'

Is Wi-Fi- too insecure?

Security experts caution that widespread Wi-Fi can equal widespread risk.

In a big technology spread on San Francisco's and Philadelphia's municipal Wi-Fi efforts, the San Francisco Chronicle's Verne Kopytoff, who seems to specialize in writing about the negatives of San Francisco's plan (see "City Wi-Fi chills telecoms" on SFGate), talks to security experts about the dangers of Wi-Fi.

"The FBI views wireless networks as very insecure," said LaRae Quy, a spokeswoman for the FBI's Northern California office. "Software allows you to set up security, but most people leave it open."

"It only takes a few extra steps to make it secure," she added. "But even it you take the extra steps, a skilled hacker can get into the system.

In its proposal to San Francisco, Earthlink proposed providing WAP-enabled antennas to all users, which would ensure that communications were encrypted. Another solution is to create a citywide virtual private network. But such software can be tricky to set up for novice users, a key constituency for the city. Finally there's the problem of evil twins - lookalike wireless networks where bad guys can watch all the traffic.

Users would simply see a connection such as "SFMuni" on their screen. They would then log onto it without realizing that it is actually a doppelganger to a city connection with the same name.

As users surf the Web, an evil twin hacker can collect credit card numbers. Downloading a special desktop security program - which [Post-X CEO Cacey] Ullman's company and a few others sell -- is one of the few protections.

"I, for one, would love to have free, blanketed Wi-Fi," Ullman said. "People just need to keep in mind about what kind of activities they do on it."