The unauthorized sharing of broadband connections through wireless
home networking technologies has yet to go mainstream,
but the practice has caught cable’s attention

Most parents tell their children that sharing is a good thing. In fact, it is usually deemed rude when people keep everything for themselves.

While the phrase "share and share alike" is typically embraced when it comes to everyday commodities like food and water, it doesn't always apply to bandwidth, the commodity of the information age–at least from a network operator's point-of-view.

Several MSOs have openly encouraged their high-speed customers to get the most out of their broadband connections by sharing bandwidth among the PCs and peripherals in their homes, but their attitudes tend to change when customers transmit signals wirelessly in the clear, putting precious bandwidth and revenue at risk.

Though some may be distributing their connections unknowingly and become easy prey for hackers, others can, and sometimes do, share their connections with their neighbors and split their bills accordingly. While this "siphoning" of bandwidth from unencrypted Wi-Fi nodes is not exactly a mainstream occurrence yet, it has given some operators a reason to do their homework and conjure up new policies and methods to deal with it.

Those efforts will likely come in handy as the prevalence of wireless hotspots grows and wireless LANs become less expensive and easier to set-up and use. Analysis firm (and CED sister company) In-Stat/MDR forecasts that the number of publicly accessed wireless hotspot locations worldwide will grow from a mere 2,000 at the end of 2001 to 42,000 in 2006.

As Wi-Fi sharing and piggybacking has sparked new interest for early adopters, it also has spawned some trendy terms and activities, such as "wardriving" and "warchalking."

Wardriving is the practice of driving around and searching for wireless access points that are transmitting encrypted or, more preferably, clear signals. Wardrivers usually go out armed with powerful antennas and laptops loaded with wireless PC cards and Wi-Fi "sniffing" programs such as Kismet and NetStumbler.

Harkening back to an era in which hobos scrawled symbols to indicate where a free meal might be scored, the art of warchalking (see sidebar, p. 6) indicates the location of a known Wi-Fi access point.

Others advertise those connections much less discreetly. Hordes of common directories and "free" community networks have sprung up on the Internet, showing exactly where the hotspots are. Such organizations, to name but a few, include Seattle Wireless, Houston Wireless, BAWUG (Bay Area Wireless Users Group) in San Francisco, NYCwireless, BAWIA (Boston Area Wireless Internet Alliance), MileHigh Wireless in Denver, Richmond Free Wireless in Virginia, and Atlanta Freenet.

"Free" wireless access is a misnomer, of course, because someone or some company is paying for the infrastructure behind that wireless cloud, be it a telco or cable operator. But a burgeoning number of for-profit carriers, or wireless Internet service providers (WISPs), have also emerged, including Joltage and Boingo.

While hotspots are easy to detect, it gets trickier for operators if a cable modem customer shares his connection unadvertised with a neighbor and the two are splitting the bill under an unwritten "convenient agreement," says Navin Sabharwal, director of residential and network technologies at Allied Business Intelligence Inc.

The people who do share their networks argue that they're paying for a slice of bandwidth each month and they should be able to use it and splice it however they see fit. But Sabharwal likens that attitude to people who use peer-to-peer applications to download and share copyrighted material without paying for it and believe that nobody's getting hurt.

But bandwidth costs aside, the broader question is whether a customer is using an unsecured Wi-Fi network unintentionally or doing it purposefully to share with others. "That becomes a shady area," Sabharwal notes.


Some MSOs are shedding light on the subject through some early actions or distinct policies tied to cable modem subscribers who redistribute their high-speed signals in the clear.

The most public of those actions so far occurred this past summer when Time Warner Cable mailed letters to fewer than a dozen Road Runner customers in New York City, warning them that using wireless technology to share their connections with others violated their subscription agreements.

In addition to a warning about a potential subscription agreement violation, the letter contained a subtle warning: that any malicious or criminal activity–even if performed by someone anonymously via that connection–would be traced ultimately to the customer's account. Time Warner Cable then asked the customer to cease and desist the practice within three days of the date of the letter or the account would be suspended and the operator "may pursue other legal remedies."

