Skip to main content

A Good Use for Guest WiFi

One of the key concepts behind network security is segmentation. In short, if two devices don't need to talk to each other, they shouldn't be allowed to talk to each other. That way, if one device causes problems, you can contain it and keep the problem from spreading to other devices.

These days, many home WiFi routers include a "Guest WiFi" network. To use this, you create a separate WiFi network with a separate password, and your guests use that.

There are a few reasons to do this:

  • You can create a really good, really long password for your "real" network, and a short password that you change every time you have company over.
  • Most routers keep the devices on the guest network separate not just from the main network, but from each other. This means that if one of your guests has a phone or laptop with a virus on it, everyone else is (relatively) safe.
I realized, though, that there's a different, and perhaps better way to use this guest network. It's related to how the different devices in the house use the network.
  • Many devices need to see each other and talk to each other. My laptop needs to see the printer. My phone needs to see the Chromecast attached to the TV.
  • Some devices only need to get to the internet. My eBook readers (nook, kindle, etc.) only need to reach the companies that sell books. My work laptop only needs to reach the work VPN.  My smart TV needs to be able to reach Netflix and Google Play, but nothing else.
This means that there's a pretty easy way to make things secure. If a device only needs to see the internet, put it on the guest network, even if it's not a guest.  All of those networked "smart" devices can be put into a little silo where they can't talk to anything else.

There are some downsides to this plan. The biggest is that it's often more difficult to change the password on these devices than it is to change the password on a phone or laptop, so you might be tempted to keep the same password for longer. But, that might not be much of a problem. It comes down to how many visitors you have on your guest network.  Big parties every weekend, with the password posted on the refrigerator? It might be best to change that guest password every Monday.  An occasional trusted guest? Who really cares if a few close friends have your guest WiFi password, especially if they can't interact with anything else?

I'm not the partying type. Only a few friends have our guest WiFi password. So, it's not really a big deal if we keep the same password for a long time. And if I use that password for the TV, that's a bit more segmentation on the network, which makes it a bit more secure.

The feature's there. It makes things better, and it's not much of a hassle, so I might as well use it.

Comments

Post a Comment

Popular posts from this blog

The Virus By the Numbers

I'm writing this because there's some really insane stuff that's being said by people who should really know better, and I'm sick of discussing it one post or email at a time. So, this is my One Big Post that I'll point people toward rather than bringing it up again and again. In case you haven't noticed, we're in the middle of a pandemic. Just so that we're all using the same terminology:  The virus is Severe acute respiratory syndrome Coronavirus 2 . It's usually abbreviated SARS-CoV-2. It's a brand new kind of Coronavirus, so for a while, before it had this awkward name, people were calling it "novel coronavirus". (For the non-English speakers and D students, "novel" is another word for "new".) The disease that the virus causes is called Coronavirus Disease 2019 , and it's usually abbreviated COVID-19. It's called that because it was discovered in 2019. This came out of nowhere in China in late
Post a Comment
Read more

Audio upgrade: Schiit Fulla 2

I recently purchased a Schiit Fulla 2 . I was on the fence about it for a long time, but it's held up well, and I'm pretty happy with it. So, here's a small product review. I should probably mention that I'm generally skeptical about "audiophile" anything. I've known too many people who spend way too much money on voodoo like "oxygen-free speaker cables". This makes me reluctant to trust reviews or spend money on anything that I can't test for myself.  I've heard good audio. I go to concerts. I know what music is  supposed to  sound like, and it wasn't what I was getting from any of my computers, even with decent headphones, lossless audio codecs, etc. On the other hand, we have some  Sonos speakers , and with those speakers and a good audio source, music can sound really good. Since I wasn't getting that level of quality at the computer, it meant that there was something between the computer and my ears that was part of
Post a Comment
Read more

The Chromecast conceptual model

Google makes a device called Chromecast . It's a relatively inexpensive way to turn any TV into a "Smart" TV capable of playing movies or music. It's a clever bit of engineering, but I've run into a few people who have trouble understanding how they work. The key thing to understand is that the Chromecast is the device that's actually receiving and playing the movie (or whatever), and your phone is just the remote. Here's how the process works at a high level: You start watching a video on Youtube 30 seconds in, you decide that you'd like to watch the rest on your TV, so you press the "Cast" button. Your phone stops playing and tells the Chromecast "Get this video directly from Youtube and start playing at the 0:30 mark"  When your phone initially asks the Chromecast to start playing, it also specifies a "default thing" to do when the Chromecast is finished. If the Chromecast is playing a Youtube video, it might
Post a Comment
Read more