In praise of PPPOE

A minor but significant difference in the at-home internet experience here in Brazil is that many of the internet service providers -- including the one I use in my present digs in Sao Paulo -- use a procedure called PPPOE.

A minor but significant difference in the at-home internet experience here in Brazil is that many of the internet service providers—including the one I use in my present digs in Sao Paulo—use a procedure called PPPOE.

PPPOE stands for point to point protocol over ethernet.

It is an internet access management mechanism that survives from the old days of dial up modems.

Leaving the techie fine points aside, what it basically means is that you have to have an account with a user name and a password to get onto the internet.

The PPPOE connection I am using here allows me to log on to the internet only once at any given time with the same user name and password.

If I wanted to connect two or more computers in the house to the internet, I would have to do one of two things.

First, I could create a local area network in the house, with one computer acting as the connection point to the internet, and the others making their connections indirectly, as clients of that computer.

That requires a bit of networking knowledge, but it is not difficult to do.

Alternatively, and more simply, I could have (and pay for) two or more PPPOE accounts, each with its own user name and password, using the same DSL or cable modem connection at the same time.

When I first encountered this method of controlling my local DSL access, I thought it was a bilk perpetrated by the local telephone company.

Over the past few weeks, however, I have come to appreciate some of its finer points, and I now think Yukoners might be well served if our local telephone company had a PPPOE offering for customers.

The chief disadvantage of the PPPOE log-on procedure is the obvious one of inconvenience.

Once your computer is up and running, you have to go through an additional step of opening a window, clicking the “connect” button, then waiting a second or two while your user name and password are checked and confirmed by your ISP’s account management computers.

The advantages that arise from this minor extra complication, however, are significant, and accrue to both the ISP and its customers.

First, from the ISP’s point of view, a number of account management activities—tracking and billing for individual user’s bandwidth usage, for instance—become simpler, because each usage session is clearly branded with an account name.

That account-name branding of each internet session also makes it easier for the ISP to enforce its own acceptable use policies for internet access, and to respond to police requests about a given customer’s internet activities.

If it becomes apparent that some kind of unacceptable internet activity is being generated from a given DSL or cable modem connection, the ISP can easily identify which specific account is generating that activity.

It can then, if necessary, suspend or terminate that specific account, without having to cancel internet service to everyone else using that connection.

Similarly, if the police arrive with a warrant to access the ISP’s logs in the course of a criminal investigation, the ISP can provide them with information exclusively relating to the user account in question. It does not have to compromise the privacy of the other user accounts sharing the same internet modem with the one belonging to the person under investigation.

From the end-user’s point of view—particularly now, when so many people are using wireless access routers to connect their computers to the internet—there is a significant safety advantage in using PPPOE.

The main problem with wireless routers is that people are notoriously either lax or ill-informed about how to set them up so that they are not wide open for use by anybody who happens to have a computer within their area of effect.

In the past few months, I have had conversations with at least three people who, for one reason or another, failed to “lock down” their wireless routers, and took a financial belly-blow when their monthly internet bill arrived, heavily laden with excess bandwidth usage charges.

With a PPPOE internet connection, this is no longer a danger, no matter how unprotected you leave the setting on your wireless router.

The wireless router I am using here in Sao Paulo, for instance, is not “locked down” with a user name and password.

It doesn’t have to be.

An intruder may be able to join this network, but he or she is not going to be able to go anywhere or do anything on the internet without first logging on with a valid user name and password issued by the telephone company.

This kind of password protection, of course, is not at all foolproof.

User names can be uncovered one way or another (various “human engineering” tricks may dupe you into revealing it), and your standard eight-character password is eminently hackable these days, what with the existence of advanced password cracking software, and powerful personal computers to run them.

Still, PPPOE is clearly a more secure solution to marketing internet access to the public.

A PPPOE, passworded account, combined with a “locked down,” passworded wireless access router, could go a long way to enhancing both the privacy and security of internet users.

Our local internet service provider (hello, Northwestel, you’re the only one) really should check out the possibilities of this option.

I, for one, would be a happy early adopter.

Rick Steele is a technology junkie

who lives in Whitehorse.