Schneier’s Wide-Open Wireless Argument
I’ve been watching the back-and-forth concerning Bruce Schneier’s argument for open home wireless networks. See his post for links to essays in support and opposition to Schneier’s points. I found Glenn Fleishman’s post particularly interesting. I don’t want to rehash the arguments for or against that have been put out already but rather wish to point out a couple simple things I didn’t see covered in enough detail (if at all). As a preface, I have an enormous amount of respect for Mr. Schneier and have met him and heard him speak while at Cisco.
First, security is a system. While I have no doubt that there are individuals with the ability to secure their home systems, the vast majority do not. Having WPA encryption raises the bar for attack against a home system (regardless of its security) just like having a firewall limits your exposure to Internet-born attacks. If the controls are easy to use and enable, why take the added risk? As an analogy, In scuba diving it is possible to dive with completely redundant systems thus substantially reducing the risk of underwater failure. I have seen many divers carry elements of such a system with them on a dive. However, the overarching principle in scuba is that you dive with a buddy. This is to ensure that if something unexpected should happen to you, there is another person there to help bail you out. I’ve been diving since the age of 13 and can count on one finger the number of divers I know of (outside the military) that engage in the dangerous act of solo diving.
Second, Schneier seems to think that the risks to him are as follows: someone breaks into his machine or someone does something illegal using his network. There is a significant third risk he doesn’t cover: the increased risk of identity theft / profiling. Watching the Internet use and search habits of a machine is very easy over an open wireless network. Watching that use over a long period of time could be very revealing (and profitable, just ask Google). What I find borderline hilarious is that the blogosphere proponents of open networks are the vary same folks that rightly went a bit bonkers when AOL released the search data of 650,000 users. This data was partially anonymized by removing the screen name of the searcher but as the New York Times and others reported, it is fairly trivial to analyze searches and derive identity. I wrote about how the same techniques might apply to enterprise Identity. What I find funny is while the damage done is at least self-inflicted in the open wireless case, the repercussions could be even more disastrous. With a persistent log of not just your searches but your internet traffic in total over a period of time, it would be very easy to tell an awful lot about you. If you think the bad guys need to be parked out front to do this, you haven’t spent enough time looking at snack-food wireless antennas.
Either your privacy is important or it isn’t. If your argument is you have nothing to hide or that you aren’t important enough for anyone to care about you, that’s your decision. (As an aside that was the government’s position as well when everyone was in arms over the Patriot Act library fiasco.) I myself will put in place simple privacy controls and quietly wait to read the facebook and myspace profiles of presidential candidate’s younger selves in the 2040 elections and beyond. As the Internet Archive has proved, the Internet is forever.
Schneier may, as Glenn assumes, encrypt traffic from his PC to some sort of VPN gateway at his network perimeter. If so, he’s covered against this risk (though I would argue as wifi connected devices proliferate doing the client VPN solution will get tedious). However, I completely agree with Glenn that it is irresponsible to not explicitly state that this is the case. Your average user with a Linksys router has no idea how to do such a thing and most consumer-grade routers do not even support it. Also, since a VPN solution operates above layer 2 it is tedious to enable and prevents easy communication with non-VPN enabled IP devices on the same network. I want my other wifi gadgets to quickly communicate with one another and my home PCs.
Finally, Schneier implies that giving a guest Internet access and having a secure network are mutually exclusive. In the time it takes him to ask “one sugar or two” as he’s preparing his guest’s tea he can easily give them the password to his wireless network. Alternatively, you can run multiple SSIDs giving open access to guest systems and secure access to his personal devices.
I keep things very simple at home: WPA with a strong password that I can easily relay to a guest without writing it down. I should probably change that password now and again but until I see some decent attacks against WPA or make an enemy out of one of my friends I’m not too worried. Of course I do my best to secure my hosts as well but I don’t count on it. When I’m at a hotel or a wireless hotspot I have secure connections for all my email accounts and I avoid doing anything in the clear that I wouldn’t want posted for all to see.
So in summary, can you make an open wireless network secure for your machines? Of course. Is it worth the risk and trouble? Probably not.