Broadband News
News, views and analysis
TalkTalk: disconnection plans punish the innocent
15 Oct 2009 | 21.00 Europe/London
Peter Mandelson's plans to crack down on illegal file-sharing have a critical flaw, according to a senior exec. at TalkTalk. Andrew Heaney, the group's Executive Director of Strategy and Regulation, says the ease of hacking Wi-Fi broadband connections on the average UK street means millions of people would be left at risk to "superhighway robbery."
While even France has declared broadband access a human right during its spirited flirtation with the three-strikes law - and countries like Finland manage to promise their citizens broadband access for all - the British Government is still considering cutting off illegal file-sharers. With Lord Carter's original blueprint for Digital Britain ruling out such a move, the change of heart is blamed on dark Lord Mandelson, who's taken over at the ideological healm of the project. However, TalkTalk's been arguing that cutting off suspected pirates would be "completely unworkable" - and it's now actually done a little investigative work to prove it.
The firm sent one of its "internet security experts" to a residential area of Middlesex, somewhat fittingly called "The Highway." He found that more than one in three of the Wi-Fi connections on offer - twenty-three in total - was susceptible to hacking because it was either completely unsecured or merely relied on WEP technology which, as Mr. Andrew Heaney says, "many users think is secure but is in fact easily hackable by anyone with a laptop computer."
To try and prove TalkTalk's point beyond dispute, the expert went to extreme lengths: downloading a Barry Manilow song (don't worry kids, you can try this at home - it was taken from a legal source). And while their man had ample choice of Wi-Fi connections to piggyback off of, he could soon have yet more. While sixty-eight per cent of the connections on the street were defended by WPA security, a vulnerability in this protection has already been discovered. Only one of the households used the strongest security at its disposal: WPA2.
"Scarily, The Highway is actually comparatively well protected," Mr. Heaney says. "Our expert conducted a Wi-Fi survey of central Ealing in West London on 11th October and found that forty-one per cent of one thousand and eighty-three Wi-Fi networks were vulnerable to unauthorised use. The clear implication is that millions of people would be at risk of superhighway robbery under Mandelson’s plans."
TalkTalk's stance is that attempting to implement something akin to the three-strikes rule in the UK will encourage Wi-Fi hacking - and even PC hijacking. The knock-on effect is that more and more innocent people will be accused of breaking the law and face punishment for a crime they didn't commit. "Consumer organisations such as Which? have been contacted by hundreds of people who have been wrongly accused of filesharing using a similar method to the one Mandelson is suggesting," Heaney adds. "The risk of innocent people being disconnected is not hypothetical."
The obvious conclusion to draw here is that a three-strikes policy is actually in total contraction to the ethos Digital Britain. After all, if the whole point is to get more people online - including those who may not have even used a computer before and may be most vulnerable to hacking and hijacking - could the Government afford to disconnect them so readily? It would certainly fly in the face of Martha Lane Fox and her broadband "people's taskforce."
But the opportunity does actually exist for ISPs to step in and protect the innocent. For instance, the router this article will be uploaded through was issued by Tiscali - now part of the TalkTalk Group - and is set up for WPA2 by default; it has a password printed on the bottom to make setting it up foolproof, even for the casual PC user. TalkTalk may have a persuasive argument but it's not bulletproof - and this battle still has a long way to go before it's won or lost.
While even France has declared broadband access a human right during its spirited flirtation with the three-strikes law - and countries like Finland manage to promise their citizens broadband access for all - the British Government is still considering cutting off illegal file-sharers. With Lord Carter's original blueprint for Digital Britain ruling out such a move, the change of heart is blamed on dark Lord Mandelson, who's taken over at the ideological healm of the project. However, TalkTalk's been arguing that cutting off suspected pirates would be "completely unworkable" - and it's now actually done a little investigative work to prove it.
The firm sent one of its "internet security experts" to a residential area of Middlesex, somewhat fittingly called "The Highway." He found that more than one in three of the Wi-Fi connections on offer - twenty-three in total - was susceptible to hacking because it was either completely unsecured or merely relied on WEP technology which, as Mr. Andrew Heaney says, "many users think is secure but is in fact easily hackable by anyone with a laptop computer."
To try and prove TalkTalk's point beyond dispute, the expert went to extreme lengths: downloading a Barry Manilow song (don't worry kids, you can try this at home - it was taken from a legal source). And while their man had ample choice of Wi-Fi connections to piggyback off of, he could soon have yet more. While sixty-eight per cent of the connections on the street were defended by WPA security, a vulnerability in this protection has already been discovered. Only one of the households used the strongest security at its disposal: WPA2.
"Scarily, The Highway is actually comparatively well protected," Mr. Heaney says. "Our expert conducted a Wi-Fi survey of central Ealing in West London on 11th October and found that forty-one per cent of one thousand and eighty-three Wi-Fi networks were vulnerable to unauthorised use. The clear implication is that millions of people would be at risk of superhighway robbery under Mandelson’s plans."
TalkTalk's stance is that attempting to implement something akin to the three-strikes rule in the UK will encourage Wi-Fi hacking - and even PC hijacking. The knock-on effect is that more and more innocent people will be accused of breaking the law and face punishment for a crime they didn't commit. "Consumer organisations such as Which? have been contacted by hundreds of people who have been wrongly accused of filesharing using a similar method to the one Mandelson is suggesting," Heaney adds. "The risk of innocent people being disconnected is not hypothetical."
The obvious conclusion to draw here is that a three-strikes policy is actually in total contraction to the ethos Digital Britain. After all, if the whole point is to get more people online - including those who may not have even used a computer before and may be most vulnerable to hacking and hijacking - could the Government afford to disconnect them so readily? It would certainly fly in the face of Martha Lane Fox and her broadband "people's taskforce."
But the opportunity does actually exist for ISPs to step in and protect the innocent. For instance, the router this article will be uploaded through was issued by Tiscali - now part of the TalkTalk Group - and is set up for WPA2 by default; it has a password printed on the bottom to make setting it up foolproof, even for the casual PC user. TalkTalk may have a persuasive argument but it's not bulletproof - and this battle still has a long way to go before it's won or lost.