A word of warning about 'free' public Wi-Fi

Beware unsecured computer-to-computer Wi-Fi networks. As the name implies, this network connects to a computer run by a total stranger somewhere nearby.

Michael Horowitz

Michael Horowitz wrote his first computer program in 1973 and has been a computer nerd ever since. He spent more than 20 years working in an IBM mainframe (MVS) environment. He has worked in the research and development group of a large Wall Street financial company, and has been a technical writer for a mainframe software company.

He teaches a large range of self-developed classes, the underlying theme being Defensive Computing. Michael is an independent computer consultant, working with small businesses and the self-employed. He can be heard weekly on The Personal Computer Show on WBAI.


Michael Horowitz
3 min read

I recently found myself in an airport terminal with a laptop and time to kill. Not knowing what the Wi-Fi options were, I let Windows XP search for available wireless networks. As you can see below, one of the networks was called "Free Public WiFi". If this happens to you, don't connect to a network like this.

The first two networks are each labeled "Unsecured wireless network". Fine. But the Free Public WiFi network is described by Windows as an "Unsecured computer-to-computer network". As the name implies, this network connects to a computer run by a total stranger somewhere nearby in the terminal.

Normally, wireless networks are created, run, and governed by a router. But, two Wi-Fi-enabled computers can talk directly to each other without the need for a router-based network. Another term for this type of network is "ad-hoc". Personally, I've never needed or used an ad-hoc computer-to-computer network.

How unusual are computer-to-computer networks? I live in Manhattan, surrounded by large apartment buildings. At home, my laptop picks up 28 wireless networks. Not one of them is a computer-to-computer network.

Why would someone set up a computer-to-computer network in an airport terminal? Most likely, it is good for them and bad for you. For one thing, the network name seems a bit too obvious. Who, in an airport terminal, doesn't want free public Wi-Fi? It's like asking a child if they want candy.

I always configure laptops to only connect to router-based networks and suggest you do so, too. Windows XP has a configuration option, shown below, that controls the type of networks it talks to.

You get to this window with: Control Panel -> Network Connections -> Wireless Networks tab -> Advanced button. Router based networks are referred to as "infrastructure" or "access point" networks.

Knowing that my laptop wouldn't connect to an ad-hoc network, I tried it anyway. The result is the warning shown below.

Unfortunately, lots of software competes to control the Wi-Fi connection on laptop computers. In the examples above, Windows XP was controlling the network. Your laptop may have software from the company that made the computer controlling the wireless network. Or, your Wi-Fi environment may be controlled by software from the company that made the Wi-Fi adapter hardware or by an outside party altogether. This other software may or may not have an option to avoid computer-to-computer networks. If it doesn't, hopefully it will at least identify the type of network it detects.

Update May 14, 2008: For an explanation of where some of these computer-to-computer networks come from see Free Public WiFi SSID. The important point here is that when you are looking through the list of available wireless networks that you be on the lookout for ad-hoc computer-to-computer networks as opposed to normal, router-based (infrastructure) networks. If the software you use to scan for available networks does not indicate the type of network, you may want to use different software. As more people become aware of this particular network name, a bad guy may simply use another enticing name.

See a summary of all my Defensive Computing postings.