are updating their Facebook account, the Firesheep user is also logged in. Firesheep works by intercepting Internet cookies, which websites place on your computer when you visit so they will recognize you when you return. Professional hackers have had that tool in their arsenal for years. Now, thanks to Firesheep, anybody that has downloaded the add-on can do it too.”
So as of that date Steve says that all these sites were vulnerable: Amazon, Basecamp, bit.ly, eNom, Facebook, Foursquare, GitHub, Google, Hacker News, Harvest, The New York Times, Pivotal Tracker, Twitter, ToorCon, Evernote, Dropbox, Windows Live, Cisco, Slicehost, Gowalla, and Flickr. And coming soon is Yahoo!, eBay, LinkedIn, Digg, Reddit, Wikipedia, Blogger, GoDaddy, Posterous, Tumblr, Netflix, YouTube, Slashdot, MobileMe, PayPal, Salesforce, Craigslist, MySpace, Match, and AOL.
However, many of them have switched to SSL.
So I’m just trying to spread the word about real world concerns that many people don’t know about. I’m personally not using open wifi; the risk is too great. If you can’t configure your router then turn the wifi off until you can get help.
That’s all I’m saying.
Peace,
Rob:-]
The EFF says ...
“There is currently no WiFi protocol that allows anybody to join the network, while using link-layer encryption to prevent each network member from eavesdropping on the others. But such a protocol should exist. There are some technical details to work through, but they are manageable.”
Re: The EFF says ...
According to Slashdot, IBM is supposed to be unveiling such a thing at the Black Hat conference.
https://threatpost.com/en_us/blogs/ibm-unveil-secure-open-wireless-system-black-hat-080311
Fail!
The encrypted portion of public access won’t gain traction because it’s inherently a poor idea. There are already protocols for securing communications at the client level – what is the point of having encryption between your device and a strange/foreign router you can’t trust anyways?
Re: Fail!
You have a good point about trust of wireless access points, but I disagree that wireless link encryption is inherently a poor idea. If I understand you, you’re saying that TLS should be used to encrypt packets for all protocols using IP. Even so, there may be a desire to do encryption at the packet level as well to prevent traffic analysis given that source and destination IP address are accessible to just about anyone. This is a relatively minor point for most people but important to a few.
Another point is that security is not absolute. You should be able to choose what level of security you want given what you are doing at the moment. Even if you can’t trust the AP or prevent a MITM (Man In The Middle) attack, you might want to use an encrypted WI-FI link so that a low-level script kiddy can’t use Firesheep to view your lunch-time session at 4-chan or out your AC identity on Techdirt.
A final point is that until all your destinations incorporate TLS, you may want to still use a promiscuous WI-FI AP to connect without exposing all your communications to the typical thief or voyeur. It’s not absolute security. Without a way to authenticate APs, there is always the possibility of a MITM attack. It comes down to the level of security you are willing to accept. I might use webmail via HTTP at home but I wouldn’t do that over a promiscuous WI-FI connection, encrypted or not. However, there are some things I would do, using HTTP, as long as the WI-FI link was encrypted.
anonymous or not?
An important question in developing a protocol is whether we want to allow anonymous access or not. If so, that means smart criminals could use such a connection to mask their identities. The porn-raid culprit could have avoided being caught if he hadn’t used the same log-in ID from a university computer using a secure token belonging to him. To be sure that he was not caught the culprit should have always used an anonymous connection to a public network or piggybacked onto an unencrypted or weakly encrypted WI-FI connection. In addition he should use MAC address spoofing and a spoofed user-agent.
I think anonymous access can be very useful despite this potential drawback. The government is likely to lean the other way and attempt to outlaw it when the opportunity arises. A new protocol is a new opportunity. A protocol, similar to WPA enterprise, could be used to allow anyone, who registers with the government, access to any promiscuous (public) network by authenticating with a government owned, or contracted, authentication server. The wonderful side-benefit of this is less likelihood of SWAT raids upon the innocent, at least as far as computer crimes go.
Another way to gain anonymity on the web is to use an onion router network like TOR. So, anonymity is not totally lost if anonymous access to public WI-FI is eliminated.
A side note:
I had an interesting exchange on Slashdot with someone about the Dutch guy who was convicted of making death threats via the internet but was determined not to have committed a crime by using someone else’s WI-FI connection.
http://www.techdirt.com/blog/wireless/articles/20110319/00082913559/dutch-court-says-breaking-into-encrypted-wifi-router-to-use-connection-is-legal.shtml
I believe my comment exchange was with the Dutch culprit himself doing some sock-puppeting on Slashdot to clear his name. He was fluent in Dutch but absolutely lied about what was in the Dutch court documents. I called him on that but he kept it up. Here was a very technical guy, but he still didn’t bother to spoof his MAC address.
economic argument
I’m not sure I am convinced of the following argument. I throw it out to see how it can be shot down.
