This is great news! On top of the announcement fron Fon the other day that they're teaming up with BT to offer all their Total Broadband customers the chance to get a Fon wifi router (and share some of their wifi), McDonald's has just announced that they're going to offer free Wifi in partnership with TheCloud.

Now, normally you have to pay for TheCloud access, so that's very nice indeed. It also means that I can sit in the much posher upmarket sandwich shop with my laptop next to McDonald's in the centre of Brum and use their free wifi ;) It does make me wonder to an extent as to how vulnerable BT users are with regards to lawbreaking (because it's already acknowledged that running an insecure hotspot allows others to perpetrate IP theft and other cybercrime, punishable by UK law, and there's not much they can do to stop it), but I suppose BT is willing to take this into account - or just doesn't care - if it happens once BT users start opening up their networks.

I'm a little more worried for newbie home users, because they're the ones who may well become compromised security-wise. Back in January I had to make our wireless access point open for a couple of days (because one of our housemates was having problems connecting, something I eventually sorted out) but in the meantime someone who lives in the vicinity of us managed to get onto my laptop's root drive, save an RTF file to the root dir and inside write me a rather worrying message! I'm still figuring out how they managed to do that, because my Windows shares are pretty secure and I use strong passwords combined with an in/egress firewall... They must've done something along the lines of sniffing the wifi signal to retrieve some NTLM or MD5 hashes of my password, and then bruteforced their way onto my machine. A little bit worrying, but that was in January and my network setup is a lot stronger than it was back then. If I can have a machine compromised, it doesn't bode well for newbie users who just turn on and go with Windows Firewall. I may have even been compromised via my own La Fonera... Still investigating.

Back to business, however, and thinking about Fon, I must get round to posting my review of my La Fonera sometime! It's already been taken apart, photographed, examined, compared and praised/criticised, I've already done my own testing so I have my own real life results to post up! Might as well, I have them all on my laptop.


  1. mic said...
    Fonera is pretty secure since it's using WPA/WPA2 for its private network (which you should use for yr own home network), and uses encrypted secure radius authentiocation for its public network. Moreover, clients connected to the public network can't physically "see" each other or the private network of la Fonera, so in no way sniffing can take place.
    Al this results in a more secure WiFi experience on the user part . Besides that, Think how you do feel when you use an Internet Point PC when you're traveling - i always use a ssh tunnel with key authentication, but that's not what an average user wants for a quick glance to her own email.
    Christopher said...
    Exactly, I'm much the same as you - VPN into a server I own on the internet when I'm using public wifi, or if that's not possible, use my phone's 3G connection via USB cable (usually because it's faster!) and I do follow all the best practices for wireless networks (WPA2, etc). I do wonder just *how* secure the Fonera is though as an attack vector, especially considering that many devices are possibly still running a flavour of the firmware which can be exploited in some way, shape or form...

    Food for thought. But then, I suppose, it's as insecure as your next garden variety wireless network, you just have to shore up the walls as best you can and keep an eye open all the time. I'd love some kind of combination-ingress--and-exploit detection hardware sitting on my network between the public parts and my private subnets, that'd be great, but I just can't afford something like that!

Post a Comment


Copyright 2006 onwards Christopher Woods. Some Rights Reserved.
ITU uses a (highly) modified version of the K2 theme by GeckoandFly,
originally Bloggerised by Blogcrowds. Credit where credit's due. :)

Into The Unknown is licenced under a Creative Commons License.
(Attribution-Share Alike 2.0 UK: England & Wales, Some Rights Reserved).

Creative Commons License