Saturday, October 13, 2012

About That WiFi Security Thing

Today was the first day of the local hamfest here in the Silicon Swamp.  For those unfamiliar with the term, a hamfest is a generally a swap meet with a lot of other interactions - a place where hams meet in person, catch up with old friends, share new stories and just be social.  Some fests have a full schedule of meetings and technical talks; some are simple swap meets.  Amateur radio is a social hobby, by and large, and is full of guys who can talk for hours on many things.  The granddaddy fest is held every year in Dayton, Ohio, the Hamvention.  If you're a ham, you should go to Dayton at least once.  There are literally hundreds of guys who meet at Dayton every year; they reserve their room for the following year as they leave; stay in the same hotels, meet at the same restaurants.    

I got to catch up with a bunch of guys I know and had lunch with a large group - some I haven't seen in years, others I met for the first time, and still others are guys that I see at this hamfest every year.  The topic among these guys who experiment at VHF, UHF and microwaves was WiFi.  Remember that post from two days ago about Wireless bandwidth and the constant need for more?  I kind of brushed over the idea of frequency allocations and compatible services and such?  While I can't explain why, the WiFi bands that everyone is using overlap an amateur radio band at 2300 to 2450 MHz.  The amateur band and WiFi overlap from 2417 to 2450 MHz; the WiFi band is technically called an ISM band (Industrial, Scientific and Medical), and an ISM band device "may not cause interference to other services, and must accept interference that may cause undesired operation".

From the ham standpoint, there is literally tons of microwave transceivers available as surplus (or new).  Amateurs have a long history of using cheap surplus, both military and commercial, and making it the basis of new communications modes. 

From the non-ham standpoint, there's a pretty good chance that your WiFi signal could be picked up from quite far away.  How far?  Miles.  It's not fair to compare these directly because software modification had to be done to handle the long propagation delay, but back in 2005, amateurs put off-the-shelf WiFi together with high gain antennas and established a link 125 miles long over the Nevada desert.  The transmitters were unmodified, and no amplifiers were used.  Impressive, but call it a circus trick; not very practical, but shows what can be done by the determined. 

The topic I was unaware of was ham radio mesh networking.  What the amateur mesh networking is doing is replacing the software in an OTS WiFi router with amateur software and building high speed, interoperable, wide area networks.  In a mesh network, pictured above, the loss of any one node doesn't result in loss of the network.  It's basically the idea behind the 'net itself, and we've all heard that the 'net routes around damage.  Hams routinely do disaster communications and public service communications; this makes it much easier and better.  But the widespread use of surplus WiFi gear for ham networks might just mean someone farther away than you think can be listening to your home network.  One of the guys said he doesn't pay for internet access.  He scans the neighborhood with an outside antenna, picks a non-secured router and uses the neighbor's router.  It's the same as wardriving, but maybe you don't think you need to think about that in your quiet, off-the-main-roads home.  Another said that while getting an amateur mesh network working, he unintentionally accessed other folks' routers.  When he realized it, he reset their router the way it was originally, but he almost took over someone's WiFi equipment.  

I would say if you don't have your WiFi secured, what's wrong with you?  And if you're using default settings, someone is probably using your WiFi. 


Penny Pincher Personal Finance said...

I got rid of wifi when my router died, and just started using a wired connection.

I ought to replace the router, if only to have something to play with.

BTW, someone called "Resistor in the Rockies" was promoting a Meshnet on Youtube recently. I was thinking it could be combined with the VPN towers the Free Network Foundation was building for Occupy (they have a wiki on how to build the towers on their website, so anyone with the right knowledge base could do it).

Here was my article on it:

Graybeard said...

Good piece on Meshnet.

The amateur networks are not darknets. FCC rules require amateurs to identify transmissions with their callsigns, and from what I gather, they do this by using their call as the WiFi SSID. That said, I don't see why that would be necessary if they're using the WiFi equipment under WiFi rules. If they're using the WiFi under amateur rules and transmitting with high power or high gain antennas, maybe.

Amateurs tend to be as scrupulously compliant with regulations and laws as concealed carry license holders, although there are some well known exceptions. And remarkably out of touch with a need for situational awareness.