Author's Note: The piece below appeared originally as an "Expert Advice" essay in Northeast magazine on Sept. 26, 2004. It came with a sidebar on places where one could find free wireless Internet access in Connecticut. Since I have no time to maintain or update such a list, I'm not including it here.
I expect to continue to write about the horizons of telecommunications technology; WiMAX particularly interests me.
Connecticut's Invisible, Free Network
By Jeff Schult
I said goodbye to my cell phone last month.
I no longer have a Plan.
My "rollover" minutes, thousands of them, turned out not to be mine to keep, of course, despite the disingenuous advertising promises. My cell phone company stripped them from me when I canceled my account, as though they were epaulets and I was being drummed out of the military. A ridiculous sense of loss lasted nearly five minutes. You would think one could redeem them for something, a toaster oven, perhaps. But no. Cell phone companies do not give parting gifts.
Shockingly, with dozens of cell phone calling plans available, not a one fit my needs. I was looking for about 100 minutes a month for $10. Hah! But that's all I need, and that's all I'm willing to pay.
The cell phone is for emergencies, or when I am late, or when I, or someone I know, is lost or needs a ride. Ten dollars a month should cover me for those eventualities, I think. After all, I pay just $29.99 a month for unlimited phone service at home.
No, I don't have a "regular" phone line, either. I use Voice Over Internet Protocol and my broadband cable connection for phone service. No one can tell the difference. If you have good cable broadband service, there isn't any difference.
But what substitutes for a cell phone, that one almost indispensable item for a mobile professional and parent? I told myself that cell phones are more aggravation and expense than they are worth. I told myself that I had managed without one as recently as five years ago.
And I told myself that there was something inherently creepy about being instantly accessible, all the time.
No matter what I told myself, my Inner Geek was upset. My Inner Geek does not give up technology. He feeds on it. He moves ahead. He mulls, schemes and plots. I indulge him. We, my Inner Geek and I, reasoned that a new handheld computer would make us feel better. It would sit nicely in the pocket where the cell phone used to be. It would give us something to do when we were bored besides talk on the phone.
Moreover, we thought, with its wireless connectivity, it would provide some sporadic mobile communication. There are places, we knew, here and there, that would allow us to connect to the Internet for free. We could get our e-mail, maybe even make VOIP phone calls, just like at home. It would be far more convenient than toting a laptop around, and would have much the same utility.
The Inner Geek was mollified, though not ecstatic. I was a little doubtful.
Both of us were in for a big surprise. Wireless Internet access is everywhere in Connecticut - in our homes and businesses - and it is accessible. Though my evidence is anecdotal, I have no reason to think that access is much different in any Connecticut town, city or suburb. In the area where I live, I can connect in dozens of places in Seymour, Derby, Ansonia, Trumbull, Milford and Stratford, to name just the towns I have tried. Is Glastonbury any different? West Hartford? Westport? New London? I doubt it.
I can make wireless phone calls without a cell phone. My favorite place to do that is in front of a cell phone store about five miles from my house. The guy who works in the sandwich place in the same little shopping center thinks this is hysterically funny. I think it's merely ironic.
I'm paying two cents a minute for my wireless phone calls, with no monthly fee. No, it doesn't work everywhere, not nearly. But neither did my cell phone. One by one, we - the Inner Geeks in many of us - have created another network. It is bigger and more comprehensive than all but a few of us know, and growing daily. We have broadband Internet connections for our homes, mostly from our cable companies and phone companies. From there, we wanted to have our fast Internet connections hooked up to multiple computers. So, in the last few years we bought magic boxes, wireless routers and access points, and cards for our laptops, so that we could share.
We mostly meant to share only in our own households. Wireless routers currently have a limited range, perhaps 150 feet indoors, maybe up to 500 feet outdoors. As it turns out, many - maybe even most of us - did not, have not, taken any security precautions. We turned on our wireless routers, and, usually they just work.
