Happy WiFi Day!

You may not realize it, but these are the waning hours of WiFi Day -- 8.02.11

Act now! Congress wants to kill WiFi-like spectrum, sell it off to highest bidder instead


Harold Feld from Public Knowledge sez, "Republicans have proposed forbidding the FCC from allocating any more 'unlicensed' spectrum for WiFi and other uses unless they give wireless companies the opportunity to buy exclusive licenses first. This would effectively mean the end of open spectrum, cutting off investment in the TV white spaces/'Super WiFi.' Public Knowledge has issued an Action Alert, asking those who care about the future of open spectrum and wireless competition to sign up to call their member of Congress on Friday, July 22 and tell them that America needs more unlicensed spectrum that everyone can use -- not just the big wireless companies that can spend billions on licensed spectrum."
Don't think it's worth the trade-off (less unlicensed spectrum and less wireless innovation for very little benefit to either the public or the government's bottom line)? Call your Member of Congress!

We're making this as easy as possible by setting up a day of action this Friday, July 22. To participate, all you need is a mobile phone with the ability to send and receive SMS messages.* If you haven't already signed up for PK Mobile Action Alerts, take a moment to do so now. We'll contact you on Friday with instructions on how to take action.

Don't Let Fox, AT&T and Verizon Buy Their Way Out of Regulation (Thanks, Harold!)

WiFi-sniffing picture frame

wifisniffframe.jpg This picture frame, made from an ancient Pentium II laptop, displayes images sniffed out of public WiFi connections: "Many coffee shops in Vancouver feature both local art and wi-fi, so why not combine the two?" Wiretap picture frame [Free Geek Vancouver via JWZ]

Whither Wi-Fi in Warm Weather?

spelmanreuters.jpg
Caroline Spelman. PHOTO: Reuters/Ueslei Marcelino One would think from reports today that the UK's secretary of state for the environment and rural affairs, MP Caroline Spelman, had lost her bleeding mind. Spelman has been widely quoted about a new report from her agency, Defra, about the threat to infrastructure from global climate change. It covers the extremes of temperature and the routine occurrence of heat above a normal range for the UK, and more storms and severe weather that could ravage Great Britain. The report is an analysis on what changes need be made to keep bridges from buckling in heat or cracking in cold, and nuclear and fossil-fuel plants from suffering damage from previously unthinkable conditions, as well as quotidian issues like floods polluting water supplies and spreading sewage. It's a ripping read, and, please recall, originates from the Tories, the majority conservative part of a coalition government that completely acknowledges the reality of a range of risk potential from climate change. The Conservatives are no Republicans, no matter what else you may say about them. Nonetheless the report's broader issues were overlooked because of a focus on an exceedingly tiny statement buried in it that Spelman highlighted in a speech unveiling the work. Her prepared remarks have her saying:

Our economy is built on effective transport and communications networks and reliable energy and water supplies. But the economy cannot grow if there are repeated power failures, or goods cannot be transported because roads are flooded and railways have buckled, or if intense rainfall or high temperatures disrupt Wi-Fi signals.

Read the rest

Federal judge: open WiFi doesn't make you liable for your neighbors' misdeeds

A Federal judge in Illinois has once again rebuffed a copyright troll's request for easy court orders to allow him to connect IP addresses with people. The judge said that open wireless networks and other factors make the connection between IP addresses and defendants difficult, and that making it easy to connect people and IPs would invite extortionate legal claims.

After the recent raids against people whose open wireless networks had been used by their neighbors to download child pornography, many people advised that this was evidence that leaving your wireless network open would make you potentially liable for the misdeeds of people who happened to use it.

But as this case shows, judges can be savvier than that (and they should be, too). Good law shouldn't punish people for being neighborly.

Baker then went on to cite a recent mistaken child porn raid, where an IP address was turned into a name--but the named person hadn't committed the crime. "The list of IP addresses attached to VPR's complaint suggests, in at least some instances, a similar disconnect between IP subscriber and copyright infringer... The infringer might be the subscriber, someone in the subscriber's household, a visitor with her laptop, a neighbor, or someone parked on the street at any given moment."
After botched child porn raid, judge sees the light on IP addresses

Future, sharing-friendly WiFi design

The Electronic Frontier Foundation's staff technologist Peter Eckersley writes in "Why We Need An Open Wireless Movement" about the positive aspects of sharing your WiFi with your neighbors and passers-by and about the tragedy of the commons that is puts those of us who generously share our networks with the world at risk. He proposes future direction for protocol and hardware design that allow us to share while keeping our traffic private and while maintaining a minimum amount of bandwidth for our own use.
The problem that's really killing open WiFi is the idea that an unlocked network is a security and privacy risk.

