Lock down that WiFi!

A couple of weeks ago, I met up with an old customer of mine from my days in the internet business. An affable, well-spoken man, though a…

A couple of weeks ago, I met up with an old customer of mine from my days in the internet business.

An affable, well-spoken man, though a self-acknowledged computer innocent, he likes to pick my brain from time to time about matters to do with computers.

On this particular morning, after a few flattering words about this little column of mine, he ventured a suggestion.

“You should maybe use one of your columns to explain about this wireless internet stuff,” he said. “Lots of people like me don’t really understand what it means or how to use it.”

His words struck home to me, because recent experience had just taught me how many people in Whitehorse, though they may be using wireless internet, really don’t understand what it is, or how to use it properly and safely.

And what they don’t know can hurt them.

Having recently acquired an Apple iPod Touch — an MP3 player that allows me also allows me a certain amount of internet access on available wireless connections — I had spent several days walking around downtown Whitehorse, using this nifty new device to see how many wireless networks I could find, and how many of them I could easily join.

Let me make haste to say I was not doing this with any malicious intent, just out of simple curiosity.

My little iPod Touch is not anything like the kind of device I would need to “hack” any body’s computer system; and, even if had the tools at hand, my cyber-ethics would stand in the way of me doing anything malicious to an innocent computer network.

What I was interested in seeing was just how many wireless connections were out there, and how many of them were “locked down” — in other words, required you to enter a password before you could join their network.

I discovered that, in relative terms, the security situation for domestic wireless internet users has improved very much over the past three years or so (the last time I went “war driving,” as this kind of cruising-for-networks is called).

What I mean by that is that a majority — I would estimate 70 per cent — of the wireless networks I found were password secured.

In absolute terms, though, the security situation is actually worse than what I saw three years ago.

Only 30 per cent or so of the domestic wireless networks I found might have been open to all comers, compared to well over half three years ago; but there are now many, many more wireless networks, and that means, in terms of pure numbers, there are many more wide-open networks out there, ripe for the plucking by hackers and other exploiters.

They are ripe for the plucking because their owners do not understand the nature of the technology they are using, or the dangers it can place them in.

Wireless internet (commonly called “WiFi”networks—short for wireless fidelity networks) are essentially tiny two-way radio transmitters, using radio waves to send digital signals from the wireless access point (WAP) to wireless-equipped computers.

Digital data is sent back and forth between the wireless router and the client computers, using plain old radio waves.

In most situations, these little radio stations have a broadcast range of around 100 meters.

If your WAP is not using password protection, any wireless-capable computer within that broadcast range can freely join you network and use your bandwidth to download anything they want (which could cost you extra bandwidth charges) or to conduct some illegal activity using your Internet Protocol Address (which could put you into trouble with the law, if they hunt you down).

Given the potential dangers in terms of cost and personal safety, it is both startling and unnerving that so many people are leaving themselves so wide open — especially when it is so easy to remedy the situation.

The setup instructions that come with your wireless router almost always have clear, illustrated guides for setting your network password.

Even a weak or lame password (unless it is something just plain dumb, like “Yukon”) is better than no password at all.

Given the large number of other wide-open wireless networks out there, the mere presence of a password encourages a “war driver” to give you a miss and move on to pluck easier chickens.

It is also painfully easy to restrict how many computers can connect to your wireless router at any one time.

This is done by going to the DHCP settings on your router (also very easy to find in your instruction manual) and limiting the maximum number of Internet Protocol Addresses your router will hand out to the number of computers currently on your network.

That way, even if a war driver hacks your password and connects to your network, he or she is not going to be able to get the IP address necessary to use your network for internet access.

No unexpected internet usage bills; no surprise visits from the local police.

Both these security measures are, as I said, dead easy to implement.

Only lack of knowledge that these tools are available, and lack of understanding of the dangers of not using them, stands between so many wireless users and safety.

I hope this column has come under the noses of at least some of them, and done a little good.

Being computer-innocent is fine and good, but not when it puts you in harm’s way.