http://www.nytimes.com/2006/03/05/technology/05wireless.html
By MICHEL MARRIOTT March 5, 2006 For a while, the wireless Internet connection Christine and Randy Brodeur installed last year seemed perfect. They were able to sit in their sunny Los Angeles backyard working on their laptop computers. But they soon began noticing that their high-speed Internet access had become as slow as rush-hour traffic on the 405 freeway. "I didn't know whether to blame it on the Santa Ana winds or what," recalled Mrs. Brodeur, the chief executive of Socket Media, a marketing and public relations agency. The "what" turned out to be neighbors who had tapped into their system. The additional online traffic nearly choked out the Brodeurs, who pay a $40 monthly fee for their Internet service, slowing their access until it was practically unusable. Piggybacking, the usually unauthorized tapping into someone else's wireless Internet connection, is no longer the exclusive domain of pilfering computer geeks or shady hackers cruising for unguarded networks. Ordinarily upstanding people are tapping in. As they do, new sets of Internet behaviors are creeping into America's popular culture. "I don't think it's stealing," said Edwin Caroso, a 21-year-old student at Miami Dade College, echoing an often-heard sentiment. "I always find people out there who aren't protecting their connection, so I just feel free to go ahead and use it," Mr. Caroso said. He added that he tapped into a stranger's network mainly for Web surfing, keeping up with e-mail, text chatting with friends in foreign countries and doing homework. Many who piggyback say the practice does not feel like theft because it does not seem to take anything away from anyone. One occasional piggybacker recently compared it to "reading the newspaper over someone's shoulder." Piggybacking, makers of wireless routers say, is increasingly an issue for people who live in densely populated areas like New York City or Chicago, or for anyone clustered in apartment buildings in which Wi-Fi radio waves, with an average range of about 200 feet, can easily bleed through walls, floors and ceilings. Large hotels that offer the service have become bubbling brooks of free access that spill out into nearby homes and restaurants. "Wi-Fi is in the air, and it is a very low curb, if you will, to step up and use it," said Mike Wolf of ABI Research, a high-technology market research company in Oyster Bay, N.Y. This is especially true, Mr. Wolf said, because so many users do not bother to secure their networks with passwords or encryption programs. The programs are usually shipped with customers' wireless routers, devices that plug into an Internet connection and make access to it wireless. Many home network owners admit that they are oblivious to piggybackers. Some, like Marla Edwards, who think they have locked intruders out of their networks, learn otherwise. Ms. Edwards, a junior at Baruch College in New York, said her husband recently discovered that their home network was not secure after a visiting friend with a laptop easily hopped on. "There's no gauge, no measuring device that says 48 people are using your access," Ms. Edwards said. When Mr. Wolf turns on his computer in his suburban Seattle home, he regularly sees on his screen a list of two or three wireless networks that do not belong to him but are nonetheless available for use. Mr. Wolf uses his own wired network at home, but he says he has piggybacked onto someone else's wireless network when traveling. "On a family vacation this summer we needed to get access," Mr. Wolf recalled, explaining that his father, who took along his laptop, needed to send an e-mail message to his boss on the East Coast from Ocean Shores, Wash.. "I said, 'O.K., let's drive around the beach with the window open.' We found a signal, and the owner of the network was none the wiser," Mr. Wolf said. "It took about five minutes." Jonathan Bettino, a senior product marketing manager for the Belkin Corporation, a major maker of wireless network routers based in Compton, Calif., said home-based wireless networks were becoming a way of life. Unless locking out unauthorized users becomes commonplace, piggybacking is likely to increase, too. Last year, Mr. Bettino said, there were more than 44 million broadband networks among the more than 100 million households in the United States. Of that number, 16.2 million are expected to be wireless by the end of this year. In 2003, 3.9 million households had wireless access to the Internet, he said. Humphrey Cheung, the editor of a technology Web site, tomshardware.com, measured how plentiful open wireless networks have become. In April 2004, he and some colleagues flew two single-engine airplanes over metropolitan Los Angeles with two wireless laptops. The project logged more than 4,500 wireless networks, with only about 30 percent of them encrypted to lock out outsiders, Mr. Cheung said. "Most people just plug the thing in," he said of those who buy wireless routers. "Ninety percent of the time it works. You stop at that point and don't bother to turn on its security." Martha Liliana Ramirez, who lives in Miami, said she had not thought much about securing her $100-a-month Internet connection until recently. Last August, Ms. Ramirez, 31, a real estate agent, discovered a man camped outside her condominium with a laptop pointed at her building. When Ms. Ramirez asked the man what he was doing, he said he was stealing a wireless Internet connection because he did not have one at home. She was amused but later had an unsettling thought: "Oh my God. He could be stealing my signal." Yet some six months later, Ms. Ramirez still has not secured her network. Beth Freeman, who lives in Chicago, has her own Internet access, but it is not wireless. Mostly for the convenience of using the Internet anywhere in her apartment, Ms. Freeman, 58, said that for the last six months she has been using a wireless network a friend showed her how to tap into. "I feel sort of bad about it, but I do it anyway," Ms. Freeman said her of Internet indiscretions. "It just seems harmless." And if she ever gets caught? "I'm a grandmother," Ms. Freeman said. "They're not going to yell at an old lady. I'll just play the dumb card." David Cole, director of product management for Symantec Security Response, a unit of Symantec, a maker of computer security software, said consumers should understand that an open wireless network invites greater vulnerabilities than just a stampede of "freeloading neighbors." He said savvy users could piggyback into unprotected computers to peer into files containing sensitive financial and personal information, release malicious viruses and worms that could do irreparable damage, or use the computer as a launching pad for identity theft or the uploading and downloading of child pornography. "The best case is that you end up giving a neighbor a free ride," Mr. Cole said. "The worst case is that someone can destroy your computer, take your files and do some really nefarious things with your network that gets you dragged into court." Mr. Cole said Symantec and other companies had created software that could not only lock out most network intruders but also protect computers and their content if an intruder managed to gain access. Some users say they have protected their computers but have decided to keep their networks open as a passive protest of what they consider the exorbitant cost of Internet access. "I'm sticking it to the man," said Elaine Ball, an Internet subscriber who lives in Chicago. She complained that she paid $65 a month for Internet access until she recently switched to a $20-a-month promotion plan that would go up to $45 a month after the first three months. "I open up my network, leave it wide open for anyone to jump on," Ms. Ball said. For the Brodeurs in Los Angeles, a close reading of their network's manual helped them to finally encrypt their network. The Brodeurs told their neighbors that the network belonged to them and not to the neighborhood. While apologetic, some neighbors still wanted access to it. "Some of them asked me, 'Could we pay?' But we didn't want to go into the Internet service provider business," Mrs. Brodeur said. "We gave some weird story about the network imposing some sort of lockdown protocol." Andrea Zarate contributed reporting from Miami for this article, and Gretchen Ruethling from Chicago. _________________________________ InfoSec News v2.0 - Coming Soon! http://www.infosecnews.org