Seth Godin fires off a rant about
public access to private WiFi networks and gets it so wrong that he actually compares the security practice of locking
down a wireless access point to the way our parents scared us in the 60's with dire warnings of razor blades in apples
on Halloween. I feel compelled to reply.
Seth, dude…. buddy… pal o' mine… no. It's not at all the same. You got this one wrong - way wrong. You should check
with one of your tech buddies before you spout off like this.
OK, I don't want to rant back, really I don't. But let's take a quick look at the three things you wrote that are are
just wrong - factually incorrect - downright (but not intentionally) misleading.
-
Having the wifi network in your lobby or your waiting room or in the street under your window open to guests will not compromise the security of your files. You need a different sort of security for that.
Wrong. The moment you provide unfettered access to a wireless access point, you're allowing anyone walking or driving (remember war driving?) by access to your network. Really… you are. To lock down your network and still provide an access point for public use, you need to invest in additional firewalls, VPNs, DMZs, and a host of other TLAs. Otherwise a mildly talented script kiddie (that's one of the lowest forms of bad guy life forms Seth) can and will find a way to worm into the network. Or into your laptop as you're using this public access if you haven't taken the proper precautions to lock down your machine.
-
It won't degrade your net performance much either (hey, if it does, you can always turn the password on again, cursing me out as you do).
Also wrong. It could very easily degrade performance. And it's really not my business to monitor whether your leeching (that's a technical term Seth - don't get you knockers in a twist) of my bandwidth to download a few podcasts, iTunes, photos of your friend's new puppy, or whatever it is you want to be doing with my bandwidth. I don't run a Starbucks or even a fast food restaurant. I don't want you to hang out in my lobby or leech from the sidewalk. If you want free public WiFi access, go to the library or a hotel lobby. A network administrator's job is to make sure the organization's information and employee's PCs are safe behind a layered defense that allows them to get out but keeps everyone on the outside… well, outside.
-
I'm not a computer security expert, and I'm not making a statement about the risk to your data. What I am saying is that if you're dealing in stuff that's super confidential — like medical records or which Congressman is breaking which law—then you've got no business using a wifi network anyway.
Really, really wrong. Drop-dead, slap-yourself-upside-the-head wrong. Seth - you've ranted about privacy so often in the past that I can not believe you wrote this! Are you suggesting that I shouldn't take my customers' privacy seriously? Even though I'm not a health care provider or a spook? I don't need to be a hospital or the FBI to have confidentiality and privacy concerns. And for you to suggest that if I have privacy concerns I just shouldn't use WiFi is ludicrous. It's like you're suddenly a five-year-old throwing a snit because I didn't bring enough bubble gum to give you a piece. Get real. It is quite possible to run a secure wireless network. I have one at my home. I have one at my company. I set the one at home up all by myself (and BTW Seth - in the interests of disclosure - I'm a marketing guy, not a network guy) just by following the directions. And guess what - you wouldn't even know it's there. Because unlike the people you're ranting at who have no obligation to provide you with wireless access I turned off the little thingie in my access point that broadcasts the name of my network. Like I always say, "if they can't see you, they can't hack you."
Seth, I do love you man. I've been a big sneezer for you for years. I've zoomed with my company, gone on a search for the ways we can be remarkable, tried to find the Free Prize Inside our products and services and even accept the fact that I'm probably a liar (since you didn't send me, one of your oldest and biggest fans, an advance copy I'm still waiting for the official release of your new book to find out for sure). But this time, pal… buddy… friend o' mine… you got it wrong.
1. You are probably violating your service provider's TOS as well (there are only a handful of ISPs that explicitly allow sharing the connection).
You may also be assuming liability if someone were to use your connection to download illegal things. It is pretty well established that ISPs are not liable for their user's actions, but you'd have to convince a court that you are indeed an ISP. This might be difficult, especially if reselling/sharing the connection is violating the TOS.
Posted at 4:57AM on Dec 19th 2005 by Tim Marman