This idea is only partially true. Computer security experts will argue at great length about whether WEP, WPA and WPA2 actually provide security, or just a false sense of security. Both sides are partially correct: none of these protocols will make anyone safe from hacking or malware (WEP is of course trivial to break, and WPA2 is often easy to break in practice), but it's also true that even a broken cryptosystem increases the effort that someone nearby has to go to in order to eavesdrop, and may therefore sometimes prevent eavesdropping.

It doesn't really matter that WiFi encryption is a poor defense against eavesdropping: most computer users only understand the simple message that having encryption is good, so they encrypt their network. The real problem isn't that people are encrypting their WiFi: it's that the encryption prevents them from sharing their WiFi with their friends, neighbours, and strangers wandering past their houses who happen to be lost and in need of a digital map.

Why We Need An Open Wireless Movement

(Image: WiFi signal, a Creative Commons Attribution (2.0) image from nnova's photostream)

Brazilian telcoms regulator raids, confiscates and fines over open WiFi

The latest in a series of reversals from Brazil's new government is an attack on open WiFi. The Brazilian telcoms regulator claims that it is empowered to raid the homes of people with open WiFi networks and seize their routers and then issue hefty fines. This is part of a general series of attacks on sharing and openness in Brazil, including attacks on free content and open culture -- a heartbreaking turn from a nation that has led the world in respect for the open Internet, shared culture, and freedom for most of the century.
On January 27 , Anatel (Brazil's National Telecommunications Agency), the regulatory agency responsible for regulating, executing and supervising the telecommunications sector, seized equipment and fined an internet user R$ 3,000 (approximately $ 1,810 USD) for sharing his wifi connection with neighbors in the city of Teresina, Piauí state (Northeast of Brazil). [GV note: one of the poorest states in Brazil.]
Brazil: Criminalization of Sharing Internet via Wifi (Thanks, Gmoke, via Submitterator!)

(Image: Anatel, a Creative Commons Attribution (2.0) image from hapoptosis's photostream)

Password Doesn't Shear Firesheep

sheep_shearing.jpg

Firesheep sniffs unsecured connections with major Web sites over local networks and lets a user with the Firefox plug-in installed sidejack those sessions. A trope has spread that the way to solve this problem is to password protect open Wi-Fi networks, such as those run by AT&T at Starbucks and McDonald's. The technical argument is that on a WPA/WPA2 (Wi-Fi Protected Access) network in which a common shared password is used, the access point nonetheless generates a unique key for each client when it connects. You can't just know the network password and decode all the traffic, as with the broken WEP (Wired Equivalent Privacy) encryption that first shipped with 802.11b back in the late 1990s.

Steve Gibson, a veteran computer-security writer and developer, suggested this the moment Firesheep was announced. A blog post at security consultant Sophos makes the same suggestion. But it won't work for long.

Gibson notes the key problem to this approach in the comments to his post: every user with the shared key can sniff the transaction in which another client is assigned its unique key, and duplicate it. Further, if you join a network with many clients already connected, you can use the aircrack-ng suite to force a deauthentication. That doesn't drop a client off the network; rather, it forces its Wi-Fi drivers to perform a new handshake in which all the details are exposed to derive the key.

Thus, you could defeat Firesheep today by assigning a shared key to a Wi-Fi network until the point at which some clever person simply grafts aircrack-ng into Firesheep to create an automated way to deauth clients, snatch their keys, and then perform the normal sheepshearing operations to grab tokens. I would suspect this might be dubbed Firecracker

The way around this is to use 802.1X, port-based access control, which uses a complicated system of allowing a client to connect to a network through a single port with just enough access to provide credentials. The Wi-Fi flavor of choice is WPA/WPA2 Enterprise, and the secured method of choice is PEAP. Even if every 802.1X user logs in using PEAP with the same user name and password, the keying process is protected from other users and outside crackers. Update: Reader Elmae suggests "Little Bo PEAP" instead of Firecracker.

Even though 802.1X is built into Mac OS X since about 2004, Windows starting in XP SP2, and available at no cost for GNU/Linux, BSD, Unix, and other variants (as well as for older Mac/Win flavors), it's got just enough overhead that hotspots haven't wanted to use it.

While hotspots aren't liable for people sidejacking with Firesheep or simply sucking down and analyze traffic on their networks (disclosure: IANAL), 802.1X is cheap and easy to implement when there's a single user account and password. It's possible we'll see some uptake. The long-term solution is for all Web sites that handle any data to encrypt the entirety of all user sessions.

