Beta

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Promiscuity And Wireless LANs

CmdrTaco posted more than 13 years ago | from the cruising-on-someone-else's-wire dept.

Technology 183

VB writes: "I saw this article at ZDNet "cleverly" entitled Hackers poised to land at wireless AirPort. We've probably all seen this coming, but, I'd be curious to see what people think about the possibility of securing a network that sends data through the air. What about promiscuous mode devices within range of transmitters, or satellite communications?"

cancel ×

183 comments

Sorry! There are no comments related to the filter you selected.

Security on wireless LANs (2)

frog51 (51816) | more than 13 years ago | (#456440)

This is really the same problem as always: if you set the LAN up correctly it is pretty secure, but out of the box it isn't. The cheap 802.11 Frequency Hopping stuff is easy to monitor - strong signal strength, known hop sequences etc, but if you use 128 bit WEP, Access Control Lists and encryption over IP (IPsec or others) then you are not too open. Go to 802.11b Direct Sequence and unless you have the correct chipping set, you can often find the signal is at a lower level than ambient RF noise, which adds to the intruders problems

Anyone who allows broadcast ESS ID's or unknown MAC addresses into their network is just asking for trouble. That is like allowing an intruder to patch straight into your hub!

Follow the instructions and you make the hackers task harder - never impossible - but make it too annoying or too time-consuming and they will go on to easier targets.


Frog51

Left the crypto people out (1)

dachshund (300733) | more than 13 years ago | (#456441)

The problem, as the article seems to say, is that the people who developed the standard left the crypto people out of the process. That seems to me to have been a pretty stupid decision.

As an aside, taking a cab through New York with an iPaq and a Wavelan card, it's pretty amazing how many 802.11 LANs you'll pick up (I counted 6 in 40 blocks). I assume I was only getting the unencrypted ones, but if it is really easy to crack the WEP protected ones, this standard is probably going to disappear fast from business use. Or something.

Re:M3 31337 h4x0r! (2)

Rader (40041) | more than 13 years ago | (#456444)

If only I had a neighbor with more mp3's.

Rader

Re:Wireless Worthlessness (2)

Rader (40041) | more than 13 years ago | (#456447)

Why not email everyone a copy of everyone's salary while you're at it :!

Rader

Re:Wireless Worthlessness (2)

CrayDrygu (56003) | more than 13 years ago | (#456449)

Why not email everyone a copy of everyone's salary while you're at it

Actually, if this is a public school, that's already public information anyway.

--

Excessive paranoia (2)

FallLine (12211) | more than 13 years ago | (#456451)

It's not that easy, especially if WEP is employed. Combine this with a decent VPN encryption algorithm and you have pretty decent effective security--especially if your name is Joe Schmoe. Who really wants to break into your dialup network when there are much better and softer targets out there? What's more, if you're using your network primarily to access the internet, the threat from the internet is far greater than the threat from the wireless side. If you think any and all encryption that can be employed on a wireless setup is "worthless", then the internet should be similarly worthless.

Also, if your name is Joe Schmoe, I suspect the physical security of your person, your home, your car, and other personal property is of greater concern, yet I doubt you expend the same amount of paranoic energy at them.

Re:Or encryption? (2)

BeBoxer (14448) | more than 13 years ago | (#456453)

A few corrections.

Number one is correct. This is the hardest part of getting WEP to work, and also the biggest vulnerability (social engineering of the WEP keys)

On two, you should read the referenced article. All of the weaknesses they discovered are independant of the size of the encryption key. They are just as valid for 1024 bit keys as 8 bit keys. The main problems are the too small (24-bit) IV which results in a high rate of reuse of keying material, and the poor choice of a checksum method which allows an eavesdropper to change arbitrary bits in a packet and update the CRC without knowing they WEP key. Had the vendors doing 128-bit WEP gone to a 64/64 split between key and IV it would have been a big improvement. Instead, they split it 104/24 providing no increase in security over the 40/24 split for many attacks.

I'm not sure what you are talking about in three. 802.11 specifies two authentication algorithms. One is a crude "open" method which allows any client to "authenticate". The other is "shared key" which is based on a simple challenge-response using WEP key #1. At no point is DNS involved. In fact, 802.11b has no dependance on any portion of the TCP/IP protocols. It may be that your vendor has included their own authentication on top of 802.11, but if so it has nothing to do with WEP.