Because they "just work" out of the box, we can connect to them and to the Internet from anywhere in our homes. But we can also connect to them from our driveways, from the street, from parking lots, while wandering by car or on foot.
It isn't hard at all; there are places where the signals even overlap. For the last week, I don't think I have driven more than a mile, except on the highway, without my handheld letting me know it had found a broadband Internet connection open for my use. Even on the highway, if civilization was nearby, my handheld's wireless connection would periodically flicker to life.
Thus, I found I could get e-mail and send instant messages on my handheld computer, using other people's Internet connections, wirelessly, anonymously and free,
practically everywhere I go. Why pay for access at Starbucks when there is a free connection, somehow, just down the street? Get your coffee to go.
The kicker is being able to make wireless Internet phone calls while traveling. In the Far East and in Europe, you can, or soon will be able to, buy phones that connect wirelessly either to the cell phone network or directly to the Internet. We are a few years behind in the U.S. and we aren't gaining ground. We have to make do with what we have.
Just the other day, I noted that I have access to the Internet while standing outside my son's high school. There is a 3Com wireless router in the building, probably in a computer lab. My handheld computer connects to it automatically when I turn it on. Does the school administration mean for the public to have casual access to the Internet in this way? I really don't know. I will have to ask.
Is the school network otherwise at least nominally secure from access with less benign intent? Again, I don't know; and in the absence of permission, I am handcuffed by my own interpretations of the law and of hacker ethics. Without asking, I will not probe, or seek more access than my handheld will negotiate for me on its own.
As you might have anticipated, legally I am in a gray area here. There are wireless networks open to the public in Connecticut where I am welcome, where using my handheld computer to surf the Web, send and receive email and make Internet telephone calls is not only OK, but very cool. Just as assuredly, there are networks where I am, perhaps, not so welcome. Some are protected from intrusion, which I respect. Most of them, particularly those used in homes and by small businesses, are not.
It seems to be the consensus opinion of lawyers and network security experts that the strictest possible reading of federal or Connecticut law on the subject says it is a crime to access a computer network, unless one knows one is allowed to do so. This interpretation makes illegal what networking cognoscenti call "wardriving," an ominous-sounding slang term that means, "driving around with a wireless-enabled computer to see what wireless computer networks it might find." Wardrivers are understandably careful when publicly discussing the activity, to differentiate between identifying networks (presumed legal) and accessing networks (presumed illegal). This may be a fine legal distinction. In the real world, my handheld computer will, by default, both seek out wireless networks and attempt to connect to them every time I turn it on. Also by default, most wireless routers sold to consumers will allow, even encourage, access for my handheld.
No one has ever been prosecuted in the United States for simply accessing the Internet through an open wireless connection, according to the Electronic Frontier Foundation, which takes an active interest in areas where technology and the law intersect or collide.
"It has never been litigated," says Kevin Bankston of the foundation's San Francisco office. The organization favors state and federal legislation that would make it legal to connect to the Internet through open wireless access points, putting the onus on network owners to protect themselves. Such legislation would not protect those who break into networks and cause damage to systems or steal information, but it would put me in the clear. "If the law goes the other way, it would effectively end community networking," Bankston said.
The foundation would support computer crime laws that say a person must defeat an access control mechanism when accessing a computer for it to be considered trespass. That means if your router or computer is accessible via a public network without need of a password, it is assumed to be open to the public. If I use someone's wireless Internet in passing, is it trespass, or even stealing?
Perhaps. The Internet connections I am accessing are paid for by the month, not per access, not by amount of usage. Again, the small amount of bandwidth used by my handheld for sending a small e-mail or making a brief phone call is, practically speaking, unnoticeable. It is as though I was breathing air claimed by someone else; or, as if I had walked on someone's lawn. One could make harsher analogies; I have heard vociferous computer security professionals compare accessing a network without explicit permission to walking into someone's home and taking food from the table, but that seems overdramatic.
