ISP’s To Register All WIFI Users – DoT
Department of Telecommunication (DOT) has instructed the Internet service providers ( ISP’s ) to register all the WIFI users in its network. The regulation is aimed to prevent unauthorized WIFI usage. Many recent terrorist activities using unsecured WIFI networks to send mails led DOT to chalk this new regulation.
DOT has ordered the ISP’s to register the customer’s using WIFI connection and store the details in a centralized server to prevent unauthorized persons from accessing internet from a hotspot. According to a DOT official “Insecure Wi-Fi networks are capable of being misused by anti-social elements without leaving any trail. Therefore, DOT has instructed ISPs to follow a procedure for securing Wi-Fi networks in the country,” .
What does it mean for users?
Using a HOTSPOT network will not be as simple as it is now and user cannot access internet just by walking into a hotel , coffeeshop or airport.Customers have to prove their identity and provide proof before using the services. ISP’s can offer bulk userid’s and passwords at each hotspot. DOT has also strongly asked to disallow multiple logins i.e. only one user can use a userid at a time. No new connections can be activated before registration with the ISP’s.
Even home users who have deployed WIFI networks at home will have to register with the ISP before using internet by June 23.
What does it mean for ISP’s?
These guidelines may be tough to implement as ISP’s have to invest heavily to adhere to the guideline and all ISP’s don’t have the required infrastructure to support the same. According to Rajesh Chharia, President, Internet Service Providers Association of India “We support the Government in its efforts to secure the country but there are costs involved here, which may not be possible for all ISPs to bear. In other countries, the Government usually invests on its technology and in setting up processes but here ISPs have to bear the cost of setting up a central authentication mechanism,”
Is this really possible:
Important question is how far is it practically possible , since WIFI uses unlicensed frequency band there is no way for ISP’s to check if the user to which it is providing service is using WIFI network or not. As per the methods known it is not possible for the ISP to determine if the user is using WIFI at home or not unless the ISP plugs some new device which is an additional cost to the ISP or the user.
Will it be really beneficial:
An important question is how beneficial will this proposal be, As per the news reports the WIFI network used in terrorist activities was hacked in most cases i.e. it had a username/password security but hacker cracked into the network by hacking it which is also possible after this proposal.
Only way possible for making this proposal serve the purpose is to also register the user’s MAC address , which is unique for a computer and only let users with registered MAC access internet but this means a lot of infrastructure upgrade on the ISP end. If this is implemented it can also benefit the raising concern of laptop theft as any laptop theft can be tracked when it connects to the internet and can be located easily.
In the end it seems a great idea with many loopholes which need to covered before it is implemented.
If you enjoyed this post, make sure you subscribe to our RSS Feed OR Email Alerts!
At the closing suggestion. I dont how much this is valid, but I think MAC Addresses can be changed too. This is what we used to do in college to access the internet of a different hostel. Lately Ive seen a trend that the direct option is not given in computers / laptops today but they can still be changed by registry and some softwares.
(Check the wiki link that you gave. It too says that changing MAC address is possible)
I agree but thats the best thing we can rely on and if one has changed the MAC addresses,he can be tracked easily unless one has changed hardware or used very advanced hacking techniques. Which atleast puts 99% people out of the circle.
Well, the whole point of capturing all these details is to capture the 1% or less people who will misuse it. You have to assume that the people who are going to use the www to further terrorist activities, will have a bare minimum training on what to do. It is not record keeping which will suffice by using something that works for 99%.
Sadly, all this nonsense is very short-sighted. ISP’s need to enable logging at one level, and then another level of logging/monitoring at the peering level – DoT, etc. It seems most of these committees have Vijay Mukhi as adviser. Why cant the DoT form a little discussion group drawn from companies that make a living out of security? Or collab with other governments which have tried something similar?
Wifi registrations are just Stupid.
I dont know how much this might help the authorities catching the terrorists. But certainly it might help in tracking user behaviour which can be used in advertising.. Read Behavioural Advertising.