News

WiFi provides cover for cyber-criminals who can't be traced

by Guy Kewney | posted on 19 March 2005


Till now, it wasn't obvious to anybody except the preternaturally paranoid  (or "prescient" as Wendy Grossman put it) that there was any real risk involved in using a home WiFi  network without security.

Guy Kewney

But the paranoid have a new ally: those who claim that there is a serious problem of cyber-stealth. You could, they say, be covering for a criminal - a cyber-paedophile or even a genuine e-thief - who is using your hotspot anonymously.

That means you may find yourself a suspect in serious crime, even if you operate a public WiFi hotspot - unless you track users.

According to today's New York Times the Feds are already drawing blanks when following up their cyber-tracks.

"When criminals operate online through a Wi-Fi network, law enforcement agents can track their activity to the numeric Internet Protocol address corresponding to that connection," says Seth  Schiesel's report. But from there the trail may go cold, in the case of a public network, or lead to an innocent owner of a wireless home network, he has discovered.

Schiesel interviewed Jan H. Gilhooly, who retired last month as special agent in charge of the Secret Service field office in Newark and now helps coordinate New Jersey operations for the Department of Homeland Security.

"We had this whole network set up to identify these guys, but the one thing we had to take into consideration was WiFi," Gilhooly said. "If I get to an Internet address and I send a subpoena to the Internet provider and it gets me a name and physical address, how do I know that that person isn't actually bouncing in from next door?"

But another Seth - http://sethgodin.typepad.com/seths_blog/2005/03/my_wifi_rant.html Seth Godin - has already hit back on his blog, accusing the NYT of inspiring criminals.

"There were no razor blades in apples on Halloween when we were growing up. Did you know that? Really. They made it up,". says Godin. "Someone should tell the Times and its readers that if you want to be anonymous on the Net, you can go to Kinko's or go to Bryant Park or the library. It's certainly not necessary to scare the nation into closing their wifi hot spots."

The NYT report (correctly) observes that the Feds can still track the identity of the wireless Ethernet adapter in the criminal's PC - its MAC address - but warns that the smarter crook will still be able to dodge detection simply by using a spare PCMCIA PC Card adapter, and throwing it away after the heist.

Nonetheless the discovery is almost inevitably going to lead to cries to log data access in ADSL modems and cable modems and home routers, and free hotspot providers.


Do you log access to your WiFi? - You can discuss this article on our discussion board.