There would be a trace of my passing use, a record in a computer log file that almost no one looks at unless something is wrong. Unless an intruder is caught in the act, there is no way to tell who was there, short of attempting to trace the accessing wireless device - by its hardware identification - back to a manufacturer and trying, from there, to determine who might have purchased it.
Good luck with that.
And, for all I know, the owners of the connections have left them open for access deliberately, a point Bankston makes. In his view, I have demonstrated no criminal intent.
We have reached the point where we have an invisible network accessible to the public. In the next few years, it will get bigger and the technology will improve; and this network, owned by no one and everyone, might compete on favorable terms with the cell phone network for the transmission of data and voice. If I lived in Cleveland, which I am not contemplating, I would already have completely legal access to a public wireless broadband network that covers large sections of the city. Philadelphia just announced that it is considering blanket coverage - spending $10 million to bring free or cheap wireless broadband access to everyone. I have little doubt that this wireless Internet network will grow in Connecticut, that we will catch up with the larger metro areas in free community networking; and that giving up my cell phone will look like a better and better decision as time goes on.
I don't particularly need random access to the home networks of strangers. That I have it is more interesting than useful. Responsibly, I am here to tell you to shut off my access if you don't want me to have it.
You know who you are. You have a Linksys, or a D-Link, or a NetGear, or a Belkin or an SMC, to name four of the most popular brands of wireless routers. You, or someone you know, did the bare minimum necessary to get it working, to get the computers in your household to share your broadband Internet connection.
All these routers and their lesser-known competitors can be configured so that you are not sharing with the world. Their manufacturers ship them set up with no protection so that it is easy to get them to work. Beyond that, let the buyer beware.
In your manual, or on the manufacturer's website, look up the security options available to you. You will generally be able to access your router's configuration through a Web browser interface. You should change the password for accessing your router's configuration. The default passwords are widely known. If you don't change your router password - well, let's put it this way: If I were so inclined, I could do it for you, easily, from outside your house or place of business. If you don't change that password, your router also is vulnerable from the Internet at large.
If you don't want to provide free and open access to the Internet to anyone within range of your router, you should enable "WEP" on your router. "WEP" stands for Wired Equivalent Privacy, and if you enable it, no one will be able to use your Internet connection unless they provide a correct password. Enabling WEP can be a mild hassle, though step-by-step instructions are provided on the support website of your router's manufacturer. It may also slow your Internet connection down a little. You should do it anyway if you don't want to share your connection with strangers.
Change or hide your router's Service Set Identifier, generally called its SSID, from the default. This is also in your router's configuration and it's easy to change. Why? Your router broadcasts its SSID; the default for a Linksys router, for example, is "linksys." By default, when I drive by your house or business, you may be telling my handheld computer what kind of router you have.
There are substantial, additional steps you can take to shield your wireless network from me or less savory characters. But it's up to you.
My own home network is reasonably secure, which might seem hypocritical, given that I am entirely in favor of grassroots, community public networking. However, I live on a busy street, almost a highway, with no public parking. My home is worse than useless as a public access point. To slow down, let alone stop, in front of my house is to invite a traffic accident.
But if I lived in an apartment complex with a little courtyard, and a picnic table, would I set up my network so that I could surf the Net outdoors on a bright, sunshiny day? Would I share access with a friend or a neighbor? You betcha.
I haven't, and wouldn't, snoop on a stranger's network. I might just want to check my e-mail, maybe make a quick phone call. I'm not interested in what is on someone else's home or business computer. I wouldn't even peek.
But I'm not the one you have to worry about. An evil interloper could use your network to visit porn sites, send email on your logon, or even tap into your bank account.
It's something to think about, isn't it? In the meantime - at least until you set up WEP - thank you for sharing.
In a previous life, Jeff Schult was a technical director and editor of websites for SNET/SBC. He is currently a freelance writer and network consultant.