Skip to main content

Wireless Conveniences… and Risks

Visalia Direct: Virtual Valley
March 2007 Issue
February 11, 2007

Wireless Conveniences… and Risks

“Join open network Tom’s Place?”

The dialog box on my laptop’s screen was puzzling. Beyond the obvious problem that my name isn’t Tom, something unfamiliar and strange was happening. Why was my computer wanting to join Tom’s Place? Wasn’t my place good enough?

Welcome to the convenience of wireless networking.

I had turned on my laptop without first turning on my wireless router, so my laptop had automatically searched for any nearby wireless networks. The newest computer operating systems take it upon themselves to locate and join wireless networks, which is much better than the way things were only a few years ago. The downside of this automation had just revealed itself, though.

Because I don’t know “Tom” (not the real name, of course), but assumed he must be one of my neighbors, I told my laptop “No” and suddenly another dialog appeared. Did I want to join the network “Deadman’s Party” instead? No. Okay, maybe I wanted to join “Netgear020” the operating system suggested.

By the time I turned on my router and joined my own, “closed” network, I had located five wireless networks in my apartment complex.

I wonder if the owners of these networks realize the risks they are running? Maybe nothing at all will happen to their computers — or maybe someone will go “wardriving” for data.

As network speeds have increased, so have the ranges of the radio signals involved. My apartment is on a second floor, so even a weak signal might reach four or more residences. A strong wireless network might reach 300 yards or more. This is convenient if you want to work by your pool. It’s also convenient if someone wants to access a home computer from a car. That’s how wardriving works: a criminal drives through a neighborhood looking for wireless networks.

“Wardriving” and its variations (“warwalking” and “warspying”) are “geekspeak” for joining a wireless network for either curiosity’s sake or for malevolent purposes. Believe it or not, joining an open network is not illegal in most states, including California. The theory is that if you left your network open to any computer, you must have meant to do so. However, opening someone’s files without permission is illegal. It’s a small step from using an Internet connection for free to the crime of peaking at someone’s hard drive.

You might think our Valley isn’t home to cybercrime, but you’d be wrong.

I’ve had a customer call and ask why his printer was printing “interesting” images when he wasn’t home. Now, most wardrivers aren’t this daring, but someone was joining his home network and then printing inappropriate materials. This might seem funny, but what if this wardriver were to call the police and claim my client possessed illegal images?

The first step was to make sure the printer was not connected directly to a computer. Many home networks share a printer by connecting it to a computer. Sharing a printer in this manner can be risky, especially with older versions of Windows. If you want to share a printer, buy one that can connect directly to a network either via Ethernet or built-in wireless support.

In the case of my customer, the printer had its own network adapter. The next step was securing the customer’s wireless router.

Once the customer learned someone was using his network, he felt justifiably violated. Then the concern for the customer was no longer strange images printing. What if personal data were accessed remotely? How many of us have Quicken or Money files on our systems? Do you put passwords for Web sites in a file so you don’t forget them? Is there information on your system no one needs but you?

Sadly, a quick Web search on “wardriving” will reveal sites that distribute free tools for finding open wireless networks and also breaking into protected networks. With these tools, anyone can hijack your wireless network. However, most crooks are looking to work quickly, so a few precautions can save you a lot of misery.

Every wireless network should be password protected, using the best security available to the router. Early routers features “Wired Equivalent Privacy” (WEP) security, which requires a password before joining the network. Unfortunately, WEP is about as secure as a screen door. Newer routers use “Wi-Fi Protected Access version 2” (WPA2) for password protection. If your router allows you to select a form of security, do not use WEP.

The router I use allows me to specify which computers can join the network, as well as requiring those computers to have the right password. Also, the network is “invisible” to most computers. If terms like “WPA” and “MAC address” (which does not refer to an Apple computer) are scary, hire a local consultant to configure your router. This is a quick task, and worth the small fee.

Home networks aren’t the only wireless risks we face. Most of us with laptop computers go from network to network. I use at least three wireless networks on a regular basis, and even more when I travel. School networks tend to be open, which is great for surfing the Web and checking e-mail. Many coffee shops have free wireless, and I’ve located a restaurant with a public wireless network. While I can’t imagine sitting in a booth with my laptop during dinner, I’ve witnessed people unable to stop working while ordering their meal.

Public networks are convenient and risky. Sure, you can locate an iTunes music library on some stranger’s computer, but that also means people can locate files on your system.

Security really starts at the computer. You can turn-off features like “file sharing” in Windows or OS X. You can also password protect files in most popular applications. Of course, you should never keep usernames and passwords on your computer, either!

It would be nice to think that we’re somehow “safer” than residents of Silicon Valley when we go wireless. Stories on wardriving have appeared in major Bay Area newspapers, so people there might take more precautions. Still, the truth is, most of us setup our wireless networks with the “doors unlocked” not because we trust other people — we simply don’t understand how risky wireless computing can be.

Wireless networks are great. I’d never give up the freedom I enjoy using a wireless connection at home and work. I’m also as careful as I can be while still enjoying that freedom.

Comments

Popular posts from this blog

Slowly Rebooting in 286 Mode

The lumbar radiculopathy, which sounds too much like "ridiculously" for me, hasn't faded completely. My left leg still cramps, tingles, and hurts with sharp pains. My mind remains cloudy, too, even as I stop taking painkillers for the back pain and a recent surgery.

Efforts to reboot and get back on track intellectually, physically, and emotionally are off to a slow, grinding start. It reminds me of an old 80286 PC, the infamously confused Intel CPU that wasn't sure what it was meant to be. And this was before the "SX" fiascos, which wedded 32-bit CPU cores with 16-bit connections. The 80286 was supposed to be able to multitask, but design flaws resulted in a first-generation that was useless to operating system vendors.

My back, my knees, my ankles are each making noises like those old computers.

If I haven't already lost you as a reader, the basic problem is that my mind cannot focus on one task for long without exhaustion and multitasking seems…

MarsEdit and Blogging

MarsEdit (Photo credit: Wikipedia) Mailing posts to blogs, a practice I adopted in 2005, allows a blogger like me to store copies of draft posts within email. If Blogger, WordPress, or the blogging platform of the moment crashes or for some other reason eats my posts, at least I have the original drafts of most entries. I find having such a nicely organized archive convenient — much easier than remembering to archive posts from Blogger or WordPress to my computer.

With this post, I am testing MarsEdit from Red Sweater Software based on recent reviews, including an overview on 9to5Mac.

Composing posts an email offers a fast way to prepare draft blogs, but the email does not always work well if you want to include basic formatting, images, and links to online resources. Submitting to Blogger via Apple Mail often produced complex HTML with unnecessary font and paragraph formatting styles. Problems with rich text led me to convert blog entries to plaintext in Apple Mail and then format th…

Screenwriting Applications

Screenplay sample, showing dialogue and action descriptions. "O.S."=off screen. Written in Final Draft. (Photo credit: Wikipedia) A lot of students and aspiring writers ask me if you "must" use Final Draft or Screenwriter to write a screenplay. No. Absolutely not, unless you are working on a production. In which case, they own or your earn enough for Final Draft or Screenwriter and whatever budget/scheduling apps the production team uses.

I have to say, after trying WriterDuet I would use it in a heartbeat for a small production company and definitely for any non-profit, educational projects. No question. The only reason not to use it is that you must have the exclusive rights to a script... and I don't have those in my work.

WriterDuet is probably best free or low-cost option I have tested. It is very interesting. Blows away Celtx. The Pro version with off-line editing is cheaper than Final Draft or Screenwriter.

The Pro edition is a standalone, offline versio…