Re:Or encryption? (2)

Salamander (33735) | more than 13 years ago | (#456454)

This is the biggie - the WEP authentication protocol relies on DNS

Can you explain this further? I was unaware of any dependency between 802.11b and DNS, and I certainly didn't have to make any DNS changes to get my setup working - including full encryption. Is this an optional part, perhaps related only to the key-distribution you give as concern #1?

Re:What about BlueTooth (2)

BrK (39585) | more than 13 years ago | (#456455)

Bluetooth is vaporware. It's not going to happen.

Authentication and encryption (1)

Steven Reddie (237450) | more than 13 years ago | (#456456)

Surely authentication and encryption are built into any wireless networking technology worth it's salt. Encryption is obviously needed to stop anyone from listening in, and authentication is needed to stop anyone from logging onto the network. Something as simple as SSL with some use management would do the trick. An example being that each client card would have an keypair, and you would teach the network to accept each client card just the same way that you can teach car alarms to accept different remotes. Simple really, not much more to say on the topic.

Wireless Security (1)

Anonymous Coward | more than 13 years ago | (#456457)

The wireless groups in austrilia have been discussing, ppoe ,vpns, and ssh encrypted ppp connections. the general consenses is that the ssh path would be too slow. likewise most any addititional encryption would slow the network. the wireless cards already use encryption, but it seems to be useless if someone else has a wireless ethernet card. kinda redundant

Re:Wireless Worthlessness (1)

frog51 (51816) | more than 13 years ago | (#456458)

Just use encryption - IPSec is ideal for this sort of thing, or PGPnet. It's either that or change your working methods.


Frog51

Frequency hopping, spread spectrum ? (2)

cluge (114877) | more than 13 years ago | (#456459)

Sad but true, the actual transmitters themselves can do a lot to prevent un-authorized access. Spread spectrum, especially when combined with synchronised frequency hopping is brutally effective at stopping people "listening in". The US armed forces have been useing the technologies for years. Seems a shame that with so many "off the shelf" components that could implement this technology, large manufacturers are still going for unsecure links.

this problem will never go away unless ... (3)

segmond (34052) | more than 13 years ago | (#456460)

This problem will never go away unless new security related technologys are shown to the crypto and security community for peer review before deployment. This is why I respected the recording industry when they asked for SDMI to be tested.

Re:Direct link and my experiences (2)

omarius (52253) | more than 13 years ago | (#456461)

The gold cards aren't strictly WEP -- they use 128-bit RC4.

Re:Wireless Worthlessness (2)

underwhelm (53409) | more than 13 years ago | (#456467)

Back when I went to MPA, we didn't have fancy things like laptops. We had insecure windows 95 machines with censorware in the library and we liked it. Some of the more wealthy students like to play golf on their personal laptops during study hall, but I rarely saw them used otherwise.

I remember very little else except that certain US students had to battle to keep the Mac lab open after school. That's quite a cooked agreement you have to sign to use their laptops, though. If you're ever downtown St. Paul and need wireless access, my network's available. Keep up the good fight.

Re:URL for referenced paper (2)

BeBoxer (14448) | more than 13 years ago | (#456468)

Have you read this paper? It's whole thrust is that your point #2 is false. Moreover, it only mentions DNS once in passing as an example of a type of packet an attacker might want to modify. At no point does it state or imply that WEP in any way involves DNS.

Hmm (3)

Yoshi Have Big Tail (312184) | more than 13 years ago | (#456469)

Promiscuous devices sending matter flying through the air?

Are you sure this is suitable for a family website?

Re:Wireless lans a hacking tool. 802.11 planted on (2)

krow (129804) | more than 13 years ago | (#456473)

The solution is to use all switched ports and lock down the ports to specific MAC addresses. That should solve most of your problems in this area. You could also just walk the switches looking for new addresses everyday.

Nokia's WLAN security (1)

Anonymous Coward | more than 13 years ago | (#456474)

My company did an extensive study of WLAN products, and Nokia was the only one that passed our security tests. They created a product in conjunction with the WLAN called the Public Access Zone Controller (AZC). The AZC prevents unauthorized access, not based on MAC, but by username/password (or SecurID), and incorporates VPN for encryption on top of WEP.

What was really interesting, was the fact that Nokia put a smart card slot on the WLAN card. As far as I know, no other vendor has done so.

