A couple of days ago I mentioned my reasoning for not running an open WiFi network. Funny enough the Electronic Frontier Foundation (EFF) posted an article about why one should run an open WiFi network. As I said in my previous post on the matter I would like to run an open WiFi network so those who needed WiFi access could get it but I don’t want to deal with the fact anything an anonymous person accessed on my open network would appear as though I accessed it.
This has lead me to ponder a means of setting up an open WiFi network that could be publicly used while keeping my traffic secure, separate, and not having anything a third party does on my network reflect badly on myself. What follows is the solution I’ve thought up so far with no real concern yet for implementation.
Obviously I want my wireless traffic to be encrypted as I value my privacy. This is easy enough to do with good old WiFi Protected Access (WPA) using a strong key. Thus ideally I would have two access points, one open for third party use and one secured for my use. The other feature I would desire is keeping the publicly accessible network completely separate from my private network. This is easy enough to accomplish by using a gateway device with Virtual Local Area Network (VLAN) capabilities. I could setup one VLAN for the public network and another for my private network which would prevent the public network from talking to my private network.
The final and most difficult requirement is avoiding any legal ramifications that could be directed at me because of the web traffic generated by a third party. Like many network problems requiring anonymity I believe I’ve found my answer in the form of the Tor project. Tor is a network that can be used to anonymously access the Internet. Anonymity is achieved by encrypting all traffic and bouncing it between multiple nodes until that traffic reaches an exit point and is decrypted and sent to its destination. The benefit for me is the fact you can’t trace the source of any data going across the Tor network back to either its source or destination meaning anything accessed on my public network wouldn’t reflect on me.
What I would need to setup is a mechanism of ensuring all traffic that goes across my public network would be sent through the Tor network (not really the intended use of Tor I realize but alas it fits my needs here). I would want to set it up in a manner where inability to connect to the Tor network would disable the public network from reaching the Internet. This wouldn’t be difficult once I actually setup the Tor gateway system. There would likely be a problem of a slow connection as the Tor network isn’t speedy but honestly I don’t care, you get what you pay for. Likewise multiple peoples’ traffic would be going through a single Tor relay but again that’s not my problem nor is the fact I can’t control what happens at the Tor exit node my problem.
So this is my initial proposal for setting up a publicly accessible WiFi network without having to worry myself with personal security or the actions taken by those accessing my public network. I’ll probably investigate this a bit more and may even try to setup a trial and see how it turns out. Or I may instead do something else and leave this proposal untested and assume somebody will like the idea, implement it, and tell me how it worked out for them.