We all use it, and have a hard time imagining life without it. Wireless Local Area Networks, better known as WLAN, make our lives easier, at least so far as internet surfing is concerned.
But those networks are rarely pushed to the limits of their capacity. In theory it would be easy and beneficial to split WLAN usage, sharing cost and capacity with those around you. One problem: the nasty legal situations that can arise.
It’s not hard to find a wireless network when on the go: Cafes, bars, and restaurants frequently post stickers on their doors announcing free WLAN use. Customers need only request the access key from the bartender, or in many cases it’s printed right on the menu.
There are also a variety of websites specializing in cataloguing hotspots, organized down to the city and street. Some municipal government websites include listings of free access points as well.
Discretion is often advised when using public WLAN hotspots, though. If you end up connecting to a WLAN network with poor or even no encryption, then your data - including sensitive access data - can easily be intercepted.
“WLAN using the outdated WEP procedure must be regarded as open,” warns the German Federal Agency for Security in Information Technology (BSI).
The agency recommends avoiding open WLAN networks if the data traffic isn’t encrypted from start to finish, which can be identified through the “HTTPS” in the address.
If through exceptional circumstances use of an open WLAN and unencrypted pages is inescapable, then the BSI recommends at least turning off automated synchronisation of online services, especially on mobile devices. One thing that applies for all devices: after finishing a session with open WLAN networks, that network’s profiles should be deleted from the device to prevent it from logging into them again automatically in the future.
Hotspots working with WPA2 encryption, the current standard, can be considered adequately secure. The BSI recommends a complex password using at least 20 characters but with no existing words or names. They also advise that WPA2 be used on home routers. The factory default SSID should also be changed.
Why is it necessary to lock down access so diligently? Because in some countries or jurisdictions, the operator of an insecure WLAN access point can be held partially liable for crimes such as downloading of illegal content. The operator of the hotspot then has to bear lawyer fees, but is not entitled to compensation for the copyright violation itself.
“Leaving a network unsecured as a goodwill gesture can bring big risks with it,” says Joerg Heidrich, legal advisor at c’t computer magazine.
In principle that applies for WLAN access shared with neighbours, and for case-by-case divulging of the network password as well. How do restaurants and cafes get around this issue? Forcing customers to log in using the access key helps alleviate concerns about unsupervised usage.
0 comments:
Post a Comment