Dear Editor,
I am writing to you to take issue with your editorial dated February 10, 2006. I find your argument against installing a municipal wireless network in Pleasanton to be overly paranoid and in some cases factually wrong.
You wrote that San Francisco has a great deal of “hot spots†and presented a scenario where Pleasanton would become “jammed with laptops.†I work in San Francisco and despite what you may think of our local digerati, Market Street has not become overly crowded with folks “jammed with laptops.†I invite you to come over across the Bay to see for yourself. (And as a side note, most Blackberries don’t use WiFi, they use regular cell towers. In addition, you incorrectly stated that cell towers need line of sight in order to operate, they do not.)
Finally, you concluded your editorial by saying that WiFi is inherenly insecure, which is true. (This appears to be the crux of your argument.)
You mentioned that some people leave their connections open to the public (as I do with my Internet connection at home) – however, all WiFi access points can very easily be password-protected using Wireless Encryption Protocol (WEP) or WiFi Protected Access (WPA). Neither option is 100 percent perfect, but if you’re worried about someone “listening in†as you suggested (the proper technical term for this is “packet sniffingâ€) then enabling either of those options would make packet sniffing more difficult. Of course, neither would stop the most determined miscreant.
Furthermore, you illustrated a nightmare scenario where a would-be malfeasant was packet sniffing at the exact moment while you were checking your bank account online. Unless your bank has a horribly unsecure website, most bank passwords and other transactions are sent using Secure Sockets Layer (SSL) technology – in other words, all bank information is sent in an encryped fashion, and not in cleartext.
Most identification theft does not occur because someone is using your WiFi connection, but rather through “phishing†– the practice of getting someone to give up personal information to an untrusted source and/or to an entity masquerading as a trusted source.
Furthermore, to argue that Pleasanton should wait for a company like Google to come in and pay for the cost of access is a nice one – but given the number of cities that would like this arrangement, I can’t imagine that Pleasanton would be very high on their list.
And finally, to argue that WiFi should be stopped because it is insecure is like saying that the city should not build electrical wires because they could fall and damage people or property. Precautions can be made so that the possibility of such extreme cases are kept to the least possible minimum.
Sincerely,
Cyrus Farivar
Oakland, Calif.
