How to tell someone they've got an insecure wifi network?
April 1, 2005 3:42 PM   Subscribe

I'm going on a fairly long business trip, and my only broadband access at the hotel will be a wireless connection. I bought a wireless broadband card for my laptop today, and wanted to install and test it before I headed off, figuring I'd be able to hook it up to my wired network at home for updates, and bring it down to the local cafe to check the wireless part out. However, when I plugged it in at home, I discovered a wide-open wifi network named 'Wireless', with the default root password still on the router, and just a single Apple MAC attached to it. I strongly suspect this is not intentional, but just a non-savvy user setting it up, and they have no idea what they've left themselves open to. I figure this is somewhat the equivalent of noticing a neighbor left their door unlocked, unintentionally. How do I go about letting them know what the situation is, ideally in an anonymous fashion? I'd like for them to be able to know about it and fix it, but I don't want to get roped into being their support person for perpetuity - I've already got enough of that with my family and friends). Any ideas?
posted by bemis to Computers & Internet (15 answers total)
side note: I know people who leave the doors to their houses unlocked all day.

Do you know who owns the access-point? I live in a neighborhood with several open APs, but I'd only be able to guess as to where each is physically located. If you do know, I'd see no problem with mentioning it in person the next time you see your neighbor outside.

Some people operate their APs in open-mode on purpose. I do this, but I've also changed the default password and SSID, so perhaps that isn't the case here.

Other options would include less-than-legal means, like leaving a text file on a shared directory, or sending e-mail to a sniffed address. All not good ideas, and probably likely to freak the person out, I'd say. Personally, I'd leave it alone, but that's just me. What potential harm are you hoping to protect them from? (serious, non-snarky question)
posted by odinsdream at 3:50 PM on April 1, 2005

hehe..First of all: are you sure it is an "Apple MAC" and not just a "MAC address" that is connected to it? I'm just testing your tech knowledge...

Do you have any idea on who it is? If you do I'd just let them know that their wireless network is wide open and you had no problems logging into their router.

If you don't want to become a support buddy, just leave it at that. Maybe just write a letter and leave it in their mailbox.
posted by nickerbocker at 3:50 PM on April 1, 2005

Just remembered that Rendezvous thing apple has. Could you perhaps associate to their network and chat with them this way? That wouldn't be particularly crafty or illegal, I'd think.
posted by odinsdream at 3:52 PM on April 1, 2005

Is there a printer on the network? You could print them out a ghost message and freak them right the hell out.
posted by willnot at 4:13 PM on April 1, 2005

I'm with odinsdream in saying I'd just leave it alone. Too much hassle, too much possibility of coming out of it looking like the bad guy.
posted by RikiTikiTavi at 4:25 PM on April 1, 2005

netsend dood.

not sure what the equiv *nix/osx command is, but there should be one.

(net send will send a message from your desktop that *should* pop up a window on theirs -- of course, it's got an equally decent chance of being snagged by some sort of firewalling, but hey. this situation happened to us at my old work, and i think the person there was on sbc, so they had a login on the router, to which I simply sent an email. They were pretty appreciative. but imho if you don't know enough to lockdown your router, i'd just leave it as is. If someone tries to lock them out of it i'm sure tech support would eventually get around to telling them to hold down the reset button.)
posted by fishfucker at 4:33 PM on April 1, 2005

Let it go. Finding the person and explaining how you found them, why you want them to know how unsafe it is, etc., is just more trouble than it is worth. I admire your spirit in wanting to help, but I think no good can come from this.
posted by fixedgear at 4:43 PM on April 1, 2005

It's MAC address in the range assigned to Apple; the capitalization was intentional. I phrased it that way because that's all I knew about the machine; nmap -O didn't yield any further clues.

I don't know for sure who it is; I'm in a fairly dense neighborhood, and it could be any of the folks on the block. I want to let them know so they can make an informed choice about what they want to do.

A netsend would work great if they were on windows (and if most windows installations didn't have messenger turned off by now).

It looks like Rendezvous is exactly what I was looking for, though- thanks, odinsdream!.

Their printer is publicly shared, too.. I'll print out a short note explaining the situation, and the manual page explaining how to turn on security on their router. Ball's now in their court. Thanks, all!
posted by bemis at 4:50 PM on April 1, 2005

My toilet is named bemis...

Anyway I wouldn't bother. Out of curiosity, one day I went wardriving. Driving through any neighborhood in my town with my laptop on has revealed there are 5 or 10 open access points in a given neighborhood. I think it's up to manufacturers to come up with a more secure default setup. There's no way you are going to be able to educate everyone on network security. On the plus side, I now know that if I ever travel, Internet access will be a non-issue...
posted by knave at 5:18 PM on April 1, 2005

Relating to something else in your question - just because the hotel you will be visiting is advertising they have WiFi doesn't mean that it will be (1) up, (2) functional, (3) accessible when you are a guest there.

I recently returned from a week in NYC where our hotel advertised wireless access in all the rooms - and WiFi was down in all the rooms. Maybe it had something to do with 3,000 geek guests descending upon them that week, but HAVE A BACKUP PLAN, don't rely only on your WiFi card for this trip. Bring a cable, and a telephone line for dialup if things get really skanky. These two extra wires weigh nothing in your suitcase, but will bring tremendous relief in case you run into problems in your hotel room.

That NYC hotel? a very well-known, well-loved property near Central Park, one that can accommodate 3,000 geeks in nice rooms for a conference, but falls short on their WiFi needs :)
posted by seawallrunner at 5:20 PM on April 1, 2005

I also wouldn't worry about the neighbour's connection not being un-encrypted. Some people leave their door open and don't worry about it.

I would just ask neighbour's etc, about the connection and see if anyone knows anything. Maybe even make a call or two, but I wouldn't think of this as an emergency.
posted by xammerboy at 9:17 PM on April 1, 2005

There's a previous askme with a very similar question, but my searching isn't finding it. Maybe someone else remembers?
posted by advil at 9:34 PM on April 1, 2005

I leave my network open. I use a high channel with a non stock name and a complex password, though. Hell, I even share my folders read only. My printer is password protected, though.
posted by Dean Keaton at 11:01 PM on April 1, 2005

Out of curiosity, one day I went wardriving. Driving through any neighborhood in my town with my laptop on has revealed there are 5 or 10 open access points in a given neighborhood...On the plus side, I now know that if I ever travel, Internet access will be a non-issue...
posted by knave at 5:18 PM PST on April 1

Offhand, I'd say I'm surrounded by about 15 access points. Every single one is locked down tighter than a drum. Don't travel in my neighborhood.

I recommend the printer idea, as well.
posted by Jim Jones at 6:36 AM on April 2, 2005

At any given time I can pick up 20 or so WiFi networks from my house (near downtown San Francisco.) Usually at least 25% of them are open. I'm not sure if that's intentional or not, however.
posted by sixdifferentways at 9:34 PM on April 3, 2005

« Older Blacklight and Beemers   |   Gray Screen Of Death? Newer »
This thread is closed to new comments.