SEARCH

How-To Geek

What You Said: Do You Run an Open Wi-Fi Network?

2tt07e3r

Earlier this week—and in light of the Electronic Frontier Foundations call for an Open Wi-Fi world—we asked you if you ran an open Wi-Fi node. Your responses were strong and varied.

Recently the Electronic Frontier Foundation put out a call for an Open Wi-Fi initiative. They made a pretty compelling argument that, among other things, a network of open Wi-Fi nodes represents an enormous, powerful, and untapped network of connectivity. They also acknowledged that people were reluctant to do so because of legal issues and fear of litigation. We were curious how you felt about it and whether or not you run an open node of any sort. Your responses ran the gamut of “Why yes, and here is how” to “Hell no”.

Not On My Life, Buddy

The majority of you were opposed to running an open Wi-Fi node for a spread of reasons. Khai highlights the one that weighs heavily on most peoples’ minds:

I point to the recent cases of police operations busting the owners of unsecured networks for downloading child porn, when in fact it was others using their networks.

I would think very carefully about leaving a network open due to this kind of abuse.

Indeed. The last thing anybody wants to deal with is their door being kicked in by the SWAT team over a digital transgression they didn’t commit. No matter how compelling the arguments for an Open Wi-Fi world are, the fear of being mistakenly fingered for serious crimes like distribution of child pornography put a real damper on things. This sentiment was widely shared. AbbaDabba writes:

Not much interested in the FBI dragging me out of bed and putting me under the jail for kiddie porn. No, mine’s locked and will remain so. And WHY should I use my money to pay for someone else to get free internet? Get a wireless synch card if you’re not near our own router or if you’re too cheap to buy your own. Quit freeloading!

The unfortunate reality of bandwidth limits and download caps took a toll on other readers’ desire to share. HTG Fan writes:

I do have a WEP (no WPA cause some mobile devices do not support it, which is a pity) key on my network, for two reasons.

First of all; in my country, one is only allowed to down- and/or upload a total amount of 100 GB of data which isn’t very much. It’s easy to reach the limit on my own, let alone with the whole neighborhood using my network.

Second reason; security indeed. It’s easy enough for the average script-kiddie to sniff (and, if necessary, decode encrypted) data. I don’t feel like finding an empty bank account one day or another.

Conclusion: no thanks, no open network for me.

People in New Zealand have a double whammy of expensive internet and draconian laws as Anon notes:

It’s probably already been said but with the current law changes, open Wi-Fi in New Zealand will be a thing of the past.
$15,000 fines and accounts suspended for 6 months if your ip is caught in 3+ illegal file sharing offences. They are also adopting the ‘guilty until proven innocent’ approach, where the account owner gets all the blame unless they can prove it wasn’t them or that it wasn’t illegal.

No way ill be leaving my Wi-Fi open.

 

It’s Just the Neighborly Thing to Do

Although in a minority, quite a few readers ran open Wi-Fi networks using everything from no precautions at all to systems designed to separate the public traffic from the private.

For those of you that live far enough away from others that Wi-Fi sharing was largely a physical impossibility, running the network wide open wasn’t an issue. This is a situation that Grant, among several other readers, finds himself in:

I am in the middle of nowhere also. I run mine open, but it is in the basement, so, there is very little spill over. I can’t get a signal even in much of my own yard, but friends who come over can easily connect, as long as they are in the house.

Others took a more conscious approach to running and open network. ElegantFowl’s Netgear router has a built-in sharing function:

We provide an unsecured Courtesy network (open to Internet, not to local network) using that feature of the Netgear WNR2000. If I thought it was being misused I might throttle it a bit, but it’s not.

IEEE missed the boat on this and should have built courtesy networks into the WLAN standard. EFF is right to take it on. This tiny slice of garbage spectrum that the public is allowed to use for ‘unlicensed’ devices could provide more capacity and value than all other paid/broadcast services combined. We need to stop auctioning off spectrum to corporations who want to rent capacity back to us at monopoly prices. Open user-capitalized wireless is the way, first with WLAN, then in the “white spaces”.

