IT DRILLDOWN
 
NEWSLETTERS
 

CIO.com updates, insights and advice on technology, management and your career.

 
 
 
SUBSCRIBE TO CIO
 
Are you involved in setting the direction for your company's IT budget or strategy?

Apply today for a FREE subscription to CIO Magazine!

 

 


Mon, Jan 14, 2008 17:03 EST

In-Home Wi-Fi: To Secure or Not to Secure?

Topic: Infrastructure

Blog: Mobile WorkHorse

Current Rating: 5 Comments: 14

I recently set up a new Wi-Fi router within my home, and the decision of whether or not to secure it was a no-brainer for me: absolutely, most definitely.

But apparently, that choice is not so obvious to everybody, including security guru Bruce Schneier, who feels that "providing Internet access to guests is kind of like providing heat and electricity, or a hot cup of tea." (Schneier is a past contributor to CSOonline.com, the website of CIO sister publication CSO.) Mr. Schneier notes that he appreciates it when open networks are available to him in places where he is otherwise unconnected, and suggests that if we're all "polite" there's no problem with leaving personal Wi-Fi networks unsecured.

Cisco Linksys Wi-Fi Router 

First of all, I'm not so worried about my guests using my network. It's the folks I don't know about that have me on the up and up. The folks who aren't polite.

And I can just hear my mother saying "better safe than sorry."

I'm not 100 percent sure of everything I'm protecting myself from by using the Wi-Fi Protected Access (WPA) security protocol—the strongest protection available to me through the new router, at least that I know of. But whatever threats are out there, whether they come in the form of baddies lurking outside my windows, looking to do Schneier-knows-what with my bandwidth or hackers trying to crack into my hard drive to steal my passwords, I'd like to do my best to stop them. I just can't see any reason not to use the available protections to help ensure that my Wi-Fi is used only by people I approve of.

The way I see it, I can always just provide the security key to folks who stop by and want to use my network, right? And I can change that key if I don't want one of those people to access the network again.

Schneier's main reasoning behind his decision to leave his home Wi-Fi network unsecured is that he configures his personal computers—and, presumably, whatever other devices he uses to connect to his wireless network—to be secure regardless of the networks they connect to, public or private. So Wi-Fi security is a non-issue for him.

He also points out that spammers and others looking for free Internet access are probably more likely to go sit in a comfy chair at one of the many Starbucks or other corner coffeehouses to perpetrate their misdeeds, as they can be just as anonymous in those locales as they can outside your window, and they wouldn’t need to waste gas keeping their engines running.

I largely agree, but I can think of at least one problem with that theory. According to new research from folks at Indiana University and the Institute for Scientific Exchange in Torino, Italy, criminals looking to exploit wireless routers could create an attack that would piggyback across thousands of Wi-Fi networks in urban areas in cities like New York or Chicago. That means that those very same Starbucks networks that seem so harmless now could be used to distribute attack code and install worm-like firmware on Wi-Fi networks in range--yours, perhaps--that would order them to infect additional networks, creating a sort of Wi-Fi attack domino effect. Networks secured with default passwords could be cracked and infected, taking over as many as 20,000 routers over two weeks, the researchers said. Even Wi-Fi networks protected with the Wireless Equivalent Privacy (WEP) algorithm could be cracked, though networks protected with the

You do not have flash or javascript support.
Average (4 votes)
5
 
 
Tue, Jan 15, 2008 10:19 EST
Anonymous user
Posted by: Paul S
Rating:

What if someone uses your home network to download pirated music (or something worse) illegally? Then if the authorities investigate you have much explaining to do why your IP gateway was indicated on the server logs, but you had nothing to do with it. The kind of Orwellian scenario that I think it not at all worth it, especially since you can always add people to your network if you need to.

 
Tue, Jan 15, 2008 11:49 EST
Posted by: Al Sacco
Rating:

Hi Paul,
I tend to agree with you, but Schneier actually states in his post that if somebody used his wireless network for criminal purposes and police came to investigate, he'd use the fact that the network was unsecured to help explain that he had nothing to do with the crime. He even suggests that if someone hacked into a secured network and committed a crime, the owner may have a harder time proving his or her innocence.

