EFF And Others Push For Open Wifi APs Everywhere

netbuzz writes "Forging ahead with an initiative that proved controversial when introduced last year, the Electronic Frontier Foundation and nine other groups today are advancing the Open Wireless Movement to encourage ubiquitous sharing of Internet access. 'We envision a world where sharing one's Internet connection is the norm,' said EFF Activist Adi Kamdar, in a press release. 'A world of open wireless would encourage privacy, promote innovation, and benefit the public good, giving us network access whenever we need it. And everyone — users, businesses, developers, and Internet service providers — can get involved to help make it happen.'"

No.

[Anonymous Coward]

I don't feel like getting arrested for distribution of child pornography or getting a warning letter for infringement because some nitwit decided to use my open AP to do illegal activities.

Re:So long as...

[Mitreya]

...the EFF is willing to back me up with unlimited legal support when the FBI comes knocking at my door

Note that unlimited legal support helps but it is not going to protect you in all cases. Hard to prove a negative (i.e. that it is not you), and with child porn cases presumption of innocence has been loooong gone

Not to mention that such accusation (defendant in a court case) is more than sufficient to get you fired from your job and disowned by your friends.

Safer than you think (I ran an Open AP before)

[ron_ivi]

It's not as risky as you might think.

When I lived in SF I set up my home network to provide free wireless to the coffee shop at the end of the block.

QOS routing prevented guest bandwidth from interfering with my own. I put the wireless thing outside my firewall to protect my network.

Occasional casual monitoring suggested that no-one abused the network from either a bandwidth or content point of view. And the only thing it had protecting it was a "please don't abuse this or I'll take it down" welcome message.

TL/DR: Most people are basically good, so it (like wikipedia) works and isn't abused as much as you might thing..

They're forgetting existing law.

[Areyoukiddingme]

In the state of Florida, it's illegal to have an open wireless access point. I know 'cause Slashdot reported it. So you can ignore all the worries about possible content. Opening your AP is itself illegal in some states. It wouldn't surprise me if there are other states as well.

Re:No.

[gnasher719]

That's the point. If everybody opened their WiFi AP, then an IP address will become meaningless as a way of identifying a person to arrest or sue.

That's optimistic. Very optimistic.

First, the obvious thing is that you would need a router that supports guest access - giving others internet access, without giving them access to your network. Next, these guest users would want access in a way that is secure for them. No good using an open network if everything you do gets recorded.

But just because you think the IP address is meaningless, even if you are right, doesn't stop you from getting into enormous trouble, depending on what some stranger did on your network. The IP address isn't meaningless. It identifies the router in your home. If the router is involved in a serious crime, then you may be "presumed innocent", but you are still a first rate suspect and I would assume that the cops won't have any problems getting a search warrant. Best case they take your computer away, examine it carefully, and half a year later it is returned and the say "congratulations, we didn't find the slightest evidence against you, sorry that your hard drive broke while we examined it".

Re:First...

[hawkinspeter]

I currently run an open wireless SSID as a guest connection and I am not concerned with being sued. Here in the UK, I don't think the law has yet been tested that you are held liable for someone else's actions. To my mind, if there's something suspicious about what "my" IP address is downloading, then they have to find proof that I'm responsible (e.g. files on my computer).

It's so easy these days to set up a secure internal wireless network and also a guest open network with appropriate bandwidth limits that I'm surprised that more people don't do it. I'm not concerned if people are freeloading as long as my connection isn't noticeably slowed down. I've got unlimited bandwidth, so why should I care if someone uses a little bit of it?

So far, I've not seen anyone camping outside my house so that they can download stuff and I've not noticed any high usage, so I think that most people tend to be reasonable with freely offered services.

Re:First...

[YrWrstNtmr]

To my mind, if there's something suspicious about what "my" IP address is downloading, then they have to find proof that I'm responsible (e.g. files on my computer).

And to do that, they confiscate all your devices. You may get them back in a year or two.

most people tend to be reasonable with freely offered services.

Yes, most people are responsible. It is that other small percentage that is the problem.

