• Explore the magic and the mystery!



  • What Apple and Other Router Makers Can Learn From Hotels

    August 22nd, 2006

    How many times have you checked available Wi-Fi connections on a note-book, Mac or PC, and found several that weren’t password protected? Now I understand a commercial hot spot, such as T-Mobile, where you can’t actually do anything online without having an active account or ordering up a pass for an hour or a day. But what about individuals and businesses that don’t seem to recognize that anyone can connect to their network?

    Of course that doesn’t necessarily mean that an outsider can actually login to their computers, but it does mean that strangers suddenly have access to their Internet connection. Aside from reduced bandwidth, it does create the potential for someone, somewhere, to be able to connect to their systems too, if their password aren’t strong enough.

    Having worked with a number of routers over the years, it’s clear to me that the makers of these products aren’t being proactive enough on matters of setup and security. Quite often all you get is a tiny brochure that’s supposed to guide you through the installation, and the rest of the instructions are placed on a CD, in electronic form.

    But is that the best way to guide you to a secure wireless setup? The solution is in front of these companies, if only they’d look.

    Shortly after the Steinberg clan arrived in San Francisco for a brief vacation earlier this month, I entered the hotel room and, while my wife and son were busy unpacking their stuff, I hooked up my 17-inch MacBook Pro to a router to check my email. Before I could get online officially, however, I had to open my browser, and accept the terms and conditions of the hotel’s ISP. Once I clicked Accept, the browser quickly switched to my regular home page.

    In recent weeks, I’ve set up wireless routers for my son at the apartment he now shares with two fellow students, and also for several clients. To activate wireless security in each case, I had to call up the router’s Setup Assistant or Web-based interface and navigate through menus that would absolutely confound the average user.

    Why isn’t this security setting activated by default?

    Wouldn’t it make sense for these routers to set up their products in a fashion similar to the hotel’s Internet hookup? The first time you get online after hooking up one of these devices, you see a the first of several clearly-labeled information screens asking you to choose a password for wireless production that’s activated by default. There would even be few chosen paragraphs on how to pick a strong password, one not easily guessed by an Internet vandal.

    Once you clicked Next, you’d be guided through one or two more setup scenarios, such as naming your network something other than “default” or “Linksys,” and present other security options, such as restricting the hookup only to the hardware or MAC addresses of the computers you want to use.

    None of this is hard to implement. All it would take is putting up a Web-based screen explaining the settings you need to make the first time the product is used. It could all be done in plain English, free of jargon, so even a novice computer user would understand the need for security and what to do to get it.

    Yes, the power user would still be able to configure other, less-used settings, in the normal fashion. I’m not suggesting router makers reduce the sophistication of their devices. On the other hand, consumer electronics outlets often complain that routers are the products most often returned by customers because they can’t get them to work properly.

    Does it mean routers are failing more than other gear? No, it usually means that users aren’t given the right setup guidance to set them up properly. Apple does an almost-adequate job with its AirPort Setup Assistant. The rest of the companies, whose products are often better buys simply because of much lower prices, apparently have existed in the Windows world too long. They pile on the features, but don’t consider how best to make them accessible for regular people.

    Maybe the companies who make these devices should consider what happens the next time they stay at a hotel during a business trip, and attempt to get online.

    Readers, if you know of any router makers who do simplify the setup process and allow you to set the maximum amount of wireless security by default, let me know. I’d be delighted to check out their products and maybe even recommend them.



    Share
    | Print This Post Print This Post

    6 Responses to “What Apple and Other Router Makers Can Learn From Hotels”

    1. steve says:

      The apartment must really be crowded with the fellow students and all those clients.

    2. I actually like having my WiFi networks open for public use. I have plenty of bandwidth, and all of my computers are locked down thoroughly from unauthorized network access. So, why not be a good sport and provide the world some much needed internet bandwidth?… and me and my visitors with a completely seamless, hassle-free connect experience?

      I actually get irritated at all of these overly cautionary articles that pop up around the web scaring people about “insecure wireless networks.” They should instead be preaching about securing the computers ON the network. Then, we all have the best of both worlds: more ubiquitous connectivity, as well as solid system security.

      IMHO

    3. I actually like having my WiFi networks open for public use. I have plenty of bandwidth, and all of my computers are locked down thoroughly from unauthorized network access. So, why not be a good sport and provide the world some much needed internet bandwidth?… and me and my visitors with a completely seamless, hassle-free connect experience?

      I actually get irritated at all of these overly cautionary articles that pop up around the web scaring people about “insecure wireless networks.” They should instead be preaching about securing the computers ON the network. Then, we all have the best of both worlds: more ubiquitous connectivity, as well as solid system security.

      That is your choice to make, of course. But I’d rather consider it an optional choice, not the standard one. Not everyone is as magnanimous as you about their bandwidth. And, alas, not everyone locks down their computers thoroughly, so every added ounce of protection is useful.

      Peace,
      Gene

    4. Mike Cohen says:

      Jack, If someone uses your wireless connection to send a load of spam or commit another crime, you will be responsible for it, since it can be traced back to your internet connection. Same thing if someone downloads illegal music and angers the RIAA – guess who they’ll sue.

    5. David says:

      Gene, you’ve made some excellent suggestions to keep casual invaders from borrowing bandwidth. Whenever possible people should choose WPA encryption. A determined attacker can get into a hidden, MAC address restricted, 128bit WEP encrypted wireless network with a bit of effort and patience. Then again why bother doing that when you can simply drive to Jack’s house 😉

      Jack, I applaud your generosity and faith in your neighbors and anyone else who happens to drive by. I prefer to keep the crackers and kiddie porn downloaders away from my internet connection lest the ISP think I’m guilty.

      I used to work for an Apple Reseller and routers were the products we all hated to sell because so many people pestered us for detailed set-up instructions or simply returned them. Suggesting an Apple AirPort product was difficult for two reasons: (1) The LinkSys, D-Link, Netgear, etc. stuff is less than half the price and (2) almost every customer who wanted a router had a mix of wired and wireless computers. The AirPort Express can’t serve wired clients and the AirPort Extreme base station, which is another 50% more costly than the Express, requires a separate switch to support more than one wired computer.

    6. Richard says:

      Having set up a Linksys wireless router recently, I’d say that it was fairly painless, and did encourage you to turn on WPA2. Of course, the setup utility to do this only worked on Windows. Once that initial stage is done, it’s easy enough to log in via HTTP with any machine. At some point, I’m going to get around to putting in MAC address filtering too (not that that’s especially difficult to fake, but why make things easier than they need to be?).

    Leave Your Comment