Borrowed Wi-Fi

Wireless networks seem to be everywhere. Drive through any neighborhood with your Wi-Fi laptop enabled, and available networks will drift in and out of your connection window.

The same is true on the PSU campus, where the PubNet wireless network provides wide coverage that is supplemented by individual wireless nodes. Sit down with enabled laptop in or near any of the campus residences or coffee shops, and in some places as many as a dozen wireless networks will show up.

PSU students are lucky to have free, fast wireless on campus. Yet, there are areas of campus where the signal is weak, and many students have responded by acquiring their own wireless internet connections.

Last year there were more than 44 million broadband networks in the United States. One-third of those are expected to have gone wireless by the end of 2006, as people embrace the ease of wireless use.

The drawback to all this convenience? Unprotected wireless connections are accessible to anyone with a wireless-enabled computer. And more and more, people are finding it all too easy to tap into other people’s Wi-Fi.

Also known as piggybacking, unauthorized use of someone else’s wireless connection is a growing problem. What used to be a skill limited to computer hackers is now available to anyone who can turn on their laptop and select a network name from a pull-down menu.

“Most people don’t protect their wireless connections,” said Larry Pearson, a student in the PSU Office of Information Technologies. “That makes it easy for anyone else to hop on.”

But is it ethical to use someone else’s wireless without their permission? Increasingly, people do not seem to see this as a problem.

Some believe that since the signal is floating free in the ether, there is nothing wrong with people tapping into it.

Others take the view that if people do not adequately protect their wireless connections, they are inviting others to jump on board.

“I don’t see anything wrong with it,” said PSU student Jim Smythe. “I mean, it’s in the air. How can you put a lock on that?”

One PSU student, who spoke on the condition of anonymity, said she has been piggybacking onto a connection in her home neighborhood for the last several months. The system worked so well for her that she canceled her own ISP and began using the pirated link exclusively. Until, that is, it suddenly disappeared.

“Now we don’t have any connection at all,” she said. “It’s really the pits, because it’s not like we can call and complain to anyone.” She said she is currently waiting to see if the connection reappears. If it does not, she will probably go ahead and pay $40 per month to get her own wireless internet.

“I really can’t afford it though,” she said.

These opinions are surprisingly common. In a recent sampling of 10 PSU students in a campus coffee shop, only one believed that piggybacking onto an unprotected wireless account was wrong.

Most of them said that they did not see any harm in the procedure. One pointed out that it was a lot like eavesdropping – that if someone does not know one is doing it, no one was the worse for wear.

But for the people who own the connection, the problems are real. All it takes is one or two unauthorized users to slow a wireless connection to a crawl.

The result is that the people who are actually paying for the connection may find it so slow as to be unusable.

“What’s really needed is to educate people how to not leave their networks open and vulnerable,” Pearson said.

Securing a wireless network with a password or special encryption is fairly simple. In fact, most wireless routers are shipped with encryption software.

As for the PSU wireless network, it is designed for easy use and is widely accessible on campus. Using the wireless PSU network has one absolute requirement: users must possess an ODIN account, a free account available to all PSU students, staff and faculty and issued by the OIT. The ODIN account functions as a network password onto the wireless network.

The current PSU PubNet Wi-Fi network provides coverage to locations on all parts of the PSU campus. The Neuberger-Smith-Cramer-Lincoln strip anchors the center of the coverage area, with wireless extending north to the science buildings and Harder House, south to University Place and the art building, east to the Urban Center and Fourth Avenue Building and west to NASCC and the Millar Library.

“We actually have two wireless networks on campus,” Pearson said. “One, which is being worked on but isn’t up quite yet, will be secure. Each machine will have to have a certificate added in order to enable the network.”

The future secure network is currently undergoing testing. Eventually it will be available to all PSU students, staff and faculty.

“The other network is insecure,” Pearson said. “That’s what we’ve got up now. By insecure, I mean it’s accessible to anyone with an ODIN account, but it doesn’t require a certificate on the user’s machine.”

PSU Wi-Fi coverage varies in different locations and on different floors of buildings. The availability and speed of wireless networking also depends on wireless hardware and local interference.

According to the OIT, an occasional call comes in to the help desk, asking how to circumvent connection security and tap into a neighbor’s wireless.

“They’re like, ‘I used to be able to do it, and now I can’t. Can you help me get back on?'” said Rocky Cookus, an information technology consultant with OIT. “Obviously, there’s no way we’re going to assist anyone in tapping into an unauthorized network.”

Even more worrisome than simple signal freeloading is the potential for a knowledgeable user to piggyback into an unprotected connection and then work backwards to enter and access someone else’s computer and computer files.

In the worst instances, computers hijacked in this fashion have been used to launch spam attacks, download child pornography or spread viruses and worms.

The issue may eventually be moot, as the City of Portland has gone public with plans to create citywide wireless internet in the next year or two. With free wireless available to all, the need to piggyback will diminish, at least in the wireless-enabled area

For now, users who own wireless internet connections are advised to protect their computers with password encryption or even with their own firewall protection.