Wireless security everyone's concern

David Canton - For the London Free Press - January 14, 2006 Read this on Canoe

A law has been proposed in a New York City suburb that would require any business or home office with a wireless network to install separate servers to combat Internet attacks. Violators would face fines of $250 US or $500 US.

The purpose of the law is not to protect the owners of the networks, but rather to protect consumers from identity theft and other data threats.

The law would apply to Internet cafes and other wireless hot spots, as well as commercial businesses and home offices which take personal information from consumers. It would require "commercial businesses" with "public Internet access" to have a "network gateway server" with a software or hardware firewall.

It would also require any business or home office that stores personal information to install a firewall-outfitted server -- even if its wireless connection is encrypted and not open to the public.

Affected businesses would also have to post a sign that says, "You are accessing a network which has been secured with firewall protection. Since your protection does not guarantee the security of your personal information, use discretion."

"People don't realize how easily their personal information can be stolen," said Andy Spano, the Westchester County executive who proposed the legislation. "All it takes is one unsecured wireless network."

In that respect, he is correct. Unless precautions are taken, someone using a portable computer can easily steal data from your laptop at a public WiFi hot spot or connect to your home network.

According to Jupiter Research, a company that provides research and analysis on the Internet and other technologies, 14 per cent of WiFi users have logged onto neighbours' networks during the last year and 30 per cent are worried about their neighbours getting onto their networks.

A person logging on to your home or business network is a problem. It uses up your bandwidth, which slows down your use of the network, but more importantly allows your data to be intercepted.

If the intruder uses your network to commit a crime, send spam or cause other issues, there is a chance you will be held responsible. Even if you're found not responsible, it may be assumed you were the wrongdoer unless you can prove otherwise.

Since computers are often configured to connect to the strongest signal, you may even be connecting to a neighbour's computer inadvertently.

WiFi hot spots are a growing phenomenon. While once limited to Internet cafes and airports, some McDonald's restaurants are now equipped with WiFi access. Some municipalities, such as Philadelphia, have attempted to install networks that blanket the entire city.

These plans, however, are often thwarted by telecommunications companies that have lobbied for laws banning the efforts to avoid competition from the public sector.

The issue of WiFi security deserves attention. While the purpose of the New York proposal is understandable, it seems impractical for technical and financial reasons.

In my view, legislating for specific technical measures rather than a result is not the best approach.

Whether you have a WiFi router or are considering getting a wireless business or home network, data security must be dealt with. Everyone should make sure their wireless connections are secured so only intended users have access.

Anyone installing WiFi devices should turn on security measures or have a computer professional do so.