I also have the same problem as Lucile. I would like to talk to my neighbour that has the unsecured network but I have so many neighbours because I am surrounded by apartments. Is there a way to know what neighbour owns netgear connection? if not, is asking all my neighbors the only way to know? I would like to share expenses is that's possible. I discovered the open connection last monday.

Juanito, I don't think you'll be able to locate who, exactly, you are connecting to unless all your neighbors are using different SSIDs. I bet they are not, because most people just plug the equipment in, and if it starts to work for them, they happily use it. They will not try to "configure" the software that runs the equipment further. Probably, you are connecting to the person who offers the strongest signal strength. That is probably the person who is closest to you physically. But, weather conditions can change all that. You could connect to someone far away if the weather is right for it. It is very hard to know for sure, unless you know the SSID which is also called the "network name" or "network", and if every SSID is different in the neighborhood. Why not just stay quiet about it, say nothing, because I think some people could take advantage of you.

Bob Cochran

I think everyone is missing a very important point. If you are using an unknown connection, you can never do anything secure on it. If you connect through someone else's equipment, they could be logging everything you do. It wouldn't be too hard for someone to lift a few passwords and other sensitive information from the data stream. Everyone needs to keep in mind this simple rule of thumb: "If you don't know the source of the connection, assume that it is 100% insecure."

Juanito, I would just get a connection of your own. Wireless routers are very inexpensive these days. You can get a high-speed wireless router for less than $50 if you shop around. I would recommend checking out NewEgg (they are US-only though). Just be sure to secure your connection after you set up the router. Here are a few tips that will help you secure your wireless network. Don't disable the SSID broadcast though. Everyone recommends that you do, but if you do, Windows XP won't find the network.

You are wrong about some of your premises. First of all, all https web connections which are backed with a security certificate are in fact encrypted and secure. That is because the browser encrypts transactions to the public key of the target server. It doesn't matter if the wireless encryption itself is insecure; an https connection is always secure, regardless of the medium.

Likewise, encrypted emails, ssh (secure shell), scp (secure copy), and other forms of secure traffic are always encrypted in one manner or another. It doesn't matter what the physical transport medium is.

Unencrypted (cleartext) traffic can be seen over the internet all the time, whether or not a wireless connection is used. A datagram sent over a wired connection does not guarantee privacy because the datagram is bounced from point to point over the Internet, in cleartext. Anyone with a packet sniffer can snoop. Anyone!

The use of WEP, WPA, or WPA2 in wireless communications is more to protect your wireless connection from being used by rogue clients -- freeloaders. It is used only between wireless devices. For that reason it has limited utility. Datagrams are decrypted at the recieving end and treated as cleartext. The datagram will be decrypted before it is routed on the public Internet, and will travel it in cleartext. That is different from an https, encrypted datagram which does travel the internet encrypted until the target server/client decrypts the datagram.

You are also incorrect that Windows will not find a wireless network that is not broadcasting the SSID. It will; you just need to explicitly tell Windows the SSID you want. I routinely connect wireless Windows XP and Windows 98 devices to networks where SSID broadcasting is disabled.
Turning off SSID broadcasting will discourage the freeloaders who are looking for easily caught wireless connections. However, a determined person can simply use AirSnort to find the SSID of the network. There are lots of determined people out there. These folks are the ones you want to discourage by using WEP, WPA, or WPA2 to encrypt datagrams sent over the network.

That's interesting that you got XP to work with SSID turned off. I tried for a few hours to get one of my machines to find my router with the SSID broadcast turned off (even when I explicitly defined the SSID). I found a page on microsoft.com that indicated that it had to be on in order to connect. I wish I could find that page again.

As for the encryption keys, you're correct. My point is that a person could log any data that goes through their connection. Not everyone knows what is secure and what is not. Most people wouldn't know a forged SSL certificate even if their browser gave them twenty dialog boxes that warned them that they shouldn't click "OK". There is also a possibility that the conneciton will have false DNS responses that point to fake sites. I know that the odds of this occuring are extremely remote, but they are possible. The fact is that people can very convincingly lie to you and your computer if they control the data flow. I know if I was a malicious person, I could cause all sorts of problems with everyone who tried to freeload off of me.

With some wifi radios, you cannot configure the network parameters using Windows XP's built in configuration utility. Instead, you use the client software that comes with the hardware for configuration. This is true of some Broadcom wifi packages. I've never had a problem connecting any hardware (Broadcom, Atheros, Prism54 etc chipsets) solely because the SSID was turned off. In fact turning it off is a routine step for me. You can learn more about doing wireless configuration by reading Jeff Duntemann's Wifi Guide (2nd Edition). It is a little dated now and the author is really preachy and has a tone that can turn you off fast. But the book is worth reading.