Sunday, December 12, 2004

Thoughts on wifi

Well, I finally managed to get my hands on one of the scarce laptops in the organization which do have Wifi. I needed it a week for a conference I went to in Washington DC. This blog-entry is a compilation of some thoughts that occured to me when using it.

  • Hooking up to public accesspoints is not always easy. Attingo's signup at Schiphol Airport is pretty straightforward, but finding the page where you could sign up with a creditcard wasn't. Notified them. No complaints further, good connection in the United Business lounge.
  • T-mobiles setup at Washington DC's Dulles Airport is a regular pain. You need to enter three secret codes: Creditcard number, user name password and something else. Pain is, that when you make a mistake it doesn't remember either. Which means you have to reeenter it again, and again and again. Whenever you forget something it forgets all. Can't they just build something that at least remembers the stuff you got right first time around?
  • STSN aka Ibahn who provide wireless at Marriotts are best to be avoided. Wireless only worked in with the hotel lobby access point, which kind of reached my room, but that was shere luck. It turned out that even though they provided conference rooms with wireless, my 9,95 didn't pay for a connection there. This according to them had to do with different security arrangements. Yeah right! specifying a v-lan isn't that hard. It was just a way for them to try and make money from the conference organizers. "if you don't buy conference access from us, your attendees will not get a W-lan connection, even if they pay 9.95 in the lobby". Oh yeah, I tried it in the hotelroom, using the high speed ethernet connection and a cable, but that didn't work either, but that just might have been me. So basically 9.95 allowed me to sit in the hotellobby, which I consider a huge pain in the behind, which is a quote they can use on their testimonials page!
  • Wireless is to be had in the area of business class/first class lounges. Wireless doesn't care if you actually are first class :-)
  • setting up secure connections is too difficult for the lay person. We need standard Diffie-Helman key exchanges. I saw on the internet that it is available on some access points, but it just should be the standard of the IEEE. As far as I could find with Google it isn't yet.
  • Securing accesspoints should be mandatory. There are too many open access points available. There is no use for anonymous connections over a random family's access point, it only endangers them into being seen as cybercriminals.
  • If people want to make it possible for neighbours and strangers to make use of their access point it should be done in the same way hotspots are now available at airports and Starbucks. Make it possible to extend the official network of the ISP to a users access point. This way if I open up my laptop and there is an access point available of Joe User, I can only hook up to it by propperly logging in to the ISP's network or use the airport/credit card system. This will require many roaming agreements etc, but it would bring security and convenience at the same time. It should be done in such a way that the person opening up his network in this way can throttle the speed of the guest users and/or the times they can access. So I would like to see a rule like "Guests can only connect when I am not connecting" or "Guests only get 1mbit/sec".

2 comments:

Anonymous said...

"If people want to make it possible for neighbours and strangers to make use of their access point it should be done in the same way hotspots are now available at airports and Starbucks".

Or another idea: only allow encrypted protocols such as HTTPS, POP/SMTP over SSL, PPTP and IPsec.

Anonymous said...

STSN/iBahn was a total disaster for my company. iBahn does not assign a new DHCP address to PCs when they connect to its network. This is bad news for corporate security solutions that watch for IP spoofing.