AS

 
Thu, Jan 17, 2008 16:22 EST
Anonymous user
Posted by: Paul S
Rating:

That's well and good for Schneier, but his approach doesn't seem to pass the "would my Mom understand it" test, whereas mine does.

Also -- sure, a professional could get around the MAC filter and WPA2 key (I suppose) but will the average teenager?

My logic is similar to the thought of getting a burglar alarm installed in your house. Sure, it can be defeated (or not set properly) - but the average burglar is presumably considering relative barriers to entry. And yes, someone accused of burglarizing my house could use the "how could I have stole from them if they have an alarm" defense, but I don't see that happening.

 
Tue, Jan 15, 2008 11:33 EST
Anonymous user
Posted by: John E
Rating:

Yes and No. Sorry to sound wishy-washy on this, but it depends largely on your personal situation and most of us here have a need for security. Now I want to share, so I came up with a solution. My home network actually has two wireless routers (they're cheap enough now.) Router 1 is conected to the incomming satellite modem. It is wide open, for anyone to use. Wireless connections are "throttled back" to 1 Mbs. Pletty for web surfing, but not for huge data transfers. Router 2 is connected to Router 1, but its firewalled and invisible on the Router 1's network also due to the fact that routers do not share data across ports like a hub does. Router 2 uses WEP security and Mac filtering for my "internal" network and since it is hardwired to router 1, bandwith is not throttled back. Secure for me, and still freindly to the weary traveler. Of course don't think for a second that I'd allow an unsecure wireless router on my Enterprise network! :)

 
Tue, Jan 15, 2008 13:35 EST
Anonymous user
Posted by: Edward Beck
Rating:

I read the article on his blog, and think this is a discussion generating thread if anything. While he may not be using any encryption, he probably has a mac filter enabled or some other low level measure in place and is just stirring the pot to generate thought and discussion - just like the movie plot contests. Besides, he probably has a physically secured driveway in a secluded residence well beyond the reach of anyone's wireless tools! That makes it easy to be "unsecured". Also as he normally does, he is getting the thought process to expand beyond simply WPA/WEP and into the other realms that may matter more.

About this Blog

Al Sacco writes about (and drools over) anything and everything mobile or wireless as it applies to the global workforce.

Start a Conversation
Click to post

Got something to say? We want to hear it! Click the Post button to get started. GO»

EXPERT ADVICE
See our roster of experts.

Advice & Opinion from more than 90 of IT's most insightful thinkers.

advertisement

TOP USERS
UserPoints
1. laith al jazi12550
2. Akshay Upadhye7650
3. Chris Moore6750
4. abdhiraj6175
5. remi5525
UserPoints
6. Mark Cummuta4675
7. Brian Flora4575
8. Al Sacco4200
9. asengupta3750
10. reCareered3700
  PARTNERS       PODCASTS       WEBCASTS    
 

Enterprise Content Management: From Strategy to Solution

Enterprise content management (ECM) has become an important competence and infrastructural technology, particularly for large and medium-sized organizations. Hear about industry trends for ECM and why standardizing your ECM platform is so critical to your success during this roundtable discussion.

Sponsored by IBM  View This Webcast »

 

The CIO's Guide to Wireless in the Enterprise

This guide provides a basic overview and worksheet of mobile computing for those who are interested in evaluating a wireless enterprise solution.

Sponsored by Blackberry
  Read This White Paper »

 

The Universal Wireless Client

Learn how replacing multiple wireless clients with one Universal Wireless Client can cut support and help desk costs, increase end user satisfaction, improve security, and help implement Network Access Control.

Sponsored by Fiberlink  Read this White Paper »

Resource Alerts

Get instant email notifications by topic when white papers, webcasts, and case studies are added to our library.

NAC launch from HP Procurve Podcast with Lippis Report, Part 1

ProCurve Networking by HP joins the Lippis Report to announce major product and organizational additions to their ProActive Defense strategy.  Read More »

 

Accenture's View on Web 2.0 and its impact on business

Publisher at CIO magazine, Bob Melk, talks to Accenture's Blair Jones about the emergence of Web 2.0...  Read More »

 

A Best-Practice Framework for Virtualization

This podcast offers insights and perspective on the various issues that relate to virtualization...  Read More »

Resource Alerts

Get instant email notification when white papers, webcasts, and case studies are added to our library. Don't just be up-to-date—be up to the minute with our new Resource Alerts.

