Just a bit of harmless wireless broadband theft? Think again

'Snarfing' can cost you money – and worse. James Daley explains how to protect yourself

The spread of wireless internet technology has rapidly changed the way most people use the web. Instead of logging on at the office or in your study, it's now possible to use the internet just about wherever you are.

At home, you can browse your favourite websites while lying on your sofa or in your bed. And if you're on the move, you can surf while in a coffee shop or at the airport, often for free.

But the flip side of the wireless revolution is that it can often prove far too easy to get on to the internet: growing numbers of laptop users are stealing other people's paid-for broadband services without their knowledge.

The practice is known as "snarfing". At its more innocent, snarfing involves people picking up their next-door neighbour's wireless signal, or sitting outside a hotel to hop on to its Wi-Fi network. However, for those with a monthly download limit, even this can prove very costly – especially if your neighbour is downloading several movies a night via your broadband account. For many people, it takes several additional bills before they realise that someone else has been using their service.

"If someone else is piggybacking your broadband connection, or if they've hacked in, their online activities will slow down your browsing, and anything that they download will affect your download allowance," says Michael Phillips of Broadbandchoices.co.uk, the broadband comparison site. "All broadband packages have a download limit of some sort – even those that are advertised as 'unlimited' will have a fair-usage policy."

At the sharp end, snarfing is much more dangerous, carried out by professional hackers who can potentially expose the broadband account owner to fraud, or even implicate them in a crime.

Adam Laurie, a freelance security consultant (www.rfidiot.org), says that open Wi-Fi networks are open to all kinds of attacks. "If you've got a little home network, someone might come along and inject viruses on to your computers or use your PC as a launching point for mailing spam," Laurie says. "Alternatively, someone could be sitting outside your house and hacking into the Pentagon, or downloading child porn, leaving a trail to your computer."

Unfortunately, most wireless routers are still sold with a relatively basic built-in security system known as WEP (wireless equivalent privacy). "WEP prevents people from connecting to your wireless signal, but can be cracked in around 10 minutes using a tool like Aircrack," Phillips says. "Although it will probably stop your average neighbour from piggybacking your broadband, anyone with the inclination to hack in can easily do so."

To protect yourself against hackers, Phillips says you need to change the settings on your computer to WPA (Wi-Fi protected access). Some hardware is not compatible with these more powerful security options, however, in which case you may need to think of getting a new router – or a more modern computer.

Choosing an unconventional password is also important, Laurie says. "Hackers use programs which will try out every word in the dictionary to try and crack your password," he says. "My recommendation when creating a password is to think of a reasonably long sentence, and to then take the first letter of each word. That way, it should be relatively easy for you to remember, but the word itself will be gobbledegook."

As well as using the most up-to-date encryption, Phillips recommends that you make your wireless signal invisible so that it cannot be detected by potential piggybackers or hackers.

Laurie points out that it is not only wireless internet users who are susceptible to snarfing. If your mobile phone has a Bluetooth facility, you may also be vulnerable. Fortunately, most new phones are protected against Bluetooth snarfing, or "blue-snarfing". A number of slightly older phones, though, are risky. Chief among them, says Laurie, is the Nokia 6310i, which was particularly popular a couple of years ago. Others include the Sony Ericsson T68 and R520M, and the Nokia 8910.

Although blue-snarfing is rare, it can prove very dangerous. "I've heard there are people making a lot of money by setting up premium-rate phone lines, and then hacking into phones and getting them to call them," says Laurie. Your contact book and any data stored on your phone could be stolen, too, and conspiracy theorists might be alarmed to know that a hacker could use blue-snarfing to bug your conversations.

Anthony Ball of Onecompare.com, the mobile-phone comparison site, says the easiest way to prevent blue-snarfing is by turning your phone's Bluetooth function off, though Laurie says that you can be protected in 99 per cent of cases simply by making the signal invisible.

At a more innocent level, it has recently become increasingly popular to "bluejack": hijacking a phone's Bluetooth signal to play a practical joke on the user or to send them a personal message.

Comments