Home / server / Questions / 16684
Accepted
Thomaschaaf
Asked: 2009-06-02 02:58:36 +0800 CST

Leaving my wifi open for the world

  • 772

For my home I want to be a nice neighbor actually I have let my wifi open for the past maybe 6 or 7 years. I know that WEP, etc can be cracked within a couple of minutes but my neighbors son who works in IT told his mom and she told me that I am doing bad things and you know the story..

Do you think it's okay to leave your wifi open to the public? I live in a suburb with a tiny street and about 8 houses in reach of my wifi. I have a 16k DSL line so if some one joins me for a couple hours I would probably not notice.

I would love your thoughts on whether I should encrypt my wifi or not.

authentication wifi

22 Answers

  1. Best Answer

    I admire your altruistic notions of providing WiFi to those who need it - but you are leaving yourself open to huge exposure.

    The RIAA et al will still hold you responsible for what they download, since you are here, I presume you are an IT person, hence an unsecured WiFI connection will not be a particularly good defense! Secondly there are worse things than movies people can download - do you want the hassle of having to prove YOU did not download those pictures?

    Perhaps get the OpenWRT or similar firmware (if needed) and at least log what others download just in case - delete them (obviously without reading them) after 3-4 months?

    • 19

  2. Security author Bruce Schneier leaves his personal network open, arguing that wireless encryption gives a false sense of security. He says:

    I'm also unmoved by those who say I'm putting my own data at risk, because hackers might park in front of my house, log on to my open network and eavesdrop on my internet traffic or break into my computers. This is true, but my computers are much more at risk when I use them on wireless networks in airports, coffee shops and other public places. If I configure my computer to be secure regardless of the network it's on, then it simply doesn't matter. And if my computer isn't secure on a public network, securing my own network isn't going to reduce my risk very much.

    http://www.schneier.com/blog/archives/2008/01/my_open_wireles.html

    • 17

  3. Wether it is wise or not, even celebrity security experts seem to leave their home wifi open for all.

    The pro's are:

    • It is a "neighborly" thing to do. Anyone likes finding a connection to quickly get an email fix or look something up on the net. "Do unto others as you would have others do unto you" as it were.

    The con's:

    • Setting it up so that a worm laden machine connecting to your LAN does not infect your machines is beyond the interests and skills of most people.
    • If the connection is abused, this could mean being sucked into an investigation.
    • Some ISPs explicitly forbid it in their terms of service

    If you like the open access idea, you might want to create a separate "visitors" network using that old 801.11b router you have lying around from before you upgraded, and keep your shiny new n router for your own LAN.

    alt text
    (source: ask-leo.com)

    • 9

  4. Well, this isn't really SysAdmin related but since it's in the public interest I'll let it slide ;-).

    In short: there is nothing wrong with leaving your wifi open. Just be aware of the security concerns. Since the connection is unencrypted, any passwords you send over connections to other servers that aren't encrypted will be visible to anyone watching your network.

    For example, if you connect to your email via a POP3 connection which doesn't use SSL (aka POP3S), anyone could watch your wireless network, see your username & password, and later use it themselves.

    For this reason, unless you are very aware of what a secure connection is, (for all kinds of internet communication, including logging into websites) (and the fact you're asking here means, sorry, but you don't), I'd recommend you set up strong WPA2 or WPA encryption instead -- as I mentioned elsewhere, these are very secure.

    • 8

  5. If I were you I would use encryption because:

    1. Someone from the street may use it to hack and you will have to explain yourself to the authorities.
    2. Any not secure flaws will be accessible to everyone. For example someone can mount your shares or just for fun use up all your ink in printer.
    3. After all cracking the encryption takes some time and people who look for networks to use will just probably ignore your wifi and continue search for an open one.
    4. Someone might use it to download kiddie porn, movies etc. and you'll have to explain yourself.

    It's just a little configuration with makes "bad people" move along, rather then sit and crack.

    • 7

  6. This is a big myth that you are responsible for the traffic coming out of your network. ISPs, coffee shops, etc are not liable in any way for what their users do.

    In fact, this can even be used to your advantage in case something happens. If you have a open network anyone could have done, not just you.

    I do the same thing and keep my wireless network open... I hate when I go out and need to quick check something online and there is no open wireless.

    Be a nice neighbor, but check often to see if no one is taking advantage and using all the time.

    • 6

  7. In germany, iirc, there is a huge difference between 'neighbour doing bad things with your open wifi' and 'neighbour doing bad things with your (somehow) secure wifi'. It does not matter how secure it is, just the 'i made it secure' thing makes the usage of your wifi a crime and you won't have to take responsibility for others using it.

    What i do all the time when using insecure networks is using a VPN-tunnel to somewhere i trust enough for the things i want to do (work or home). Even if you want your wlan to be open, you could at least secure your own communication ;)

    • 4
    • your communication is unencrypted, and there are many sites and services, that do not use SSL. Many only protect passwords, but still leave you open to session hijacking etc.
    • you're risking your IP getting banned for malicious behavior either of the users or of the trojans they might have in their systems.
    • some ISP have policy of completely disconnecting users, who do P2P, spam etc.
    • your computer illiterate neighbor might be using your net without even knowing it, just by having his laptop configured to "connect to any available network".
    • if you use your WiFi as your primary home LAN, they get access to your NAS, PVR, VoIP, printer etc.

    As for "false sense of security", WPA2 has no known vulnerabilities and has not yet been cracked.

    So called "WPA2 cracks" are actually lame, dictionary based attacks. Won't do any harm against strong password, especially if you use random hex, not ASCII.

    • 3

  9. I've actually had this discussion with local law enforcement. Fortunately we have a high-tech crime squad in San Diego and an ADA who has a pretyt good amount of clue in the high-tech area.

    It is not in your personal best interests to have open wi-fi. Beyond the ISP terms of service, you run into the possibility of being dragged into an investigation.

    In the San Diego area, there have been at least two cases in the past year where crimes were committed by people who were war-driving to find open residential wi-fi. In both cases the perps committed felonies, which led to the homeowners being the initial subjects of the investigations.

    Open wi-fi just isn't worth the possible hassle.

    • 3

  10. A client of mine has been in this precise situation. He left his WiFi open to all as a gesture of good will, two months after he did, he got a warning from his ISP about his data usage, and a week after that he received a cease and desist letter from the RIAA

    He no longer has open WiFi.

    • 3