The world of wireless internet access (Wi-Fi for short) is definitely hotting up. Not only are more and more homes and offices sprouting 802.11b 11Mbps (and now, in our office as an example, 802.11g 54Mbps) wireless Ethernet connections, they are in an increasing number of public locations.
There are already more than 1,000 so-called hotspots in Europe and, according to the hi-tech market research company IDC, this could grow to more than 32,000 by 2007, generating revenues of $1.4bn.
All this activity means that a great deal of corporate and personal data is flying through the air. I keep seeing magazine articles and newspaper stories encouraging us all to turn on our WEP (wired equivalency protocol) and secure our networks. But why?
We, as a typical small business, have an open Wi-Fi network in our office. This makes life easy for customers, suppliers or business partners who come to our office. Maybe the people downstairs even connect through it sometimes. Who cares?
Someone who connects on our network cannot access our servers because they are on the other side of a firewall. Yes, of course we could snoop on all the traffic and collect top-secret emails ("are you going to the pub, or what?") but that's already true.
If you don't want people to read your email, then buy PGP (Pretty Good Privacy), which is what we use for sensitive or client-confidential mail.
If we did encrypt the network, this would just lead to pointless hassle as valued customers struggled to get their email while waiting in reception.
Plus, we would have to change the password from time to time. Is there any real need to make wireless access secure? Security is an end-to-end problem that needs end-to-end solutions (ie, secure email and secure web access in most cases).
Think of the benefits if everyone was this relaxed. If I leave my Wi-Fi open, my next door neighbour might be able to access the internet on his patio using my network.
If my neighbour leaves his Wi-Fi open, we might be able to access the internet in our kitchen, which currently has very poor reception from the access point in my study on the other side of the house.
Someone lost on our road would find he could pull over in his car, flip open the laptop and get access to an online map or route-finding service.
Capacity planning, not security, would be the key issue in Wi-Fi design and deployment.
I'm not sure security is that much of a problem in these cases. My neighbour can't access any of the machines in my house because he doesn't know the passwords - which will one day be replaced by proper digital IDs - and nor can the woman in the car.
Of course, my neighbour might decide to launch a concentrated denial of service attack on my wireless local area network, but I have a strong suspicion that I'd figure out who it was without too much trouble.
