October 18, 2006, 3:57 PM — Smart move or silly warning? That's up for debate: The California Legislature has asked Wi-Fi equipment makers to warn buyers of wireless LAN access points that strangers can tap into a wireless network that isn't password-protected.
A bill passed by the state Senate in August and slated to become effective in January would require any wireless access point for homes or small businesses to come with a warning. It could be a sticker or a page in the configuration software, for example, but the buyer must be forced to look at the warning before using the device. At press time, the bill had not reached Gov. Arnold Schwarzenegger but was expected to earn his approval.
"There needs to be a level of education and understanding out there about just how easy it is to access one of these systems," says Richard Stapler, spokesman for Assemblyman Fabian Núñez, who introduced the bill.
However, some analysts have pounced on the effort, which applies to products made after Oct. 1, 2007, as an unnecessary state regulation.
"To get the state involved with this is ridiculous," says Gartner Group analyst Ken Dulaney. "Don’t they have anything better to do?"
Dulaney says anyone using a wireless LAN should know someone else could tap into it, just as people buying a car should know they could get in a crash. And setup wizards for most wireless LAN products already address security, he says.
"It's one more crazy tax on suppliers" that ultimately will be passed on to consumers, he adds.
As for CIOs whose employees use wireless access points to reach the enterprise network from home, they should already assume that any network their employees use outside the office is unsecured, and make using a virtual private network mandatory, Dulaney says.