Re:No.

[hawkinspeter]

Routers that support guest access are quite common these days. I've got two of them in my lounge (a Virgin Media supplied SuperHub and a Buffalo Airstation that I actually use for wireless). To be honest, guest users are only going to be as secure as their connections to their websites, so if they're not using https, then anyone could sniff their connections (that's where HTTPS Everywhere comes in useful).

If I ever get into the rare situation you describe, then I'll just have to use a different computer while they investigate my current one. No big deal - if I relied on the contents of my computer, then it could easily be lost if the machine got stolen or crashed.

People seem to be very scared of sharing their internet on this forum, but in real life, I've never heard of anyone expressing these kinds of concerns. I think you're more likely to be struck by lightning than get into trouble for an open wireless access point.

Re:First...

[Mitreya]

I currently run an open wireless SSID as a guest connection and I am not concerned with being sued. Here in the UK, I don't think the law has yet been tested that you are held liable for someone else's actions.

Here, in the US (several years ago), my roommate had received a threat letter for downloading a movie soundtrack. Her options were

a. Go to court and pay who knows how much money

b. Settle and pay 3K-5K right away

She took option b. Fortunately, she was the one downloading the soundtrack -- but she obviously didn't have to be. Even with a protected router, it was a total of 3 roommate students living in the apartment (and there is only one cable hookup, so separate internet account was not really an option). I have no idea why my OP was modded funny.

Re:ISP

[terbeaux]

I use MonkeyBrains.net. When they came to install my point-to-point wireless connection they left an open AP called "monkeybrains". It is balls slow but they put one in that piggybacks on my link (below network layer). My neighbor also uses the service. When his home server went down and he was restoring his 5TB backup over his residential wireless connection they sent him and email and asked him about his spike in usage. He explained to them what was happening and they said that the wireless connections weren't really meant for that type of use. Then they invited him to bring the machine down to their office to plug it directly into a switch. The only reason why the "executives" from MonkeyBrains would be laughing is because they love the idea and the EFF. Local ISPs are pretty awesome. Setting up a WISP can be done with relatively low overhead using a cooperative model.

Re:First...

[Anonymous Coward]

I do. If I didn't have a reason to be concerned I'd free my connection. If I had the time to setup my router to work as a guest access point and force users through Tor I'd definitely do it. I certainly promote others providing such access and do contribute to Tor as a node.

VPN-only public access

[ensignyu]

I'd like to provide public access, but I don't want trolls and other idiots getting my IP banned everywhere or criminally investigated. What I'd like to see is some kind of VPN-only / proxy-only access to the Internet. The idea is that I'm giving you access but not identity.

You'd be required to proxy through either your own server (ssh/openvpn), the Tor network, or some kind of commercial VPN/proxy service. I mean, you ought to be doing that anyway. All common ports, *especially* http/https, would be blocked.

That doesn't stop someone from ssh'ing into their hijacked zombie computer in Russia and using that to launch an attack, which could still lead to a criminal investigation if they didn't cover their tracks properly, but at least it'll hopefully stop the sysadmins and bots who assume "IP address == person responsible" from reflexively laying down the banhammer on my IP or suing me for allegedly sharing The_Hobbit_An_Unexpected_Journey_4K_xvid_LEAKED_plus_soundtrack.rar

Re:First...

[Jane Q. Public]

And I should add: even those laws that make you responsible for somebody else doing damage with your car, are on very shaky legal ground. If you hunt around, you will find that those laws apply only to cars. And it is very questionable whether they should even apply to cars.

Re:First...

[brit74]

I submit that the unreasonable percentage is vanishingly small.

Well, you're wrong. I live in a neighborhood with a lot of college students. They avoid paying for anything if they can get away with it. The result? If you leave your wireless network open, you might have six or seven different people on your network at the same time. Even worse, unless you're a little tech savy, you won't know why you can't stream video off the internet (hint: it's because they're streaming internet or pirating content with bit torrent). Your internet experience will suck if you don't password protect your internet.