If there was a system in place such that every WI-FI access point was public (promiscuous), it seems that seems would settle down to an equilibrium where some percentage of users were parasites (didn’t bother to pay for connectivity) and the rest were hosts. The result would be that the total use of bandwidth ends up divided among fewer paying customers. If the providers had some fixed cost for providing bandwidth then they would end up charging the hosts more than they would otherwise. So, even without a system with rates based on actual usage, the hosts end up paying more in the long run by opening up their WI-FI connection.
suggested protocol
I haven’t thought this through for security holes, but this is a simple protocol and software configuration to allow for multiple encrypted connections, each using a different key, and priority given to a fixed subset.
Excuse the formatting, Allowed HTML gets in the way here
WAP sends (public key, SSID, MAC Address) to any host
host chooses symmetric key for session, encrypts this key with WAP public key, sends to WAP
all further communication between WAP and host uses session key.
Configure WAP with a set of fixed MAC addresses which will get priority over guest connections. Under Linux, use HTB queuing discipline to set up traffic shaping based on MAC address. Fixed set gets priority. Left over bandwidth is split equally between guest connections.
To be honest, I doubt this will get that much traction. There just aren’t enough reasons for people to purposely leave their WiFi open, no matter how nice it would be. Combine that with more modern wide-area wireless networks, and this becomes less and less of an issue.
It might become less and less of an issue in the U.S., but in many areas in Europe wide-area public Wi-Fi is non-existent.
So i guess you do not need that many reasons to leave your connection open; i like it when i can check google-maps or my email through public Wi-Fi when abroad (see the don’t have coverage for less-than-extortionate prices problem), and i like to think i may be doing someone else the same favor.
Then again, in Europe it is quite easy to cross borders, maybe travelling in the US does not generate the same issue, though i believe the point still applies.
Open WiFi
We have the “perfect” system in Mountain View (Google HQ town).
“Google WiFi” is open and can be used by anyone in MV, from anywhere. Meanwhile we can lock down a portion with, say, WPA or whatever.
Unfortunately, WiFi is not good for VOIP; so we have GWiFi, our WPAGWiFi, and DSL (for VOIP).
Interestingly, Google gives us free phone service (which we use), but not a usable broadband – WiFi is based on shared bursts of data, and in VOIP that means garbled phone calls! We use free GVOIP, but on our DSL system (which is slower than GWiFi, but steady.
Each WPA association in shared secret (PSK) mode uses a unique session key, which is computed using the shared secret (the password you enter), the MAC addresses of the two ends of the association, and two random numbers, once generated at each end. So if you enable WPA but with password “password” – or anything else – each individual device will actually use a different encryption key in conversations with the access point.
*If* someone is monitoring at the time the association is set up, they will get all the data needed to compute the actual session key. But if they weren’t able to see the establishment of the association, they can’t derive the key. So, unlike the case with non-encrypted connections, just being able to converse with the access point doesn’t mean you can read all its traffic. In fact, you can only read your own.
Now, this is not a very robust kind of protection. One attack against an existing connection is to interfere with it in any of a variety of ways, forcing it to be re-established – at a time when you are presumably monitoring, Still, it’s better than nothing – and it’s sufficient to render connections opaque to Firesheep.
A convention some people are following is to give the network a name that tells you what password to use. Of course, you can (depending on the exact circumstances) simply tell people what the password is – or put up a sign with that information.
— Jerry
Opening your Wifi could exponentially boost your download speed
I agree with the arguments put forward for open but secure wifi. People have said there needs to be a stronger argument here it is.
Open wifi could exponentially boost your download speed!!!
Think about it. Here in the in the city I routinely pick up between 4 and a dozen wifi signals and I’m on the edges of suburbia. In some of the denser student areas there are up to 20 signals.
Now think of how much time you are online unless you are a massive torrent fiend your probably on for a few hours most nights. Think of all the people you know only go on for a few hours a week or every few months I’m thinking of my parents here. Basically there is a lot of unused bandwidth.
There could be a sharing open bandwidth standard that if you have it allows you to hop onto all wifi signals you can reach and then onto all wifi signals those transmitters can reach etc. So your 1mb could be boosted up to the max maybe 50 or 100mb if no one else close is on at the time.
Fair sharing rules could be agreed that could encourage leaving the wifi turned on whilst not in use. Intelligent interval transmission could be used to save power when no users on.
If this system already exists let me know what it is called if it doesn’t who can make it and what problems need to be overcome. This idea overcomes the usual problem of requiring selflessness by making wifi sharing a selfish act that is also altruistic.