Part 3: Un-Wired Security

Wireless Wandering

There have been public places you can go to use the Internet for some years; typically public libraries and retail establishments called Internet cafés, where there are carrels containing connected computers, and you pay by the hour.

We've had Internet cafés in our larger cities for some time now, and in places where they existed, business travelers and tourists have made excellent use of them. Internet cafés have never been much of a phenomenon here in the U.S. because they were pretty sparsely distributed, and you could never count on there being a networked café at or near any given business destination. (Internet cafés have always been a much bigger deal in Europe and Asia than the U.S.)

A fair amount of capital is required to equip an Internet café, and that's the key reason they never caught on, especially since Internet access (if not necessarily broadband Internet access) has been ubiquitous in U.S. homes for some years. By comparison, establishing a Wi-Fi hotspot takes very little capital. The wireless gear is cheap. The customers bring their own computers, and there are no cables. Because the customers don't get anywhere near the establishment's equipment, theft and damage are not risks.

Wi-Fi connectivity can be a godsend for road warriors who find themselves 'between connections' with laptops or PDAs in their briefcases and work to do. The cost is generally reasonable ($3 to $10 per hour) and the connections are typically much faster than a hotel dialup-sometimes hundreds of times faster. The only downside is that you typically have to 'do a transaction' at the counter to use the network. It would be fabulous if someone could 'aggregate' hotspots into a network under a single billing system, so you could use any network hotspot without having to tender cash or a credit card every time you stop at a café and want to log in.

In the past two or three years, a number of such hotspot networks have appeared, and they have grown spectacularly in recent months. These days, it's a rare city or major airport without a public hotspot or two-or two dozen-falling under the jurisdiction of one or more of those five major networks.

Wi-Fi has not brought us to network nirvana yet, but we're at least halfway there. Here are some points to keep in mind for networking on the road:

  • No one place is available on the Web where you can find a list of all commercial or community public hotspots. Hotspot directories exist, but they are almost laughably incomplete. If you plan to use Wi-Fi on the road you should be prepared to do some considerable searching. If you travel a lot to predictable destinations (for example, if you swing through Minneapolis, Chicago, Indianapolis, and St. Louis on a regular basis) you should be prepared to keep your own list and update it based on your own research.

  • No single billing system is available for all or even most commercial public hotspots. There are at least five major networks, and you have to establish an account separately with each network to use its hotspots without doing manual transactions. Still, five is better than five thousand.

  • Billing plans for commercial public hotspots vary widely and in what may seem peculiar ways. One plan may favor logging in quickly for fifteen minutes and then logging out again; another may favor logging in for several hours in a hotel room for continuous work. You can reduce your costs by studying the various hotspot network plans closely and matching a plan to the ways you typically use Internet connections. I'll discuss this in more detail later in this chapter.

  • In my travels during the past year, I've found that hotel management often knows very little about how their own Internet connection systems work, and if the system doesn't work for some reason, they can't simply send someone up to fix it. (This is especially true of 'no frills' hotels.) Therefore, I suggest you locate a backup connection site nearby, even if your chosen hotel claims to have high-speed Internet connections available.

  • Business travelers (and anyone else) can use public community hotspots without any charge at all. The trick lies in finding them, and perhaps living with their bandwidth limitations. For simple things like reading email, this isn't an issue. If you are sending or receiving large files, it is definitely an issue.

  • Public library policies for Internet connections are all over the map. Some libraries charge non-cardholders. Political restrictions on access to minors have made libraries reluctant to install Wi-Fi hotspots, because when users bring their own computers it's hard to monitor what they're doing. Many library computers do not have floppy drives or other removable media, due to political pressure from copyright lobbies fearful of people using public access systems to trade music and movie files. None of this is the libraries' fault, but it makes them poor choices if you can find public access elsewhere.

  • Irrespective of how infatuated you become with Wi-Fi, pack a CAT 5 patch cable when you travel. At significant numbers of new hotels, management has opted for wired rather than wireless access, and it's infuriating to have to stare at an Ethernet jack without having a cable to connect to it!

  • As a general rule, assume that both commercial and community hotspots have no encryption, via Wired Equivalent Privacy or anything else. This means that the guy at the next table may be sipping a latte while sniffing your packets on his laptop. Plan and work with that in mind. If your workplace has the ability to implement some sort of virtual private network (VPN) that would be the best thing to do.

