Leaving my wifi open for the world

Solution 1:

I admire your altruistic notions of providing WiFi to those who need it - but you are leaving yourself open to huge exposure.

The RIAA et al will still hold you responsible for what they download, since you are here, I presume you are an IT person, hence an unsecured WiFI connection will not be a particularly good defense! Secondly there are worse things than movies people can download - do you want the hassle of having to prove YOU did not download those pictures?

Perhaps get the OpenWRT or similar firmware (if needed) and at least log what others download just in case - delete them (obviously without reading them) after 3-4 months?

Solution 2:

Security author Bruce Schneier leaves his personal network open, arguing that wireless encryption gives a false sense of security. He says:

I'm also unmoved by those who say I'm putting my own data at risk, because hackers might park in front of my house, log on to my open network and eavesdrop on my internet traffic or break into my computers. This is true, but my computers are much more at risk when I use them on wireless networks in airports, coffee shops and other public places. If I configure my computer to be secure regardless of the network it's on, then it simply doesn't matter. And if my computer isn't secure on a public network, securing my own network isn't going to reduce my risk very much.

http://www.schneier.com/blog/archives/2008/01/my_open_wireles.html


Solution 3:

Wether it is wise or not, even celebrity security experts seem to leave their home wifi open for all.

The pro's are:

  • It is a "neighborly" thing to do. Anyone likes finding a connection to quickly get an email fix or look something up on the net. "Do unto others as you would have others do unto you" as it were.

The con's:

  • Setting it up so that a worm laden machine connecting to your LAN does not infect your machines is beyond the interests and skills of most people.
  • If the connection is abused, this could mean being sucked into an investigation.
  • Some ISPs explicitly forbid it in their terms of service

If you like the open access idea, you might want to create a separate "visitors" network using that old 801.11b router you have lying around from before you upgraded, and keep your shiny new n router for your own LAN.

alt text
(source: ask-leo.com)


Solution 4:

Well, this isn't really SysAdmin related but since it's in the public interest I'll let it slide ;-).

In short: there is nothing wrong with leaving your wifi open. Just be aware of the security concerns. Since the connection is unencrypted, any passwords you send over connections to other servers that aren't encrypted will be visible to anyone watching your network.

For example, if you connect to your email via a POP3 connection which doesn't use SSL (aka POP3S), anyone could watch your wireless network, see your username & password, and later use it themselves.

For this reason, unless you are very aware of what a secure connection is, (for all kinds of internet communication, including logging into websites) (and the fact you're asking here means, sorry, but you don't), I'd recommend you set up strong WPA2 or WPA encryption instead -- as I mentioned elsewhere, these are very secure.


Solution 5:

If I were you I would use encryption because:

  1. Someone from the street may use it to hack and you will have to explain yourself to the authorities.
  2. Any not secure flaws will be accessible to everyone. For example someone can mount your shares or just for fun use up all your ink in printer.
  3. After all cracking the encryption takes some time and people who look for networks to use will just probably ignore your wifi and continue search for an open one.
  4. Someone might use it to download kiddie porn, movies etc. and you'll have to explain yourself.

It's just a little configuration with makes "bad people" move along, rather then sit and crack.