Forrester builds a case for the next generation information workplace.

As businesses seek new ways to enhance collaboration and improve productivity, the information workplace continues to evolve...  Read More »

 

Find out what Forrester says about mobile endpoint security and its management.

Mobility raises productivity. But IT departments are hard-pressed to protect mobile data and to manage security software, wireless clients and regulatory compliance for mobile workers...   Read More »

 

Get Forrester's take on simplifying mobility with the universal wireless client.

Mobile workers want to use all types of wireless networks: WiFi, 3G cellular networks, corporate WLANs and home wireless networks. But how can IT support...  Read More »

Resource Alerts

Get instant email notification when white papers, webcasts, and case studies are added to our library. Don't just be up-to-date—be up to the minute with our new Resource Alerts.

 
NEWSLETTER

Sign-up for the Advice & Opinion Newsletter

 
FEATURED SPONSORS
 
 
 
SPONSORED LINKS
 

Reducing Data Center Costs with Data Deduplication: A TCO Analysis

TDWI Research report clears confusion about automating data governance

Learn about the software-based VoIP solution from Microsoft

Microsoft System Center - Designed For Big

Storage Efficiency: The Key to Green Storage Operation

Fuel the Responsive Enterprise Through Oracle Fusion Middleware

Balance Your Innovation and Efficiency Platforms for Competitive Advantage and Responsiveness

Oracle Real Application Testing with Oracle Database 11g

InfoWorld Test Center on Oracle Active Data Guard

Master Data Management: The Approach Determines the Results

The Power of Pervasive Business Intelligence

Reap the Benefits of Unified Communications

Controlling High Fraud Risk of International Transactions

Renowned Engineering Institution Chooses AMD Processor-Based Servers

How to Manage the Mobile Work Environment

Extending PCI Compliance to the Mobile Workforce

Solving Online Credit Fraud Using Device Reputation

Process Integration and Traceability through Requirements Management

Virtual Support Technology Delivers Quantifiable Gains in Productivity and Performance

Building Competitive Advantage with Next-Generation Wireless Infrastructure

Building an Online Customer Experience Competency

Skechers, an IBM Customer Case Study

What Is Innovation and What Role Do CIOs Have In It?

Configuration Assessment: Choosing the Right Solution

They Can't Steal What You Don't Have: Smart Security Choices for Mobile Workers

Speed, agility, flexibility - The HP BladeSystem c-Class

Cost-Effective Data Center 1U Server Solutions

Secure your virtual and physical environments with the same software

GET YOUR VoIP ONTM! Win 2 Years of Hosted VoIP from Cypress. $100,000 retail value. Enter today!

Standalone Server vs. Open Source Toolkits

Drive More Effective Business Processes with SOA

Oracle Database 11g: Real Application Testing & Manageability

InfoWorld Test Center on Oracle Real Application Testing

Oracle Database 11g: Advances in Compression, Real Application Testing and Data Guard

Getting Off on the Right Foot: Avoiding Common Master Data Management False Starts

Conquering Information Management Challenges

The Challenge of Network Access Control -- Is a Managed Service the Answer?

Efficient by design: Watch this flash demo of the Quad-Core AMD Opteron Processor

HP and Oracle deploy unbreakable computing infrastructure at Replacements, Ltd.

The Universal Wireless Client: Simplify mobility and reduce the cost of supporting mobile workers

Strategic IT Financial Management - Achieve Higher Organizational Performance

Strategies for Asia-Pacific Expansion

Unified Communications: "More Than Just Talk"

Accelerating ITIL at the Service Desk

New research validates telepresence solutions.

The Gartner Magic Quadrant

How to Choose the Right ECM Platform

Optimizing Infrastructure Control

Effective Security with a Continuous Approach to ISO 27001 Compliance

Best Practices for Providing Secure and Cost-Effective Remote Access