  • Finally, pay attention to what hotspot you're connecting to. Depending on how your Wi-Fi client adapter and supporting software is configured, your laptop may associate with the wrong hotspot if more than one is available when you turn it on. In a dense urban area, you may be within range of several access points from your seat at the sidewalk table of a coffee shop. Access points in the offices above the shop or even across the street may not have encryption enabled, and it's possible to connect to the wrong access point by accident. A connection utility like Boingo's is very useful for specifying precisely what access point you want to connect to. I'll cover more on this later.

Let's talk a little more about some of these points.

Finding Public Hotspots

The biggest single problem for road warriors seeking wireless connectivity on the road is just finding the hotspots. Nothing like the Yellow Pages exists for Wi-Fi hotspots, though there are bits and pieces of such a directory scattered around the Net. You'll have to dig to find the hotspots you need.

What I do, and what most frequent Wi-Fi travelers do, is keep a personal directory of hotspots in the cities I travel to. Few people, even constant travelers, travel to random destinations. Most people find themselves in a mere handful of places, and return to that same short list of places on a regular basis. Sales people, for example, have territories and major accounts, and visit those accounts on a scheduled basis. You may find yourself in Chicago five times a year, and in Boise… never.

Each of the major commercial hotspot networks keeps a Web-based database of all their locations online. These lists are worth some study, but I find them infuriating, for this reason: When you're in an unfamiliar city and want to find the nearest hotspot, you can't just crank up Internet Explorer or Netscape and go looking for one. You're not connected yet. Web-based directories of any kind are worthless when you need them the most.

Here are some highly fragmentary directories of hotspots. Like all URLs, these may be gone by the time you read this, but a Google search for 'hotspot directories' will likely turn up several:

802.11Hotspots.com http://www.80211hotspots.com/

Open Hotspots Network http://www.openhotspots.net/

Wi-Find http://www.wi-find.com/

WiFinder http://www.wifinder.com/

Because all of these directories are actually database lookups, you can't just print them out or copy them into a separate document with cut and paste. And like the directories of their member hotspots posted by hotspot aggregator networks, they're inaccessible just when you need to find a place to connect from.

The AAA hotel directory now has an indicator for 'high-speed Internet access' in their listings. Be aware that these listings are not always accurate. If you're calling ahead to reserve, it only takes a few seconds to ask if high-speed Internet is available. Asking more detailed questions (even something simple like, 'Is it wireless?') is usually futile, and when you get to a hotel and want to connect, you're usually on your own.

Most road warriors belong to one or more (usually more) of the 'frequent traveler' programs offered by the major hotel chains.These programs give you discounts, frequent flyer miles with affiliated airlines, or other perks for staying at the chain's properties. I make heavy use of these programs, which means that I end up staying at the same short list of hotels in the short list of cities I visit frequently.This makes it easier to create a list of useful hotspots, since I really want something close to the hotel where I'm staying. (This assumes that the hotel itself has no high-speed Internet access.)

Locating free community hotspots is often difficult in the extreme, because they are not promoted and are known generally through word-of-mouth (or 'word-of-Net' these days.) Remarkably enough, the excellent Boingo connection utility includes free community hotspots in its directory, right along with Boingo's own hotspots. It just doesn't include all of them.

Finally, if you're stuck somewhere without a public hotspot within striking distance, you may be tempted to crank up something like Boingo's connection utility, locate some hapless person or business's unprotected Wi-Fi access point, and connect through that. Yes, it's easy. But double yes, it's fraudulent, and in most interpretations of current law, illegal. I find it bitterly amusing sometimes that the same people who fret endlessly about attacks from drive-by hackers will knowingly and willingly become one if a legal Net connection doesn't come easily to hand. Keep your sense of personal honor. Don't intrude on other peoples' networks and steal bandwidth.

Hotspot Networks and Aggregators

As I define them, hotspot networks are groups of hotspots owned and operated by a single company, like T-Mobile Hotspot. A hotspot aggregator is a company that provides back-end billing services for hotspots owned and operated by other people. Boingo Wireless falls into this category. From your perspective as a traveler, the distinction is mostly academic. When I say 'hotspot networks' here I'm referring to both.

