Wireless networking, also known as “wi-fi,” is now all the rage for home computer users. Media ads assault us about our “need” to share Internet access throughout the home and “experience the freedom” of wireless. And, we are told, we simply must have the most powerful and fastest wireless equipment possible, so that we can simultaneously surf the Web, download files, stream video, manage Voice Over Internet phone calls and play online games. Bah, humbug. Piffle, poppycock and balderdash.
Why, you may ask, am I such a cranky curmudgeon regarding wi-fi? After all, I organized and hosted the world’s most successful contest involving wi-fi for three years in a row (see www.wifi-shootout.com). Why would I be against wi-fi? Actually, I’m not against wi-fi, but I’m definitely against the reckless way that it’s promoted by manufacturers and retailers. There’s a huge emphasis placed on convenience, and precious little emphasis given to the all-important concept of network security.
I was recently reminded of this sad state of affairs while I was installing a wireless network in a client’s home. This family has a rather large home, and, in order to achieve “whole home coverage,” needed their wireless Internet signal to penetrate walls (of both wood and stone), floors, ceilings, and some rather large metal appliances. That’s a tall order for your typical wi-fi setup; so, I bought the most expensive and powerful off-the-shelf wi-fi equipment that Best Buy sells. If this didn’t work, then we’d have to resort to (an unspecified) “Plan B.”
I went to work installing the required wi-fi adapters, router and wiring (even wireless networks still require wires!). With all of the hardware in place, I set about providing basic security for the network. Entering the wireless routers’ configuration utility, I changed the SSID (Service Set IDentifier) to something hard to guess, and told the router to not broadcast the SSID. I then picked an encryption protocol, in this case, WPA-PSK (Wi-fi Protected Access-Pre-Shared Key), and chose the TKIP (Temporal Key Integrity Protocol) option. Next, I picked a suitably complex “key” that would foil all but the most determined password crackers. Lastly, I changed the default password of the router itself. I was ready to test the network.
Much to my delight, “Plan A” worked, so I decided to take my client’s laptop outside to sit next to the pool while I tied up some loose ends. Wow! Suddenly, I was picking up wi-fi networks from all around the neighborhood, many of them running completely unsecured. Not only were the neighbors broadcasting an Internet connection to their own computers, but they were also sending free Internet access to anyone within range. Should even even a semi-skilled bad guy target them, they wouldn’t be enjoying their wireless “freedom” for long.
So, if you come home someday to your unsecured, wifi-enabled computer that’s displaying a skull and crossbones that says, “0wn3d by k3wl h4x0r,” you can’t say that you weren’t warned.