Update: Commenter foobar pokes a hole, pun intended, in my suggestion for using 802.1X with a single user name/password: Hole196. This vulnerability, documented by AirTight, afflicts 802.1X networks. It allows a malicious party to spoof the access point for sending broadcast messages, and allows ARP and DNS poisoning. Thus Firecracker could become fARPcracker, and, once again, Firesheep emerges victorious. (I wrote about Hole196 for Ars Technica; it's not that big a deal for the enterprise, but it's perfectly easy to use in a hotspot.) Thus, sites securing all their connections with SSL/TLS becomes the only practical method to ensure privacy and prevent sidejacking.

Photo by Magic Foundry, used via Creative Commons.

WPA Cracker cracks WiFi passwords in the cloud

WPA Cracker is a WiFi security compromiser in the cloud, running on a high-performance cluster. Send them a dump of captured network traffic and $35, and they will try 136 million passwords in 40 minutes, tops (for $17, they'll run the same attack at half speed) -- the same crack would take five days on a "contemporary desktop PC." They also have an extended, 284 million word dictionary that you can run for $55 in 40 minutes. They'll also use the same process to crack the passwords on encrypted ZIP archives.

You're safe if your password isn't in any dictionary, including the special dictionaries used for password cracking (these dictionaries will try random words in combination, as well as common letter-number substitutions such as "1" for "i" and so on). The crack works on WPA and WPA2-locked networks.

Your best bet is a long, random string for a password -- 64 bits of random noise will probably foil something like this for a good time to come. But good luck reading the password aloud to your visiting friend when she needs to get her laptop online.

Questions about WPA Cracker (via Schneier)

Chinese WiFinders with built-in password-crackers

NetworkWorld reports on a hot-selling Chinese gadget: a WiFi network-locator with a built-in password cracker. These things show you which networks are available in your area and which password to use to get online with them. Alas, they're not stand-alone USB keys with a little LCD display, just WiFi cards with some specialized software. I betcha next year's model is self-contained, though:
With one of the "network-scrounging cards," or "ceng wang ka" in Chinese, a user with little technical knowledge can easily steal passwords to get online via Wi-Fi networks owned by other people.

The kits are also cheap. A merchant in a Beijing bazaar sold one for 165 yuan ($24), a price that included setup help from a man at the other end of the sprawling, multistory building.

The main piece of the kits, an adapter with a six-inch antenna that plugs into a USB port, comes with a CD-ROM to install its driver and a separate live CD-ROM that boots up an operating system called BackTrack. In BackTrack, the user can run applications that try to obtain keys for two protocols used to secure Wi-Fi networks, WEP (Wired Equivalent Privacy) and WPA (Wi-Fi Protected Access). After a successful attack by the applications, called Spoonwep and Spoonwpa, a user can restart Windows and use the revealed key to access its Wi-Fi network.

Wi-Fi key-cracking kits sold in China mean free Internet (via /.

Building high-speed wireless in Afghanistan out of garbage

Volunteers in Afghanistan -- both locals and foreigners from the MIT Bits and Atoms lab -- have been building out a wireless network made largely from locally scrounged junk. They call it "FabFi" and it's kicking ass, especially when compared with the World Bank-funded alternative, which has spent seven years and hundreds of millions of dollars and only managed its first international link last summer.
Pictured below is a makeshift reflector constructed from pieces of board, wire, a plastic tub and, ironically enough, a couple of USAID vegetable oil cans that was made today by Hameed, Rahmat and their friend "Mr. Willy". It is TOTALLY AWESOME, and EXACTLY what Fab is all about.

The boys at the Jalalabad Fab Lab came up with their own design to meet the growing demand created by the International Fab surge last September. As usual all surge participants who came from the US, South Africa, Iceland and England paid their own way. Somebody needs to sponsor these people.

For those of you who are suckers for numbers, the reflector links up just shy of -71dBm at about 1km, giving it a gain of somewhere between 5 and 6dBi. With a little tweaking and a true parabolic shape, it could easily be as powerful as the small FabFi pictured above (which is roughly 8-10dBi depending on materials)

The Jalalabad Fab Fi Network Continues to Grow With a Little Help from Their Friends (via Futurismic)

Pub fined £8K after user infringes copyright with its WiFi

A British pub has been fined £8,000 because someone using the WiFi there allegedly committed a copyright infringement. Even though British law exempts people who provide Internet access from liability for their users' copyright infringements, the pub was still fined (the details of this are confused).
Graham Cove told ZDNet UK on Friday he believes the case to be the first of its kind in the UK. However, he would not identify the pub concerned, because its owner -- a pubco that is a client of The Cloud's -- had not yet given their permission for the case to be publicised...

According to internet law professor Lilian Edwards, of Sheffield Law School, where a business operates an open Wi-Fi spot to give customers or visitors internet access, they would be "not be responsible in theory" for users' unlawful downloads, under "existing substantive copyright law".

Pub 'fined £8k' for Wi-Fi copyright infringement (Thanks, Zoran)