Safe Use of Wi-Fi for Everybody
By Charless Miller
The column you are now reading is the product of three complete rewrites. After reading a news article about the Electronic Frontier Foundation’s recommendation that we all eliminate passwords on Wi-Fi, I wrote an editorial saying that was the dumbest idea I have heard in a long time. Before that column could be submitted for publication, I had time to ponder further the ramifications of doing away with Wi-Fi passwords, I threw out the first column and wrote another taking a softer view. Then before that could be published, I read an additional news report that prompted me to throw away the first and second drafts and write this third version explaining why getting rid of Wi-Fi passwords might not be such a crazy idea after all, so long as it is done correctly.
The Electronic Frontier Foundation (EFF) is an international, non-profit, donor-supported membership organization with a long history of working to protect everyone’s fundamental rights to use technology. The Open Wireless Router is a project of the EFF and part of the Open Wireless Movement (openwireless.org). This movement encourages ubiquitous open internet by establishing a standardized way publicly-available Wi-Fi can be implemented.
Today’s reality is that Wi-Fi can be found almost everywhere, but everybody’s access point has its own name (SSID) and its own password. And they are rarely safe to use! My favorite coffee shops have Wi-Fi, but with no security protections at all. One of my watering holes has its office computer and cash register connected to the same network with the public Wi-Fi. I tried to warn the manager, but he is a coffee brewer extraordinaire, not a computer network engineer.
The Open Wireless Router project offers a standardized set of guidelines for securely implementing public Wi-Fi. The first form, in beta testing and still under development, involves buying an inexpensive wireless router (Netgear WNDR3800) and loading it with the EFF firmware. If this catches on, my friend the manager of the coffee shop would be able to simply get a Wi-Fi router, plug it in, and provide internet for his customers; only with the EFF firmware, everyone’s access would then be secure.
A bigger benefit for the public at large will be the ability to log onto any openwireless.org router once, then go anywhere else in the world there is a Wi-Fi router signal named “openwireless.org” and connect to that one seamlessly. That would be a quantum improvement over having to ask for a password each and every place you go. Of course, some establishments are going to want to keep in place the system that checks to see if you paid for a cup of coffee before letting you use their Wi-Fi.
This EFF initiative could also go a long way to exploding the widely-held misconception that having a neighbor poach off your wireless signal automatically makes you vulnerable. When encryption is configured correctly, as it is by the EFF then the connections are secure. When someone uses some of your wireless internet access that can slow your connection; however, because there is no inter-client connectivity there is no way that neighbor can capture your passwords or any other data belonging to you.
The EFF also makes a persuasive argument that sharing your Wi-Fi actually improves rather than diminishes your privacy online. When you are the only one using your home internet, all the activity for your IP address can be tracked back to you alone. When you share your Wi-Fi with others, your online activities soon get lost in a fog of other people’s access using that same IP address. Lawyers and politicians call it “plausible deniability” when you can say “I didn’t access that anti-government web site; it could have been anyone using my openwireless.org router.”
Charles Miller is a freelance computer consultant, a frequent visitor to San Miguel since 1981 and now practically a full-time resident. He may be contacted at 044415 101 8528 or email FAQ8 (at) SMAguru.com.