Policy —

Would you give the government remote control over your router?

Proposed “emergency switch” would turn private routers into public resource.

Researchers want to use your wireless router to improve wireless communication abilities of emergency responders.
Researchers want to use your wireless router to improve wireless communication abilities of emergency responders.

Well-meaning proposals sometimes have a way of raising troubling questions. Case in point: A team of wireless researchers in Germany proposed a way to improve the communications abilities of first responders, the brave people who rush into disastrous situations to help save the victims.

But the proposal hinges on something many private citizens and privacy or security advocates will likely find uncomfortable: creating an “emergency switch” that lets government employees disable the security mechanisms in the wireless routers people have set up in their own homes. This would allow first responders to use all the routers within range to enhance the capabilities of the mesh networks that allow them to communicate with each other. In a mesh network, each node or device can route traffic to the other devices on the network through a series of hops. Adding devices (in this case wireless routers) thus improves the network's stability and performance.

The residents’ wireless traffic would still remain private, in theory. Wireless routers already support a technology that might make the idea feasible—the creation of guest networks that home owners can use to grant visitors access to the Internet. But the proposal—laid out in a new paper in the peer-reviewed International Journal of Mobile Network Design and Innovation—suggests allowing public safety officials the right to remotely activate an emergency mode making similar guest access available to them. The paper is also described in a press release titled “Your wireless router could save lives in an emergency.”

The paper acknowledges privacy and security concerns, although just how abuse can be prevented isn’t really spelled out.

“The emergency switch is meant to disable the security protocols and allow public access to the wireless router,” says the team led by PhD student Kamill Panitzek of Technische Universität Darmstadt in Germany (he's also a research associate at the university’s Telecooperation Lab). “It can only be part of the network if it is open to all users and offers its resources. Abuse of such a network must be avoided at all cost. Therefore this network should be isolated from the citizen’s home network to protect people’s privacy. This goal could be easily accomplished as it is already today possible to install a home network and a guest network in parallel to grant Internet access to visitors.”

Panitzek believes this can be achieved through firmware updates sent to routers, and won't require new hardware. A wireless mesh network would be created on top of the privately owned routers, acting as a “backbone in case of a disaster,” and filling the “communication gap between the incident site and the command center," the paper states. The press release notes that cell phones can connect to each other in mesh networks, and could thus continue to be used when cellular networks are congested or unavailable.

While the paper’s proposal is dependent on the existence of the “emergency switch,” it focuses less on how to create the switch than on research demonstrating the utility of it. The researchers studied the density of wireless routers in their hometown of Darmstadt, using an Android application that detects available networks. The conclusion was that using private routers would dramatically improve network performance and resiliency in the emergency responders’ mesh network.

But is it wise?

After reading the paper, we exchanged e-mails with Panitzek to get more details on the emergency switch concept. We also talked to security expert Bruce Schneier and the makers of DD-WRT router firmware to get opinions on whether such an emergency switch would be feasible and/or desirable.

Schneier was troubled by the idea, comparing it to the so-called Internet kill switch, which would let the government shut down the Internet in case of a major cyber attack.

“The problems are the same,” Schneier told Ars. “Once you build such a system, you have to build the security to ensure that only the good guys use it. And that's not an easy task. It is far more secure not to have the capabilities in the first place.”

We’ve tried to find out whether anyone is working on such a product by contacting the industry group the WiFi Alliance, as well as router and wireless chip makers like Cisco and Broadcom, but haven’t been able to get any firm answers. Cisco’s public relations group told us the company was not aware of the research, and that it is not aware of anyone at Cisco “involved in assessing the feasibility of this type of emergency takeover of a network.”

So while the “emergency switch" may only exist on paper, DD-WRT CEO Peter Steinhäuser told us it wouldn’t be all that difficult to achieve on a technical level.

“With today's technology, it's pretty simple because it's (as mentioned) very similar to a Guest Network,” Steinhäuser said. One unanswered question Steinhäuser raised is “What's more likely, breakdown of public communication or public power supply?” He also said the question of how to trigger the emergency mode seems unanswered.

Panitzek told us that “the triggering of the emergency mode is a technical detail which we did not focus on in our study. Secure triggering of emergency mode is important for the realization of our idea but remains [for] future research.”

Why is the emergency mode necessary, given that emergency responders already have wireless communication technologies? In the US, the 4.9GHz band is already designated for public safety. But adding nodes to the network can still strengthen communication.

Panitzek explains: “The proposed emergency switch would not provide the only means for communication to first responders but a supportive infrastructure as stated in our paper. The routers would form a mesh network to assist the mesh network [that] first responders would create with their own devices and therefore increase network coverage, and also quality of communication service. Internet access could be provided through such an infrastructure as well if needed. This could be done by single network nodes with Internet access deployed by first responders."

Panitzek’s research paper notes a precedent that might show how such an emergency network could work. The German city of Aachen, a local university, and businesses provided free mobile Internet connectivity through a project in which participants shared their wireless routers—voluntarily—to increase network coverage.

In this project, “the data traffic of mobile users is tunneled to their own homes to protect owners of the routers from illegal usage and law infringements," Panitzek and his research team wrote. "This ensures that all Internet usage is bound to the right users’ identities. In addition, mobile users are protected by encrypting the wireless communication between user and the router.”

Potential for abuse

An emergency switch would only be effective if private wireless routers were capable of being joined to emergency networks in large numbers. But from a privacy standpoint, we think it should be voluntary on the part of users, if it is ever implemented at all. Deploying the system widely might require intrusive legislation, and software upgrades by router manufacturers that forcibly take away users’ administrative control is something we’re not a fan of, either.

When asked if it would be legal for emergency responders to have control over private routers, Panitzek acknowledged that it may be a gray area. “We know of security and law problems associated with such an emergency switch,” he told us. “But the technological realization, the social implications, and the societal acceptance, as well as the legal implications of such an emergency switch, are subject to future research.”

While improving wireless communication abilities of emergency responders is a worthy goal, we think this particular idea could raise more problems than it solves.

Channel Ars Technica