Teddy P takes a two-node approach with some heavy security backing it up:

I run two Wi-Fi. One secure and one open. I use a captive portal for open Wi-Fi with a captive message requiring user acceptance. All networks are protected by a unified threat management security gateway, including: content filtering, anti-virus, phishing, IPS, etc.

NetworkFusion sets up Wi-Fi hotspots for local businesses and uses the same tricks to share his Wi-Fi:

I run a bunch of free Wi-Fi hotspots for the general public (although mainly run in conjunction with local businesses), The network is semi locked down and uses software for an openwrt router, called WiFiDog in conjunction with a back end called Auth Puppy. I also use Open DNS for content filtering to cover my back.

That’s a pretty good compromise as people can easily check their email or read the news but they’re locked out from causing too much trouble.

As a compromise between outright free access and semi-securing the connection UniversalMonster offers the following solution:

My network is locked DOWN as I’m the only house in the area with a fibre connection, plus, I like sharing my files across Windows machines, and don’t 100% trust the Win7 Homegroup Security.

I am into Open wifi sharing though; so have installed a separate FON Wifi Access Point, but users have to pay to use it (and I get a little cut…). But having one installed, gives me the freedom to use other people’s FON AP’s for free worldwide. Well worth looking into!


Have a strong opinion about open Wi-Fi? Have a tip or trick for running a two-part node to divide public and private traffic? Let’s hear about it in the comments.

Jason Fitzpatrick is warranty-voiding DIYer and all around geek. When he's not documenting mods and hacks he's doing his best to make sure a generation of college students graduate knowing they should put their pants on one leg at a time and go on to greatness, just like Bruce Dickinson. You can follow him on if you'd like.

  • Published 05/6/11

Comments (27)

  1. Chronno S. Trigger

    The only reason I don’t run an open WiFi is because my sister’s Windows laptop would randomly connect to other open WiFi. I put in the WEP key to force Windows to stay on that network. I now have far to many devices setup for it to turn it off. Though, if I ever create an open one, it would be with the wireless built into the FiOs router that I currently don’t use and is on a completely different network.

  2. Ben

    I have a secured Wifi, but allow an unemployed neighbor to piggy back on it. He asked first and I gave him a password.

  3. Saptashwa

    Why doesn’t “Electronic Frontier Foundation” themselves buy all the spectrum, then provide free Wi-Fi access all over the world? Too scared to part with its own money? Making us do it instead? Fail.

  4. Dave

    Ask Bill Gates to buy open bandwidth cause it’s a charitable gift to the free world. Appropriate, yes?

  5. Saptashwa

    @Dave, why not? Good idea.

  6. JIm

    I grew tired of one brand I always used because it failed
    every 13 months, so I bought a Linksys/Cisco E3000
    router which was a bit more difficult to set up. The WPA2
    passwordis very strong but the router features a guest log-in
    with a password that’s perfect for guests. They get to surf with
    limited rights and everyone’s happy.

  7. Rob

    Well, kiddie porn aside, and all that, why do you want me to pay for your net? Feed you, sure. Give you a cup of cold water, yes again. But I do not remember anywhere Jesus saying you are to provide free wifi for people. You want free, do to the library. Even at night, outs leaves it on so you can pull up in your call and get your email. Filters, yes. Pain, yes, but you get free wifi. Coffee shops too. For the price of a cup of coffee, you can sit there for an hour or two, and get high speed internet. Now even Starbucks is free. So, as they say, ya ain’t starvin!

    PS Also some cities have public “hotspots” provided by the City. We do. Not many, but a few.

  8. Furryface

    I would not be comfortable sharing my bandwidth with just anyone for fear of getting blamed for downloading illegal stuff like kiddie porn or other illegal stuff. If a neighbour was down on their luck and I could trust them I would give them my password to share with the understanding they don’t abuse the privilege with huge or illegal downloads.

  9. Clarence

    Are you kidding? I don’t even have wireless.

  10. Bassclarinetl2

    I also don;t allow unauthorized individuals access to my network not only because of the possibility of packet sniffing but also because the Terms of Service of my ISP prohibit operating a hotspot. If I was to open it up, I would use mac filtering to ensure only authorized devices on on the network.

