Excerpted from the EFF’s call for an open wireless movement:
“When people turn on WEP or WPA encryption for their networks deliberately, there are two common reasons: a desire to prevent their neighbors from “free riding” on their connections; and a fear that unencrypted WiFi is a security or privacy risk. Both of those reasons have a degree of legitimacy, but neither of them changes the fact that we would be better off if there were more open networks. Also, both of these problems could be solved without password locking our networks. What we need, instead, is to develop and deploy better WiFi protocols.
Let’s focus on the first issue for a moment: traffic prioritization.
Many people would like to have the fastest network connection possible, and for that reason are reluctant to let their neighbors share their link. After all, if your neighbor is streaming music or watching YouTube videos on your WiFi, that’s going to slow your traffic down a bit! But those same people would probably be willing to give up some bandwidth at home from time to time, in exchange for having free open wireless everywhere else. In other words, we’d all be better off if we all left our WiFi open, but we each benefit slightly if we close our WiFi. Our failure to work together prevents us from enjoying better, more widespread Internet access.
The best solution to this problem is to have WiFi routers which make it very easy to share a certain amount of bandwidth via an open network, but simultaneously provide an encrypted WPA2 network that gets priority over the open network. Some modern routers already support multiple networks like this, but we need a very simple, single-click or default setting to get the prioritization right.
If the problem of open WiFi was just about convincing people to share their connections, we’d be in a better situation. Enough people understand the importance of sharing that we’d have open networks more or less everywhere.
The problem that’s really killing open WiFi is the idea that an unlocked network is a security and privacy risk.
This idea is only partially true. Computer security experts will argue at great length about whether WEP, WPA and WPA2 actually provide security, or just a false sense of security. Both sides are partially correct: none of these protocols will make anyone safe from hacking or malware (WEP is of course trivial to break, and WPA2 is often easy to break in practice), but it’s also true that even a broken cryptosystem increases the effort that someone nearby has to go to in order to eavesdrop, and may therefore sometimes prevent eavesdropping.
It doesn’t really matter that WiFi encryption is a poor defense against eavesdropping: most computer users only understand the simple message that having encryption is good, so they encrypt their network. The real problem isn’t that people are encrypting their WiFi: it’s that the encryption prevents them from sharing their WiFi with their friends, neighbours, and strangers wandering past their houses who happen to be lost and in need of a digital map.
Insofar as there is some privacy (and psychological) benefit to using an encrypted WiFi network, there’s actually no reason why users of open wifi shouldn’t get those benefits too!
There is currently no WiFi protocol that allows anybody to join the network, while using link-layer encryption to prevent each network member from eavesdropping on the others. But such a protocol should exist. There are some technical details to work through, but they are manageable.
In fact, this proposed protocol offers some privacy/security benefits not available in shared-passphrase WPA2, which is the strongest easy-to-deploy WiFi encryption system. Under WPA2 all the users on the network can calculate each others’ session keys and eavesdrop on each other. With our suggested design, that would cease to be possible.
Since 1994, the United States government has auctioned off huge portions of the electromagnetic spectrum to telecommunications companies. WiFi operates in tiny scraps of spectrum that were left over from the auctions. Similar processes have occurred in many other countries.
But WiFi networks (especially modern 802.11N networks) turn out to make inherently much more efficient use of spectrum than systems of widely spaced cell phone towers. This results from a property of wireless protocols called area spectral efficiency: basically, if your data only has to travel to a nearby router, the same frequency range can be used for someone else’s data around the corner or across the street. In contrast, if your data needs to travel all the way to a cell tower, nobody else in between can use that same portion of spectrum.
If we want a future where anyone can watch high definition movies or make video calls from anywhere without wires, what we need is short-range networks with routers everywhere — like the one we’d have if everyone opened their WiFi.”