Time Warner Cable spokesman Mark Harrad says all of the customers who were sent letters complied with the operator's request, and that the activity over the summer didn't necessarily indicate a widespread problem of unauthorized broadband sharing.

AT&T Broadband, meanwhile, has laid down some fairly solid policies regarding bandwidth sharing, as well. Although AT&T Broadband encourages its cable modem customers to create their own wired and wireless home networks, "we'll always enforce our user agreement and charge for the service that we provide," says company spokeswoman Sarah Eder.

AT&T Broadband's broadband user policy specifically states that its customers are prohibited from distributing their Internet signals to computers or users who are not reflected on their account. How the MSO treats those user policy violations depends on whether the customer is inadvertently or deliberately sharing their connection via wireless home networking protocols such as Wi-Fi.

Although AT&T Broadband doesn't patrol for Wi-Fi usage proactively, the company does react to spamming complaints that stem from "attbi" domains and cable modem customers who have advertised that their cable modem connections are available, unencrypted, to anyone who cares to latch on.

AT&T Broadband started the practice about a year ago and has ramped up its reactive efforts over the last six months or so, says Mike Gosline, manager of the MSO's Legal Demands Center, a division that handles terms of service violations.

AT&T Broadband, on occasion, has come across customers who were distributing their signals inadvertently via an unencrypted Wi-Fi access point. In those cases, AT&T Broadband takes a "no harm, no foul" approach by alerting the customer that their signal is potentially available to other users, and that they're vulnerable to a cyber attack.

The next level of usage policy violation occurs when a customer deliberately shares his or her connections as a community service–and advertises that fact through a flyer or some other means. If that happens, the MSO will dispatch a team to locate the signal, cross-reference the account and the IP address that's on the account. Then the company will send a letter through certified mail to notify the customer that the operator has launched an investigation and the user must confirm that distribution has been ceased.

"If the user doesn't respond, we'll terminate the service," Eder says.

That's been an extremely rare occurrence. How rare? AT&T Broadband, which serves more than 1.8 million cable modem subscribers, has only terminated one customer because of such an offense.

The most brazen violation occurs when a cable modem customer distributes signals to others for profit. At that point, AT&T Broadband could terminate the service and take legal action for unauthorized reception of cable services. To date, AT&T Broadband has not had to go to that extreme.

Although AT&T Broadband–when it has reason to check for a potential subscription violation–occasionally employs Wi-Fi sniffing software sophisticated enough to "see" a PC's configuration, applications running in the background and how many e-mails are being downloaded, the company does not, for obvious privacy reasons, peer into the unencrypted files that are being dispersed via a Wi-Fi network.

"We only look at bits and bytes, not the specific data," says Eder, who likens the practice to "jiggling doorknobs" to see if they're locked.

While MSOs such as Time Warner Cable and AT&T Broadband have occasionally cracked down on unauthorized sharing, other broadband ISPs haven't discouraged the practice at all.

High-speed ISP and DSL wholesaler Covad Communications doesn't have a specific policy that addresses Wi-Fi, and actually permits its subscribers to share connections with non-paying customers. Instead of viewing this practice as a potential revenue sapper, Covad believes that sharing the connection might bring in new broadband customers, notes Hunter Middleton, Covad's group manager for consumer product marketing.

"Generally, we think anything that gets people to move from an old, slow, glitchy dial-up connection to broadband is a good thing," he says.

Still, Covad does emphasize to its customers that they are responsible for the use, or misuse, of their high-speed lines. "If they're going to share, we tell customers that they'd better be careful about setting up the right security precautions on their wireless network," Middleton says.

Tools of the trade
PC w/Wi-Fi sniffing software omni-directional antenna
car-mounted multi-directional antenna hand-held multi-directional antenna
AT&T Broadband Security Specialist Shawn Kleinart demonstrates some of the more sophisticated gizmos used by wardrivers: (A) a PC loaded with Wi-Fi sniffing software can be linked to (B) a powerful omni-directional antenna, (C) a car-mounted multi-directional antenna,
or (D) a hand-held multi-directional antenna.
In Covad's case, its customers are almost expected to share their connections with others, as the majority of its 357,000 subscribers are commercial customers with numerous PCs linked into a network.

Like Covad, EarthLink doesn't police broadband sharing, but suggests that its customers understand the risks they take when doing so, says EarthLink spokesman Kurt Rahn.

"At this point, the problem is so minimal that it isn't even a blip on the radar, so we haven't installed a policy," says Rahn.


Potential under-the-table reselling and subscriber revenue losses aside, unencrypted wireless networks are an open invitation for a hacker to encroach on someone's privacy and do some dastardly things.

"People who typically have unsecured networks are taking a big risk," Sabharwal says. "A malicious person would hack into the network to expose some files or potentially plant a virus."

Sabharwal notes that one big reason why many wireless LANs aren't secure is because the default setting for most home networking equipment is with the security measures switched off.

Wired Equivalent Privacy (WEP), a security protocol, creates an encryption key to keep out those who might want to share or hijack someone's wireless network. Although WEP will lock out some intruders, its code is fairly easily cracked. Programs like AirSnort and the aptly named WEPCrack, given enough time to do their handiwork, can guess the encryption passwords of WEP-protected LANs.

Office users typically employ expensive virtual private networks as an extra layer of security, but residential users can tap a router's embedded firewall for added protection. Another security tool under development is the "honeypot," a trap that looks like a typical Wi-Fi access point, but monitors for general wardriving activity and wireless eavesdroppers.


If people abuse their bandwidth consumption so that their usage is out of whack with the price they are paying under a flat-rate fee, it likely won't hurt the cable operator in the long-run, Sabharwal argues. "It will hurt the rest of us because cable operators can move to [usage-based] pricing," he adds.

If the problem grows beyond a nuisance, high-speed customers who are accustomed to the current "all-you-can-eat" model could see that approach replaced by a consumption-based billing model similar to what is used today by most cellular phone service providers.

Anecdotal evidence has shown that users who gobble up gigs and gigs of bandwidth might be worth more to the operator if they weren't customers at all under current flat pricing schemes. One industry source employed with a company that offers a bandwidth measuring platform recalls how just one cable modem customer managed to absorb $1,500 in network resources per month but was paying the operator a mere $45 per month in return.

In the U.S., consumption-based billing hasn't gotten much further than the discussion level, but the model might temper usage somewhat among the heaviest users. But even with tools that measure bandwidth, questions remain about how operators treat consumption that's in and out of the customer's control.

For example, it would seem unfair if an operator charged for the bandwidth tied to pop-up browser ads and e-mail spam. By the same token, it might be plausible to charge a customer a bit more if they streamed a two-hour movie in all its full-screen glory.


As with any new technology, the tapping of home networking gear to redistribute signals starts with technically-savvy early adopters before becoming more pervasive among general users. "It's not overwhelming, but it's something that we're mindful of," Eder says.

Industry observers also note that broadband sharing and Wi-Fi network tapping isn't even close to going mainstream. "My perception is that a lot of this is sort of over-hyped," Sabharwal says of the potential revenue losses or bandwidth issues that cable operators are faced with today when it comes to unauthorized wireless sharing. "It's more for the kid with acne with nothing better to do on a Friday night than drive around and show off in front of his friends. If someone has a legitimate purpose to be on the Internet, then they won't go to all this trouble on a consistent basis to connect to somebody's network."

Also, wireless data rates degrade significantly with distance, and some people are lucky to get speeds a bit higher than a traditional dial-up connection.

Even neighbors who split their bandwidth, Sabharwal adds, have to invest in some additional equipment to ensure that the throughput is suitable for both parties.

Still, a typical 1.5-Mbps downstream provides the requisite bandwidth to serve 25 individual 56-kbps narrowband users–perhaps enough for someone to create a nice little side business for themselves.