Millions of innocent broadband customers could be in danger of being caught out by Lord Mandelson’s ill-conceived proposals to curb internet piracy according to TalkTalk, the UK’s largest broadband provider to homes.
To demonstrate the point, an internet security expert from TalkTalk today visited The Highway, a residential road in Stanmore, Middlesex.
Within a couple of hours he had identified 23 wireless connections on the street – more than one third of the total – which are vulnerable to Wi-Fi hijacking. These connections are either completely unsecured (6%) or use WEP technology (28%) which many users think is secure but is in fact easily hackable by anyone with a laptop computer.
To show how vulnerable people are to unauthorised filesharing, he downloaded music files from two connections, including Barry Manilow’s hit Mandy and the soundtrack from the 1992 film Peter’s Friends(1).
Of the 68 Wi-Fi connections on the road only one used the strongest available security (WPA2). The majority (65%) used WPA security which may become hackable in the future. Indeed a vulnerability has already been discovered.
The Highway is actually comparatively well protected. A Wi-Fi survey of central Ealing in West London conducted on 11th October found 41% of 1,083 Wi-Fi networks were vulnerable to unauthorised use.
Connecting to a Wi-Fi network is just one way that illegal filesharers can use other people’s internet connections, leaving innocent people vulnerable to disconnection. PC hijacking is another.
The risk of innocent people being disconnected is not hypothetical. Consumer organisations such as Which? have been contacted by hundreds of people who have been wrongly accused of filesharing using a similar method to the one Mandelson is suggesting.
"The Mandelson scheme is wrong-headed and naive," said Andrew Heaney, Director of Strategy and Regulation at TalkTalk. "The lack of presumption of innocence and the absence of judicial process combined with the prevalence of Wi-Fi hijacking will result in innocent people being disconnected.
"Also, the plan won’t work in practice. It will actually encourage offenders to use Wi-Fi and PC hijacking more frequently and so increase the chances of innocent users being falsely accused and disconnected.
"It is absurd to make people, in effect, legally responsible for the traffic on their internet connections and require them to prevent any unauthorised traffic.
Will people be required to upgrade to WPA and throw away much of their equipment such as games consoles that can only run using WEP or open Wi-Fi networks? What will happen if WPA is compromised in the future; will the whole country have to upgrade their Wi-Fi equipment again to avoid the risk of prosecution?
"TalkTalk acknowledges that there is a problem with illegal filesharing and that solutions must be found. First and foremost the content industry must develop new business models to make content more easily available and more affordable.
"We are happy to play our role alongside this but we will resist any approach that does not protect the innocent."
TalkTalk is currently developing a series of controls which will give parents the ability to block access to certain filesharing sites through their connections. Whilst it won't stop all illegal filesharing it could help significantly to reduce it. We also advise our customers on how they can secure their Wi-Fi networks.