The idea is simple: By setting up one account you get access to any hotspot in that network. The accounts work like a lot of things in the e-commerce world: You give the network your credit card information, and they debit your card either monthly or when you sign into a hotspot, depending on what sort of payment plan you select.

The downside, of course, is that no one network currently dominates the hotspot business, and to get easy access to the bulk of American hotspots you'd have to have accounts with five or six different networks. I myself have accounts with two, and depending on your circumstances you may need accounts with three or four. Much depends on how much travel you do, and (more important) where you go, since the major networks' hotspots are not evenly distributed around the country.

All but one of the networks that I've tried employ captive portals for their logon machinery. (I explained captive portals in some detail in Chapter 5.) Basically, when you turn on your laptop and open a Web browser in a hotel or café with a hotspot, your browser will intercept your first URL request (typically that of your browser 'home page,' like Google or MSN) and take you to the network's login screen. That's where you type in your user ID and password, after which the portal opens and you can access anything you normally would on the Internet.

The exception to this is Boingo, which distributes a separate connection utility that you install on your laptop. When you turn on your laptop near a Boingo hotspot, the connection utility handles the login process. It remembers your user ID and password, and establishes the connection without further input on your part.

Connection Costs and Plans

Each network has its own pricing plans, and when you create an account with one of the networks, you must choose one of their pricing plans. The plans fall into two categories:

  • 'Pay as you go' plans don't charge your credit card until you actually log into a hotspot. When you log in, you pay either by the connection or by the hour.

  • Subscription plans charge your credit card regularly (usually monthly) for either a set number of hours/connections or (more rarely, and for more money) unlimited access.

By setting up a monthly subscription your per-hour charges are less than pay-asyougo, but unless you travel enough to make sufficient use of a network's hotspots, you may actually pay more per hour for the connect time that you actually use. My analysis hasn't shown that I would benefit from a monthly subscription, so my own use of the two networks at which I have accounts has been strictly pay-as-you-go.

My intuition is that careful planning could make a monthly subscription worthwhile- if you travel frequently to the same cities and stay in the same places when you do. The only way to know is to look at your travel history and see if one of the networks supports all your favorite haunts.

Prices are definitely dropping in the face of increased competition. Almost from the beginning of the commercial hotspot era I predicted that eventually companies would offer hotspots without charge as a means of gaining an edge on their competitors and this is finally coming to pass. In mid-November 2002, Schlotzky's Deli announced their Deli Cool Cloud Network, which will consist of no-charge hotspots at selected Schlotzky's sites.The initial rollout will be eleven restaurants in the Austin,Texas area, with later expansion as they work out the bugs. The SSID of all Schlotzky's hotspots will be 'Schlotzsky's Cool Deli' and there will be no encryption.

Schlotzky's Cool Cloud Network: http://www.schlotzskys.com/wireless.html

The Shape of Your Work

One of the striking differences among the ways that the major hotspot networks have structured their pricing plans is the emphasis on 'connections' versus 'minutes.' The older and larger networks (especially those like T-Mobile, which is owned by a cell phone company) charge by the minute, so it's easy to calculate an hourly cost for being connected.

Some of the newer networks charge by the connection rather than by the hour or minute. A connection is usually defined as a time-limited relationship with a single hotspot. Boingo, for example, charges $7.95 for a connection to a single hotspot, and a connection can last as long as 24 hours. You can log into and out of that hotspot as often as you like during the duration of the connection without incurring additional charges.The definition of a connection varies widely among the networks. Wayport defines a 'hotel connection' as the time falling between the time you first connect to a hotel's hotspot and the next hotel checkout time.

What this means is that the shape of your work while on the road may dictate what network and what plan you choose. If all you do is log in for five minutes twice a day to send and receive email, any network may do. If you tend to gather information during a working day and process it during the evening (and if that processing includes Web research or sending and receiving large files) it may pay to choose a network offering a plan charging by the connection.

It's complicated. Pay attention to the fine print.



Jeff Duntemann's Drive-By Wi-Fi Guide
Jeff Duntemanns Drive-By Wi-Fi Guide
ISBN: 1932111743
EAN: 2147483647
Year: 2005
Pages: 181

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net