Wednesday, October 26, 2016

How should home router owners protect themselves from potential downstream liability issues?

Parents, or people who take on roommates or housemates, or rent out rooms in a home, or who even may offer more radical services like housing asylum seekers, might be concerned about the possibility that others could misuse their routers for illegal purposes.  These could result, for example, in getting warnings from an ISP about copyright infringement or, in more extreme cases, child pornography, which can be detected automatically by places like NCMEC.

Most abuses, if they happen, are likely to have occurred through P2P file sharing or services like BitTorrent.

Can property owners protect themselves by monitoring router traffic?

This sounds like a topic about which there is mixed advice around.

ISP’s like Xfinity certainly have a record of all the IP addresses accessed by your router, but they don’t appear that easy to get at, at least according to this article.

Xfinity now sends combined router-modem units that take about an hour to set up.  The process does work if you follow the directions exactly.  You should wind up with a strong password (which you should save off line even in hardcopy) and WPA2 security standards.  This is supposed to be OK.

You can implement a modern anti-virus package that screens websites.  Right now, Kaspersky and Trend seem to be the strictest in protecting users from drive-by sites.  But “the best” changes every year, with every visit to Best Buy and Geek Squad.

One idea could be to install OpenDNS (and here).  But this does not appear to be possible at the router level if you have a combined unit. However it can be installed on individual computers, and may offer  more protection against illegal activity than standard anti virus.

OpenDNS at the router level, if possible, could protect the homeowner from incidents where someone outside the home somehow hacks into the router.  This may be more of an issue in apartments and condos (as has resulted in arrests of renters in Florida and New York State on at least two rare occasions).  In detached homes, good home security goes along with cybersecurity:  enforcing parking regulations, for example, in the neighborhood.

The downstream legal liability that a router owner could have for misuse, especially if the router owner was careless about security settings or did not install the router properly, is still a troubling and uncertain area.

This is a rapidly evolving topic.

Update: Jan.14, 2017

Further checks show that it can be done at the router level, but not all routers supplied by cable companies allow it.  It's possible to "piggyback", and it may be possible in a guest account.  I'm looking further.  The same concerns will exist for disabling P2P.

No comments: