Is your home Wifi connection wide open for anyone to use? If it is, two recent home Wifi horror stories might wake you up before it’s too late.
It looked like a scene straight out of SWAT Team Tech. This summer, heavily armed police broke down the door of an Evansville, Indiana home, smashing windows and lobbing a flashbang stun grenade into the livingroom. The SWAT team was convinced that someone in the house had made anonymous threats of violence against police that were posted online. But according to the Evansville Courier and Press, when police entered the house, what they found was a terrified teenager named Stephanie Milan watching the Food Network. After investigating, the police realized their mistake. The IP address they’d traced back to the poster belonged to an unsecure Wifi router at the Milan residence. That meant the online threats against the police could have been made by anyone in the vicinity who used their Wifi connection. As it turned out, that’s exactly what happened. Police later identified another suspect living in a house on the same street.
Judge Says an IP Address Doesn’t Prove Personal Identity
During the past five years, unsecure home Wifi connections have been the catalyst for a wide variety of lawsuits and over-the-top police raids – especially ones involving terrorist threats, child pornography and copyright infringement. In a landmark case, New York Magistrate Judge Gary Brown recently issued a scathing ruling that the use of an IP address alone is not sufficient proof that a specific person downloaded files illegally, especially in BitTorrent lawsuits (those involving peer-to-peer filesharing of large amounts of data over the Internet). In his decision on a BitTorrent lawsuit on the alleged downloading of a pornographic video, Judge Brown observed that 61% of US homes now have home wireless access. He said that makes proving who’s using a particular IP address extremely problematic:
“ It is no more likely that the subscriber to an IP address carried out a particular computer function – here the purported illegal down-loading of a single pornographic film – than to say an individual who pays the telephone bill made a specific telephone call … Unless the wireless router has been appropriately secured (and in some cases, even if it has been secured), neighbors or passersby could access the Internet using the IP address assigned to a particular subscriber and download the plaintiff’s film.”
The decision is important for anyone with an Internet connection, especially those who use a shared or unsecure Wifi connection and those who use BitTorrent filesharing. It also highlights how vulnerable home wireless networks are to hackers.
Researchers Say Time Warner Distributes Unsecure Wifi Routers
That’s not all. A young security researcher and entrepreneur named Chris Naegelin recently discovered that securing your home Wifi connection might not always be in your control. According to a July article in Forbes, Naegelin discovered that a Wifi router installed by Time Warner Cable in his Brooklyn apartment didn’t have the most basic security features to protect anyone using it. When Naegelin tried to change the password to the Arris TG852 router to one that was more secure, he couldn’t do that because the password was hardcoded.
Even worse, the factory password was nothing more than the device’s model number and the last six characters of the MAC (Media Access Control) address – which makes it extremely easy to hack with readily available tools. Using a few simple tricks, Naegelin and fellow researcher Charlie Vedaa found they could access any Wifi network running the Arris device, alter its settings and bypass its authentication to compromise hundreds of thousands of routers over the Internet. “I basically found there was no way to secure the device other than to unplug it,” Naegelin told Forbes. Arris told the magazine that, since learning of the questions raised about its product’s vulnerability, it’s been working to determine the level of risk and appropriate responses.
It’s Time to Wake Up to Home Wifi Dangers
Do you know how to secure your home Wifi connection? Both the FBI and the FTC recommend changing the default identification and the administrative password on your wireless router. Creating a long strong password of letters, numbers and symbols and using WPA2 security are also critical for your online privacy.
What’s more, using VPN software like PRIVATE WiFi™ is critical for your online privacy. VPNs encrypt the information sent to and from your computer. That makes it invisible to hackers.
If your Wifi connection was hacked at home, we’d like to hear what happened. Drop us a line and share your story.