It follows the news that the music industry has dropped a
lawsuit against Tammie Marson of Palm Desert, California. Marson
argued that the fact that her computer contained illegal music
files downloaded over her internet connection was not proof of a
crime. As a cheerleader teacher, she said, hundreds of girls passed
through her house, any one of whom could have used her PC. She also
ran a wireless network without security – so anyone outside her
house could have used her net connection.
Observers in homes without cheerleader traffic were fascinated
by the wireless defence. “I’m going to open my network to the
neighbourhood,” was a typical comment. “Screw the RIAA [Recording
Industry Association of America]!” But think this through: suppose
someone outside your house uses your connection to download child
porn to a laptop, hack into a bank or launch a denial of service
attack. Unless you change your router’s default settings, you’ll
never know. But the police might. So they’ll impound your computer
and, if they find no incriminating files, they might give it back;
or suspect that you knew how to cover your tracks. It’s your word
against theirs. So keep your home network secure. For criminals,
accessing an insecure network is as easy as putting on a
balaclava.
Your office wireless network is more likely to have good
security – but perhaps you should check. A quarter of business
networks are unsecured, according to a recent wireless survey by
RSA Security. Its tests in London this year found that 22% of
access points still had default settings that put networks at risk.
RSA points out that these offices are at risk of data theft and
virus infection. It follows that they could also face difficult
questions from police tracing terrible crimes. They might not prove
anything against your company; but nor is it an investigation your
business wants.
We don’t hear of such investigations today, but that could
change. While the percentage of vulnerable networks is falling, it
is falling slowly – and the total number of networks is rising
fast. RSA reports a 73% year-on-year rise in the number of wireless
hotspots in London.
The police don’t like anonymity breaking evidential chains. Will
they push for new laws that make unsecured networks illegal, or
grounds for a claim that the operator is aiding and abetting the
commission of a crime? After all, our Data Protection Act already
has certain expectations of office networks that hold personal
data. While the police don’t care about extending these
expectations to protect movies and music, they do care about
hacking and child porn; and right now they probably care even more
about terrorist communications. At a time when air travellers can’t
carry toothpaste, it doesn’t seem quite so far-fetched to foresee
the banning of safe havens for criminal communications.
That may or may not happen. But for now, if nothing else, fix
your wireless security. Otherwise you could find yourself reported
in the press as helping the police with their enquiries in
connection with a terrible crime. Nobody wants that.
By Struan Robertson, Editor of OUT-LAW. This editorial has
been reproduced from Issue 15 of OUT-LAW Magazine. Register with OUT-LAW or
amend your
profile to get a free subscription.
