I'm thinking that the key here is that you have to manage to disassociate the two terms "Open WiFi" and "Unsecured Network". The real problem is that most of the (self agrandizing...) so called "Security Mavens" are really nothing more than (snake oil) salesmen that are really just pitching their own version of some (BS) Just-Click-Here... All-in-one security "Solution". Most of these are nothing more then a bloated placebo that will cripple the computer (i guess...) in the hopes that it will end up being too slow to catch anything... *Sigh*
Security is something that one practices, it is not just installed, forgotten, and then somehow completely and magically protects you from all "Evil". I'd be willing to bet prayer would work better then about half of the security software on the market today ... Because that would at least force the user to stop and reflect on what they were about to click on ... Which is what they should have been doing in the %&^$# first place.
Sorry I'm ranting a bit, but it just irks me
Back on Topic... Put down the Cookie Cutter and grab a Pen.
The question you have to ask is this: What am I trying to protect, and from whom? Sure you can lock your home network down like Ft Knox, but is it really necessary? First thing to do is evaluate your environment. A typical WAP has an effective range of approx 300'. So if you live on a 100 acre ranch... Then I'd say Wide Open is reasonably safe. On the other hand, if you live in an apartment building with 400 neighbors right on top of you... Then you should probably think about making things a bit harder to get to. Do you live in a gated community, know all your neighbors, and have been on a first name basis with them for years? Well...? (no risk)
Security and performance go hand in hand... in a tuggle-war. If you add encryption to anything it gets bigger, the "Pipe" however is a fixed size. So the more encryption you add the less actual (payload) data you get. On a 100Mb network the maximum packet size is 1500 bytes, encrypted packets don't get to be bigger, so the payload (of your actual data) inside the packet must be made smaller. This repackaging of the traffic is why high-end commercial routers (are so pricey) require tons of processing power to keep up with the load. Even with out any encryption, you're still dealing with the transmission overhead of TCP/IP which is approx 33% e.g. while the wire may be "seeing" 100Mb if "traffic" only 66% of that is the data that you were stuffing up the wire. There's a "cost" to everything.
Okay, So let's say Evil Doer X has gotten connected to your WiFi! What can X really do? Can he see your (Uber Secret) files? Only if you have them in a shared folder. Do you have shared folders? Do you really know exactly which folders are shared? Are ALL accounts protected by a proper password? (While I would never actually recommend this...) On a (post Service Pack 2) Windows XP network it is theoretically safer to use a blank password, then a simple password (like your address, birthday, or dog's name) because Windows will automatically refuse network access to any account that does not have a password.
I had an uptight client once that refused to give me her password, even though her company was paying me $90 an hour to have to track her down every Min while I was troubleshooting their network. I got tired of that crap in short order, So... I simply stood by her desk slightly behind her so I could watch her hands and glean the first character of her (lightning fingered) password entry (and counted the key strokes). The next time I needed to get into the machine after she had disappeared (again), I simply looked around her desk for inspiration, and quickly focused on a picture of her boyfriend. His name was not only on the frame...but started with the first letter she had typed...and was exactly the same length! Needless to say I was in the machine in a flash, and for those that just must know... Her boyfriend's name was... roy. LOL I do this quite frequently and it almost always works.
The moral of the story? Never Use Simple PassWords! Seven characters can be extremely secure if (and only if) they are chosen wisely. Use a mnemonic to remember something that is meaningful to only you i.e. The title to my favorite book: tHiGy42 <-Can you tell me the books name?)
But what if Evil Doer X is surfing Kiddie Porn?!? Well, unless you live by a grade school it's unlikely... But seriously here's another (from the trenches) example:
One of my staff came to me one day and was quite upset. It seems he was working on a client's machine and came across a group of pictures of a completely naked 10 year old girl. Out of courtesy I simply walked up to the Company President's office to inform her of why the cops were about to show up...
Now personally I enjoy molesting "Sacred Cows", but children are best kept safe and Innocent for as long as possible. I have Zero sense of humor about that sort of thing.
The cops on the other hand... Went through a long (read 4 hour) protracted diatribe about the difference between Child Pornography (which they do put you in jail for), and Child Erotica, which is bizarrely not illegal. Nine cops later it was decided that the material was not prosecutable, and they told us to just give the guy his computer back! I frankly am still royally pissed about this! Which is part of why I'm sharing the story with you.
Now just because "they" don't tend to arrest you for this type of (sick) behavior obviously doesn't make it right. but it should serve to temper the edge on the (spin-doctored) panic associated. ...And if it makes you feel like writing a letter to a public official. Hay, that's good too!
In a nut shell if you really want full performance of your WiFi, and you don't want "bad people" using it while you're at work ... Just unplug the damn thing.