  11. dangermousey

    People’s concerns about being tagged for files downloaded on their networks by other users of an open network don’t cut it ? Here’s why – everytime a computer connects to your wireless network it leaves it’s hardware address that is unique to each computer, and it leaves the computer name and your IP. A snap to trace back, and even if it’s a ‘previously used’ computer or the hardware address has been changed in the registry – after a few connects you can be found by police – like, you are only a few feet from the router….humm duh…well it’s one of 6 houses….lol lol….another no brainer – the only way around this is to keep moving. Server on wheels. Keep changing network cards …lol… buy a hundred of them at wal mart. No matter who’s server you connect to, even behind a proxy, or firewall – you are leaving your fingerprint somewhere. Anyway i opened my router, and people are downloading a few songs, IE9 and stuff like that – updates. I’ve yet to see anyone downloading questionable material, on my network – remember on wireless this is radio waves – just like picking up radio waves on your AM/FM radio – you are picking up the signal for free – these waves are floating around and people pick them up on their computer. I don’t think anyone can claim ownership of ‘Radio waves’.
    Hey that’s my radio wave over your house…give it to me. What a pile of nonesense – people going to the trouble of encrypting (which slows your speed by 35 percent) – for what – why – when I see these secured home networks – I think people really believe no one can log on to your network – this secure home network – (pause while I fall on the floor in laughter) – have a nice day everyone with your false sense of security on wireless routers.

  12. Joolyer

    I have an unsecured network. Partly because for a while my tenant was unemployed so why not let her use my wifi? It didn’t hurt me, our speeds didn’t drop, I pay for unlimited downloads so why not share it? Also partly because I was too lazy to bother with encryption. If we start having problems then I’ll think again, but it’s been years and no trouble.

  13. Jack

    I guess I am cheap and a bit security paranoid. We run way to many wireless boxen for a household of 2, but I do run a secured network (wpa2 mainly). For public access, I have a FON router (fon.com), and it gives away a little bandwidth, folks can purchase more, and I have a secured ‘back net’.

    After 4 years, I have almost collected enough ‘revenue’ from people purchasing bandwidth (and agreeing to not do anything illegal) to halfway pay for one of the two I own.

    Yes, it uses a captive portal, and I can give a free uid/pwd for visitors (for free) and still not give away my home network. So the guys ware driving can get access, but unless they want to hack they have to pay a little (or own a FON router of their own) to get access.

  14. mASOUD

    @ dangermousey

    Have you ever heard of MAC spoofing?
    also: c’mon can you bypass a 63 character password on WPA2?

  15. Debbie F

    We live in a valley. My husband is a ham radio operator. He went to the top of a mountain with an inexpensive directional antenna and aimed it at a friend’s antenna fifty miles away. He was able to send and receive data at an incredible rate. This has been repeated in Switzerland at a distance of over 200 miles. He also picked up over forty open networks. Don’t believe the myth that your little wifi network can only be “heard” a few hundred feet away.

    One day, in his college class (he’s a professor), he set up his antenna for the students and was able to pick up the transactions at a local gas station, credit card numbers and all. He went to the gas station and showed them his findings. They blew him off and didn’t believe it and refused to even investigate.

    Oh, well!

  16. John Smith

    Mine looks to be open, but only people I know can gain access. I use MAC address filtering. Once the devices MAC address is entered into my hub, then they have access, otherwise, no chance. Must be the most secure method available. Better than all those passwords. If my hub doesn`t recognise the device (Laptop, phone, desktop, etc.), It can`t get through, simple.

  17. Aaron Peter Samuel (apsamuel)

    1. MAC spoofing will get around a lot.

    Anyway, I have a split setup:

    wifi_priv ) – This is an extension of my LAN, all of my computers are accessible from here. In order to access you must have Passcode for WEP, and must also be on MAC list.

    wifi_pub ) – This is a stub network which only allows you to get out to the internet, it assigns you a public DNS server so you can resolve, the pass code is simple and this is what I allow my friends and other people who need to get online really quickly to use. That network has QOS rules which limit Torrents and other bandwidth intensive activities, also maximum of 10 people can be on it at any given time.

