How many times have you checked available Wi-Fi connections on a note-book, Mac or PC, and found several that weren’t password protected? Now I understand a commercial hot spot, such as T-Mobile, where you can’t actually do anything online without having an active account or ordering up a pass for an hour or a day. But what about individuals and businesses that don’t seem to recognize that anyone can connect to their network?
Of course that doesn’t necessarily mean that an outsider can actually login to their computers, but it does mean that strangers suddenly have access to their Internet connection. Aside from reduced bandwidth, it does create the potential for someone, somewhere, to be able to connect to their systems too, if their password aren’t strong enough.
Having worked with a number of routers over the years, it’s clear to me that the makers of these products aren’t being proactive enough on matters of setup and security. Quite often all you get is a tiny brochure that’s supposed to guide you through the installation, and the rest of the instructions are placed on a CD, in electronic form.
But is that the best way to guide you to a secure wireless setup? The solution is in front of these companies, if only they’d look.
Shortly after the Steinberg clan arrived in San Francisco for a brief vacation earlier this month, I entered the hotel room and, while my wife and son were busy unpacking their stuff, I hooked up my 17-inch MacBook Pro to a router to check my email. Before I could get online officially, however, I had to open my browser, and accept the terms and conditions of the hotel’s ISP. Once I clicked Accept, the browser quickly switched to my regular home page.
In recent weeks, I’ve set up wireless routers for my son at the apartment he now shares with two fellow students, and also for several clients. To activate wireless security in each case, I had to call up the router’s Setup Assistant or Web-based interface and navigate through menus that would absolutely confound the average user.
Why isn’t this security setting activated by default?
Wouldn’t it make sense for these routers to set up their products in a fashion similar to the hotel’s Internet hookup? The first time you get online after hooking up one of these devices, you see a the first of several clearly-labeled information screens asking you to choose a password for wireless production that’s activated by default. There would even be few chosen paragraphs on how to pick a strong password, one not easily guessed by an Internet vandal.
Once you clicked Next, you’d be guided through one or two more setup scenarios, such as naming your network something other than “default” or “Linksys,” and present other security options, such as restricting the hookup only to the hardware or MAC addresses of the computers you want to use.
None of this is hard to implement. All it would take is putting up a Web-based screen explaining the settings you need to make the first time the product is used. It could all be done in plain English, free of jargon, so even a novice computer user would understand the need for security and what to do to get it.
Yes, the power user would still be able to configure other, less-used settings, in the normal fashion. I’m not suggesting router makers reduce the sophistication of their devices. On the other hand, consumer electronics outlets often complain that routers are the products most often returned by customers because they can’t get them to work properly.
Does it mean routers are failing more than other gear? No, it usually means that users aren’t given the right setup guidance to set them up properly. Apple does an almost-adequate job with its AirPort Setup Assistant. The rest of the companies, whose products are often better buys simply because of much lower prices, apparently have existed in the Windows world too long. They pile on the features, but don’t consider how best to make them accessible for regular people.
Maybe the companies who make these devices should consider what happens the next time they stay at a hotel during a business trip, and attempt to get online.
Readers, if you know of any router makers who do simplify the setup process and allow you to set the maximum amount of wireless security by default, let me know. I’d be delighted to check out their products and maybe even recommend them.