Wireless Network Security Concerns

From Yochai Benkler - Wealth of Networks
Revision as of 14:57, 1 May 2006 by RT (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

In Chapter 11, Benkler discusses security considerations in relation to open wireless networks. He concludes that encrypted routers would have “enormously deleterious effects on the development of open wireless networks.” To him, wireless encryption would only make it marginally more difficult for criminals to cover their tracks, a sacrifice that is not worth the disadvantages that arise from restricting open wireless networks. He then explains the security benefits of an open wireless network: "One of the core concerns of security is the preservation of network capacity as a critical infrastructure. Another is assuring communications for critical security personnel. Open wireless networks that are built from ad hoc, self-configuring mesh networks are the most robust design for a local communications loop currently available. It is practically impossible to disrupt local communications in such a network, because these networks are designed so that each router will automatically look for the next available neighbor with which to make a network."

In effect, the substantial security benefits of open wireless networks make up for the security disadvantages created by the availability of wireless access, according to Benkler. While there are substantial benefits associated with open wireless networks, it is important to consider more carefully the security risks arising from the current implementation of wireless networks. Specifically, two aspects of unencrypted wireless make it particularly susceptible to security risks: 1) the distinct ease by which an individual can use wireless for anonymization purposes; and 2) the use of wireless networks to gain access to private networks.

Benkler touches on the use of wireless networks for criminal activities, but resolves the concern by implying that criminals will still find another means of anonymization in the absence of open wireless networks. However, a specific concern of unencrypted wireless routers is the ease by which they can be used by others. Requiring nothing more than a computer with a wireless card, unencrypted routers give access to anyone within range of the router. Furthermore, the access points provided by these routers are easy to find. One reporter was able to find fourteen wireless access points, six of which were freely accessible in a matter of five minutes while driving through downtown St. Petersburg. Another study concluded that more than two-thirds of the roughly 88,100 access points found by people driving around in cars did not have basic security settings activated. A culture of chalk symbols has developed whereby people indicate available networks and the security features of those networks to others. This widespread availability of wireless networks has led to criminal activity conducted over the networks for the purpose of anonymity. This criminal activity includes “child pornography, fraud, death threats, and identity and credit card theft.” Individuals such as this man who was arrested for child pornography conducted over a stolen wireless connection are able to easily find and use wireless connections that shield them from being traced to the illegal activities. While it may be true that there are other ways by which criminals can conduct their activities anonymously, a particularly threatening aspect about wireless access is its broad availability and ease of use for this purpose.

Open wireless access also leads to the additional concern of people using wireless networks as a backdoor into private networks. In this exploitation of open wireless networks, an “intruder connects directly to the network on the private side of the gateway device, completely bypassing any hardware firewall between the private network and the broadband modem.” Thus, the use of unencrypted wireless routers makes it easier for hackers to gain access to confidential information on individual and corporate networks.

While encryption technology does exist in wireless routers the vast majority of users do not take the five minutes necessary to encrypt their networks. Benkler argues that default encryption would seriously limit the development of open wireless networks. This may be true, but it is also true that default encryption would reduce the significant security risks that currently plague wireless networks. As a result, it is important to further examine the relevant factors in a balancing test between the pros and cons of open wireless networks as compared to routers with encryption defaults. Due to the significant risks of unencrypted networks, however, it is important that policymakers do not too easily dismiss the susceptibility of wireless networks to security breaches.