    — I feel if someone wants/wishes to make their network open its up to them. But then they can’t be ignorant to the problems that may cause for them or their organization. In regards to a “push/request” for people to open up their networks I think it’s a ridiculous request taking into consideration security and costs it would be way more feasible for ISP’s them selves to begin facilitating the “open wifi” network by purchasing and deploying new hardware.

  18. mrethiopian

    Re: John Smith – locking down by MAC address is NOT safe at all.

    Each one of those devices that is connecting to your hub is not only publishing their MAC address to your router but also broadcasting the same MAC addresses to the world, all you need to do to gain access is to sniff the air around location pick one of the many MAC address and change my MAC address to one of those that your routers trusts, bingo I’m in. Chances are you have already been hacked you have no idea thats its going on.

    WPA2+AES with the Temporal Key Integrity Protocol (TKIP) wrapper is what you all should be running if you care about the data on your systems.

    Personalty I run two networks at home one locked down and the other open, the open network is NOT a DMZ built on top of the other but a completely different network all to its own and yes even though its open to the world it still has content filtering and monitoring and alerting based on its own rules set.; my own personal Honeypot to play n such.

    You have no idea.

  19. william watkins

    I do have Yi Fi But I have at&t Internet. I would like to have my , Internet Explorer 8 back. can you help me.

  20. doxie56

    Mine is locked… partly b/c AT&T set up their modem/router that way when they installed it… partly b/c I live in an apt. complex with far too many neighbors who would access constantly b/c the slow AT&T the complex currently supplies is sooo sloowww.

    However, I did share the pw with a neighbor I know well, a 20-something who was out of work and just needed to check email. But I won’t share with anyone I don’t know well; and I choose NOT to know many of the tennants here as we’re in partially HUD subsidized apts; and it’s amazing the kind of people you meet here!

  21. Michael

    I have a closed, but un-encrypted, network. Between the VPN I have to use for work and the stupidity of mobile wifi software configuration, it is simply easier.

    Besides, casual users and hackers will not find my network.

    Additionally, there are firewalls on all my PCs.

  22. NoMonkeyNo100

    I believe in the concept but am not savvy enough in networks to trust myself to protect myself. I might try it if there were a really secure and VERY simple way of doing it. I get really fouled up every time I try to set up ANY network, and believe me I have set up quite a few. Yet, it is pure hell each and every time!

  23. Mike

    I live in the mountains west of Sydney (Australia) and my “ADSL2+” is so slow and the download limits are such that if I shared my network I’d have no bandwidth left for ourselves. Also, the possibility of being arrested (even temporarily) for someone else’s kiddie porn or other illegal downloads is just too traumatic to contemplate. I use WPA2 and was using MAC filtering till I realised it’s not worth the hassle of setting it up…

  24. Jean

    I’m not a computer geek and have no clue what any of this means. All I know is that I have this fantastic laptop (2) and a Linksys modem and a Netgear Router which wasn’t easy to set up. I always assumed my wireless network was secure, How do you know?

  25. theora55

    If you don’t know, then it’s probably not secure. Technology (wifi) tends to outpace security. You should have a good password for the admin account on your route. Tape the password to the bottom of the router. The manual will explain how to set it up. It’s usually not very user friendly, so if you have a tech buddy, ask them to help, and don’t forget to reward them.

  26. theora55

    My wi-fi’s open. I live in a rural area, and if you park in my driveway to use the wifi while I’m at work, the next door neighbor will come check you out.

  27. Mike

    …….and I can also make a pretty compelling argument that, among other things, a network of open Wi-Fi nodes represents an enormous, powerful, and untapped network of asking for problems. You stay on your own wifi and surf your porn and commit your fraud and do whatever it is you want to do with YOUR wireless signal. If I find you on mine, I will boot you off – thats if you can get past the password. If I find you on it again, I will come over and discuss this with you. If it happens a third time, I will get a cease and desist order out on your butt. I dont leave my front and back doors open for a very similar reason….

Enter Your Email Here to Get Access for Free:

Go check your email!