• On The Insider: Bruno Film Edited Due to Jackson's Death
May 11, 2008 5:14 PM PDT

A word of warning about 'free' public Wi-Fi

by Michael Horowitz

I recently found myself in an airport terminal with a laptop and time to kill. Not knowing what the Wi-Fi options were, I let Windows XP search for available wireless networks. As you can see below, one of the networks was called "Free Public WiFi". If this happens to you, don't connect to a network like this.


The first two networks are each labeled "Unsecured wireless network". Fine. But the Free Public WiFi network is described by Windows as an "Unsecured computer-to-computer network". As the name implies, this network connects to a computer run by a total stranger somewhere nearby in the terminal.

Normally, wireless networks are created, run, and governed by a router. But, two Wi-Fi-enabled computers can talk directly to each other without the need for a router-based network. Another term for this type of network is "ad-hoc". Personally, I've never needed or used an ad-hoc computer-to-computer network.

How unusual are computer-to-computer networks? I live in Manhattan, surrounded by large apartment buildings. At home, my laptop picks up 28 wireless networks. Not one of them is a computer-to-computer network.

Why would someone set up a computer-to-computer network in an airport terminal? Most likely, it is good for them and bad for you. For one thing, the network name seems a bit too obvious. Who, in an airport terminal, doesn't want free public Wi-Fi? It's like asking a child if they want candy.

I always configure laptops to only connect to router-based networks and suggest you do so, too. Windows XP has a configuration option, shown below, that controls the type of networks it talks to.


You get to this window with: Control Panel -> Network Connections -> Wireless Networks tab -> Advanced button. Router based networks are referred to as "infrastructure" or "access point" networks.

Knowing that my laptop wouldn't connect to an ad-hoc network, I tried it anyway. The result is the warning shown below.


Unfortunately, lots of software competes to control the Wi-Fi connection on laptop computers. In the examples above, Windows XP was controlling the network. Your laptop may have software from the company that made the computer controlling the wireless network. Or, your Wi-Fi environment may be controlled by software from the company that made the Wi-Fi adapter hardware or by an outside party altogether. This other software may or may not have an option to avoid computer-to-computer networks. If it doesn't, hopefully it will at least identify the type of network it detects.

Update May 14, 2008: For an explanation of where some of these computer-to-computer networks come from see Free Public WiFi SSID. The important point here is that when you are looking through the list of available wireless networks that you be on the lookout for ad-hoc computer-to-computer networks as opposed to normal, router-based (infrastructure) networks. If the software you use to scan for available networks does not indicate the type of network, you may want to use different software. As more people become aware of this particular network name, a bad guy may simply use another enticing name.

See a summary of all my Defensive Computing postings.

Michael Horowitz is an independent computer consultant and the author of several classes on Defensive Computing. He is a member of the CNET Blog Network, and is not an employee of CNET. Disclosure.
Topics:

Laptops,

Windows,

Software,

Phishing

Tags:

Wi-Fi

Share:
Digg
Del.icio.us
Reddit
Recent posts from Defensive Computing
Fixing bugs in the Flash Player yet again
Getting more battery power for your computer
Get an MSI Wind Netbook for only $349
Not interested in a Netbook computer? Consider the Honda Fit
Beware emails linking to blogspot.com
When Word documents break
More about printer ink rip-offs
Some computers are too important to be networked
Related
Add a Comment (Log in or register) (4 Comments)
  • prev
  • 1
  • next
by lnotenboom May 11, 2008 7:57 PM PDT
The "Free Public Wifi" might not be malicious - heck, the
owner might not even be aware of it.

There was a scenario (sorry, don't have all the details)
where a laptop could encounter an adhoc network called "Free
Public Wifi" and then Windows (being helpful) would
"remember" it and then broadcast it as well, to make it
available for ad hoc connections on your computer. It's
kinda virus-like.

I believe that's been corrected in subsequent patches, so
the owner of "Free Public Wifi" might also not be up to
date.

But your approach: connecting to only infrastructure
networks, is appropriate and should be the default.
Something else that I think might be updated in subsequent
patches.

Leo
Reply to this comment
by Kev Orng May 12, 2008 8:12 AM PDT
I saw "Free Public Wifi" in Miami airport but my iPod Touch didn't want to connect to it. Now I know why.
Reply to this comment
by Stormspace May 12, 2008 11:19 AM PDT
There are a few Linksys products, specifically the WET54GS5 bridge, that can be configured as a wireless AP. It creates an ad-hoc wireless network and doesn't do a very good job either, but it is workable if someone were to purchase one thinking it was an AP only to have to make it work. In my case they were bought during a previous administration and I was trying them out. Actually had one going for a short time, but it was a PITA to work with so I encrypted it so ppl using it would need assistance.
Reply to this comment
by bac0 May 12, 2008 5:33 PM PDT
this appears to be a known Windows XP bug. I've seen it quite often at airports, even when we've had visitors at our office.

see this article on the topic: http://tinyurl.com/5d72sp
Reply to this comment
(4 Comments)
  • prev
  • 1
  • next
advertisement

Can RIM get its mojo back?

The new BlackBerry Tour, carried by Verizon and Sprint, arrives Sunday, even as RIM seems to be losing sales to exclusive devices like the iPhone and Pre.

With Chrome, Google reignites the OS wars

roundup Google Chrome OS, due in 2010, underscores the Web giant's cloud-computing ambitions and opens new competition with Microsoft.
• What Chrome OS has on Windows that Linux doesn't

About Defensive Computing

Michael Horowitz is an independent computer consultant and the author of several classes on Defensive Computing. He views Defensive Computing as taking steps, when things are running well, to avoid or minimize the inevitable problems down the road. It's about educating yourself to the level where you can make your own intelligent decisions about keeping your computers and data happy and healthy. If you depend on computers, yet are on your own, without an IT department or nearby nerd, this blog's for you. His personal web site is michaelhorowitz.com.

He is a member of the CNET Blog Network and is not an employee of CNET.

Disclosure.

Add this feed to your online news reader

Defensive Computing topics

advertisement
advertisement

Inside CNET News

Scroll Left Scroll Right
News
News site map
Latest headlines
Contact News
News staff
Corrections
CNET blogs
Popular topics
Apple iPhone
Apple iPod
Cell phones
Dell
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET Widgets
About CNET