Open and encrypted wireless internet–technological solution to a social problem?

The problem that’s really killing open WiFi is the idea that an unlocked network is a security and privacy risk.

This idea is only partially true. Computer security experts will argue at great length about whether WEP, WPA and WPA2 actually provide security, or just a false sense of security. Both sides are partially correct: none of these protocols will make anyone safe from hacking or malware (WEP is of course trivial to break, and WPA2 is often easy to break in practice), but it’s also true that even a broken cryptosystem increases the effort that someone nearby has to go to in order to eavesdrop, and may therefore sometimes prevent eavesdropping.

It doesn’t really matter that WiFi encryption is a poor defense against eavesdropping: most computer users only understand the simple message that having encryption is good, so they encrypt their network. The real problem isn’t that people are encrypting their WiFi: it’s that the encryption prevents them from sharing their WiFi with their friends, neighbours, and strangers wandering past their houses who happen to be lost and in need of a digital map.

We need WiFi that is open and encrypted at the same time!

Insofar as there is some privacy (and psychological) benefit to using an encrypted WiFi network, there’s actually no reason why users of open wifi shouldn’t get those benefits too!

There is currently no WiFi protocol that allows anybody to join the network, while using link-layer encryption to prevent each network member from eavesdropping on the others. But such a protocol should exist. There are some technical details to work through, but they are manageable.2

WPA2 is actually not that secure. You can pay $17 to have a 400+ CPU cluster run dictionary attacks against it. Never knew.

It seems like a good solution, since having both an open and encrypted network will do away with the root cause of why people don’t share their networks. But at the same time, I’m not sure what the social dynamics will be. There will be instances where people run a private network, and still enjoy open encrypted networks. There’s no way to enforce it, (and there may not be a need to).

As long as the technological solution addresses the social one, it’ll work, but if there are other social dynamics and forces at work to influence people’s behavior here, this will be another instance of where engineers think the solution to every problem is technological.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s