One of the questions people ask is why do we want a CaptivePortal solution when PersonalTelco is all about sharing and community utilization of resources. Well there are a bunch of reasons but the bottom line is control of liability. If it's our network then practically, and legally, we are responsible for it.
Unfortunately public resources get abused, that's just the way the world works most of the time. This means that PersonalTelco (and other WirelessCommunities) has a fine line to walk between being able to maintain control of the network and providing convenient open access.
If you don't understand what issues could potentially arise are here are a few examples:
- Someone starts sending spam through your access point and your ISP threatens to (or just does, lots of ISP's have a 1 strike you're out policy for spam) shut down your account.
- Someone sends threatening or harassing email/icq/etc to someone and the police arrive on your door with a warrant.
- Someone hacks your neighbor's box (which accesses the net via your wireless access point) and starts hacking the DOD. See above re. police.
- Someone leaves napster open 24/7 while allowing 100 simultaneous downloads, pretty much flooding your available bandwidth and pissing your ISP off.
The point of this is not to scare people, the point is to show that there are real potential risks. I believe that these are all quite unlikely however it pays to prepare for the worst.
It is my belief that we need a method for controlling access to our wireless network. We don't have to use it, but we need to understand the problems involved and have a workable and deployed solution for when the situation arises. We know that the AccessControl methods that commercial AccessPoints provide are inadequate (MAC address filtering can be both snooped and spoofed fairly trivially and the shared key system that WEP provides will not scale in a community environment). Therefore we need to build something, my suggestion is the CaptivePortal system.
-- AdamShand --