Jun 28, 2012

How much risk is there in having an open WiFi network?

One of my friends has an open WiFi network at home that he views as basically a philosophical issue. In his opinion, the internet should be available to everyone, and he sees it as doing his part. I raised the issue of someone doing something illegal and it being traced back to his IP, but he doesn't seem too worried about it. He points out that while things like that can happen, there is no way he could be shown to have engaged in it anything, because since the network was unsecured it could have been anyone, and there would be nothing incriminating on his PC. I hear what he is saying, but I still don't think it is a good idea. Am I being paranoid, or is he being blasé?

I have Xfinity/Comcast cable internet. The new cable modem has excellent integrated wireless..2.4G and 5G. I, of course, configured my access with security. It also includes an auxiliary access channel that runs wide open by design. Comcast Wireless Neighborhood is a plan to have millions of open access points. I turned mine off but it is not easy to find the settings to do so. They really want this to happen but a lawsuit is pending due to the $20 or so of extra power used by the aux channel.


Using someone else's connection without their permission could be seen as theft.


I recall helping someone with computer troubles a year or two back, and discovering that not only did they have malware on their computer, they'd been using their neighbour's wifi without permission. Not only that, the neighbour's monthly data allowance had been exceeded which could have turned out to be expensive for the neighbour if they'd been on a plan which charges for excess use. The neighbour wasn't too impressed when I let them know.



Aside from the valid security issues that jimlynch mentioned, ask your friend how he would feel if the cops send a SWAT unit to knock down his door and throw a few flashbangs in his living room.  It happened just this week when cops in Indiana reacted to posts made by someone using an unsecured network, so they sent in a SWAT team on the house with that network.  



What's worse is that police don't always act with such restraint.  They have tons of military grade gear, and are acquiring more and more in the name of "homeland security." In many cases police behave more like a paramilitary force than civilian law enforcement. So they yell, "Search Warrant!" and run in all jacked up on adrenaline, with military helmets, ski masks, body armor and AR15s locked and loaded.    


And they can shoot his dog:





Or shoot him:




I actually don't disagree with your friend, in principle.  But as a practical matter, he could expose himself to all sorts of problems, even when he is in the right.  Is it likely?  No.  Is it possible?  Definitely.  It happens. 


You're not being paranoid. He's increasing the risk of somebody messing with his network by not having it locked down. It's his choice, of course. But it's not a good idea.

It doesn't take long to set a password, and he'd do well to set one up.

Here's an article that looks at why you should lock down your wifi network:

Got WiFi? Lock it down...NOW!!

"If you have a wireless access point or wireless router, did you reset the default username and password before you put it into service? If not, you are among the estimated near 50% of home wireless users whose networks are wide open to bandwidth thieves, snoopers and spammers. Wireless makes it easy for you to access your home or small office network and all the data you have stored there and all the devices you have connected. An unsecured wireless network is just as easily accessed by anyone who happens to be nearby with a wireless laptop and this puts your data and your network account at risk.

“Wardrivers,” hackers who drive around looking for open wireless networks, can access your network connection through an open wireless access point. Some wardrivers are just in it for the sport and might send a couple of e-mails to their colleagues to prove they were able to access the network, but they could just as easily use your network to send a few thousand spam e-mails which, if traced back to you from the header information , could get you in hot water with your Internet service provider.

Unsecured wireless is an invitation to identity theft because of the amount of personal data that so many people leave on their desktop and laptop machines. Personal data exists in the files you leave on your system and in the browser cache and history files, the “Recent” folder, temp files, system logs, swap files and many other places the ordinary computer user would never suspect. If your wireless access point is “open to the public” anybody can locate and copy all of that data in minutes and examine it at leisure and you would never know your system had been breached."
Answer this