Visalia Direct: Virtual Valley
March 2007 Issue
February 11, 2007
Wireless Conveniences… and Risks
“Join open network Tom’s Place?”
The dialog box on my laptop’s screen was puzzling. Beyond the obvious problem that my name isn’t Tom, something unfamiliar and strange was happening. Why was my computer wanting to join Tom’s Place? Wasn’t my place good enough?
Welcome to the convenience of wireless networking.
I had turned on my laptop without first turning on my wireless router, so my laptop had automatically searched for any nearby wireless networks. The newest computer operating systems take it upon themselves to locate and join wireless networks, which is much better than the way things were only a few years ago. The downside of this automation had just revealed itself, though.
Because I don’t know “Tom” (not the real name, of course), but assumed he must be one of my neighbors, I told my laptop “No” and suddenly another dialog appeared. Did I want to join the network “Deadman’s Party” instead? No. Okay, maybe I wanted to join “Netgear020” the operating system suggested.
By the time I turned on my router and joined my own, closed network, I had located five wireless networks in my apartment complex.
I wonder if the owners of these networks realize the risks they are running? Maybe nothing at all will happen to their computers — or maybe someone will go “wardriving” for data.
As network speeds have increased, so have the ranges of the radio signals involved. My apartment is on a second floor, so even a weak signal might reach four or more residences. A strong wireless network might reach 300 yards or more. This is convenient if you want to work by your pool. It’s also convenient if someone wants to access a home computer from a car. That’s how wardriving works: a criminal drives through a neighborhood looking for wireless networks.
“Wardriving” and its variations (“warwalking” and “warspying”) are geekspeak for joining a wireless network for either curiosity’s sake or for malevolent purposes. Believe it or not, joining an open network is not illegal in most states, including California. The theory is that if you left your network open to any computer, you must have meant to do so. However, opening someone’s files without permission is illegal. It’s a small step from using an Internet connection for free to the crime of peaking at someone’s hard drive.
You might think our Valley isn’t home to cybercrime, but you’d be wrong.
I’ve had a customer call and ask why his printer was printing “interesting” images when he wasn’t home. Now, most wardrivers aren’t this daring, but someone was joining his home network and then printing inappropriate materials. This might seem funny, but what if this wardriver were to call the police and claim my client possessed illegal images?
The first step was to make sure the printer was not connected directly to a computer. Many home networks share a printer by connecting it to a computer. Sharing a printer in this manner can be risky, especially with older versions of Windows. If you want to share a printer, buy one that can connect directly to a network either via Ethernet or built-in wireless support.
In the case of my customer, the printer had its own network adapter. The next step was securing the customer’s wireless router.
Once the customer learned someone was using his network, he felt justifiably violated. Then the concern for the customer was no longer strange images printing. What if personal data were accessed remotely? How many of us have Quicken or Money files on our systems? Do you put passwords for Web sites in a file so you don’t forget them? Is there information on your system no one needs but you?
Sadly, a quick Web search on “wardriving” will reveal sites that distribute free tools for finding open wireless networks and also breaking into protected networks. With these tools, anyone can hijack your wireless network. However, most crooks are looking to work quickly, so a few precautions can save you a lot of misery.
Every wireless network should be password protected, using the best security available to the router. Early routers features “Wired Equivalent Privacy” (WEP) security, which requires a password before joining the network. Unfortunately, WEP is about as secure as a screen door. Newer routers use “Wi-Fi Protected Access version 2” (WPA2) for password protection. If your router allows you to select a form of security, do not use WEP.
The router I use allows me to specify which computers can join the network, as well as requiring those computers to have the right password. Also, the network is “invisible” to most computers. If terms like “WPA” and “MAC address” (which does not refer to an Apple computer) are scary, hire a local consultant to configure your router. This is a quick task, and worth the small fee.
Home networks aren’t the only wireless risks we face. Most of us with laptop computers go from network to network. I use at least three wireless networks on a regular basis, and even more when I travel. School networks tend to be open, which is great for surfing the Web and checking e-mail. Many coffee shops have free wireless, and I’ve located a restaurant with a public wireless network. While I can’t imagine sitting in a booth with my laptop during dinner, I’ve witnessed people unable to stop working while ordering their meal.
Public networks are convenient and risky. Sure, you can locate an iTunes music library on some stranger’s computer, but that also means people can locate files on your system.
Security really starts at the computer. You can turn-off features like “file sharing” in Windows or OS X. You can also password protect files in most popular applications. Of course, you should never keep usernames and passwords on your computer, either!
It would be nice to think that we’re somehow safer than residents of Silicon Valley when we go wireless. Stories on wardriving have appeared in major Bay Area newspapers, so people there might take more precautions. Still, the truth is, most of us setup our wireless networks with the “doors unlocked” not because we trust other people — we simply don’t understand how risky wireless computing can be.
Wireless networks are great. I’d never give up the freedom I enjoy using a wireless connection at home and work. I’m also as careful as I can be while still enjoying that freedom.