July 1, 2015 By Douglas Bonderud 2 min read

When tech companies want to dig deep and innovate, they hole up in Silicon Valley. When it’s time to make headlines, however, there’s a different destination: New York City. Search giant Google is the latest to roll out a new project in the Big Apple with the launch of LinkNYC, which aims to repurpose more than 10,000 payphones and turn them into so-called Wi-Fi pylons.

According to The Hacker News, the first of these free Wi-Fi hubs will roll out this September, offering an alternative to slow and often expensive cellular connections. The project is ambitious, and the company hopes to duplicate the results elsewhere if successful, but it’s a little short on details. With so many hubs available and a massive amount of users answering the call of free Wi-Fi, will access trump the voice of security?

Google Has Long-Distance Plans

The new Google initiative is spearheaded by one of its subsidiaries, Sidewalk Labs, which was tasked with making the winning entry of New York’s “Reinvent Payphones Design Challenge” a reality. The idea behind LinkNYC is simple: Rather than destroying payphone booths with expired service contracts, why not take their communications function to the next level? According to The Guardian, these “21st-century information portals” will offer free Wi-Fi to anyone within 150 feet and will even include mobile device chargers. What’s more, the booths would feature an interactive screen with Internet access and also provide free nationwide and local calling.

Of course, all this conversion isn’t without cost, but the plan is to advertise on the side of each Wi-Fi pylon to offset the spend necessary to fully outfit these hubs. Early estimates put the price tag at around $200 million to convert all 10,000 city booths over the next 12 years, with advertising projected to rake in at least $500 million for the city during the same period. The result? This looks good on paper, with no downside for the city, the public or Google — which wants to take the service to spots across the U.S. and the world if NYC trials are a success.

Who’s Watching the Wi-Fi?

Light Reading, however, asked an important question: Who’s feeding fiber connections to all of these hotspots? Google Fiber is the likely front-runner, but initial reports suggested that Transit Wireless, which handles Wi-Fi for New York City subway stations, would take care of the infrastructure. They’re no longer listed on the LinkNYC page, however, and Sidewalk Labs has nothing to add. It’s likely that an announcement will be made soon, but the knowledge gap brings up the important question of security.

There’s no word yet on what kind of encryption Google will use for its new network, or what steps will be taken to prevent malicious actors from physically compromising a LinkNYC booth. In effect, it’s the concern over Internet of Things (IoT) technologies writ large: An attacker could theoretically infect even one hub with malware, in turn attacking any connected devices and potentially spreading to other hubs as users move through the city.

Worst case? Citizens themselves become a kind of botnet, infecting and reinfecting their own wireless network. Is this likely? No. But investors and the public are right to ask questions: Who’s providing the infrastructure, who’s managing threat events and, ultimately — especially if this project proves as lucrative as predicted — who’s watching the Wi-Fi in cities across America?

Free Wi-Fi is coming to the streets of New York, with old phone booths given a new lease on life. Access, however, is front and center, with security on hold; time will tell if Google can effectively manage a conference call.

More from

CISA hit by hackers, key systems taken offline

3 min read - The Cybersecurity and Infrastructure Security Agency (CISA) — responsible for cybersecurity and infrastructure protection across all levels of the United States government — has been hacked.“About a month ago, CISA identified activity indicating the exploitation of vulnerabilities in Ivanti products the agency uses,” a CISA spokesperson announced.In late February, CISA had already issued a warning that cyber threat actors are exploiting previously identified vulnerabilities in Ivanti Connect Secure and Ivanti Policy Secure gateways. Ivanti Connect Secure is a widely deployed…

Cloud security evolution: Years of progress and challenges

7 min read - Over a decade since its advent, cloud computing continues to enable organizational agility through scalability, efficiency and resilience. As clients shift from early experiments to strategic workloads, persistent security gaps demand urgent attention even as providers expand infrastructure safeguards.The prevalence of cloud-native services has grown exponentially over the past decade, with cloud providers consistently introducing a multitude of new services at an impressive pace. Now, the contemporary cloud environment is not only larger but also more diverse. Unfortunately, that size…

PixPirate: The Brazilian financial malware you can’t see

10 min read - Malicious software always aims to stay hidden, making itself invisible so the victims can’t detect it. The constantly mutating PixPirate malware has taken that strategy to a new extreme. PixPirate is a sophisticated financial remote access trojan (RAT) malware that heavily utilizes anti-research techniques. This malware’s infection vector is based on two malicious apps: a downloader and a droppee. Operating together, these two apps communicate with each other to execute the fraud. So far, IBM Trusteer researchers have observed this…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today