^Air^Head^

IPSec (3)

peccary (161168) | more than 13 years ago | (#456477)

with implementations available for linux, bsd, and win2k, is the answer. More information can be found with a google search. [google.com]

Re:IPSec (3)

arivanov (12034) | more than 13 years ago | (#456478)

No it is not. The dynamic key infrastructure and the stack itself are not 100% stable yet. The reason is that due to various vendor intrigues the highly efficient mechanism for dynamic key management initially implemented in early 2.x OpenBSDs (firefly) was replaced by the current one. The PKI for the current one is horrible and noone besides OpenBSD and a handfull of commercial products implements the entire thing. For example linux does not.

Of course, for a house network you can use static keys. But if you are down to static keys something more simple like cipe or windows PPTP services will do the job anyway. Also in the former (cipe) case you can use blowfish which means much lower overhead.

Re:Convenience of wireless LANs (1)

Poor Soul (177868) | more than 13 years ago | (#456479)

If you don't mind a bit smaller screen and using WinCE, the Intermec 6651 [intermec.com] is a great terminal. It has a fully rotatable touch screen, as well as a bonus of having an integrated digital camera in the hinge area. The quality of the camera is not the greatest in the world, but for an integrated camera in a light-weight mobile device, I'm happy with it. You can find more information on www.mobileplanet.com by doing a seach for 6651.

It will faithfully do 802.11b wireless and works great around the house, also works great for taking with me to class for taking notes. And with the touch screen and included software, you can even do diagrams!

If you want more info about it, take off the fuzzy rabit slippers and e-mail me.


--Josh

In the words of Homer Simpson... "Mmmmm... beer."

encryption (1)

lou2112 (265869) | more than 13 years ago | (#456480)

i imagine that it'd actually be harder to copy a signal in the air than one over a network.

Re:Wireless Worthlessness (3)

kerrbear (163235) | more than 13 years ago | (#456481)

One day someone figured out that packet sniffers can be used on the network to see other people's POPmail passwords and AIM conversations, as well as whatever websites they are at. It is genuinely disturbing. However, I am terrified of telling our administration about this because of a kill-the-messenger syndrome.

Why not just send the message anonymously via the administrations' own mail accounts? That would get their attention.

Re:Frequency hopping, spread spectrum ? (2)

Salamander (33735) | more than 13 years ago | (#456482)

802.11 already uses spread-spectrum technology. I believe that for 2Mbps 802.11 it's "frequency hopping" SS, and for 11Mbps 802.11b it's "direct sequence" SS. No, I don't really know the difference. What's important is that these attacks are apparently possible despite the use of spread-spectrum technology.

Re:Oh, great (1)

BradleyUffner (103496) | more than 13 years ago | (#456483)

wow, you have really got to be a dedicated gek to take your laptop with you when you are taking a leek. Kinda brings to mind an image of someone at a urinal trying to prop thier laptop up with one hand while aiming with the other.

Lack of security? Big Deal (1)

banuaba (308937) | more than 13 years ago | (#456484)

Now, I'm as all for Privacy (please note the A.A. Miline-style caps), but the fact of the matter is that anyone who sniffs my packets, and most other people's, is going to get a big fat lot of nothing interesting. The level of security I need differs depending on what I'm doing. If I'm talking to my mom about how her dog had to have hip surgery, I'll use my cordless phone. If I'm plotting assassinations, I use a landline with scramblers on both ends.
Sometimes, for convenience, I'm willing to sacrifice a little bit of privacy (letting everyone see my /. posts and searches for 'porn' on MSNBC). All things being equal, I'd take security over not, but hey, life is full of little disapointments.
As an aside, I assume that stuff like SSL will still work on this wireless network, so if the packet is sniffed they'll get garbage... Anyone know different?

Brant
Brant

For more info than you ever want to know... (3)

the_tsi (19767) | more than 13 years ago | (#456485)

Visit the isp-wireless mailing list and associated archives at http://isp-lists.isp-planet.com/isp-wireless/
.

These guys eat and breathe this stuff 24/7... they have to. And they love to share knowledge.

-Chris
...More Powerful than Otto Preminger...

Re:Security of Wireless vs. Wired (5)

baptiste (256004) | more than 13 years ago | (#456486)

The threat is more than you think. I worked for a big networking company (they should know better) whose internal network was completely firewalled from the Internet (they did a very good job in this area) However, they were falling over themselves to get wireless installed and guess where it went first? That's right - the executive suites tied right into the internal LAN. The execs HAD to have their laptops connected. We used high gain antennas to ensure the R&D building was completely covered. Anyone who parked near the building and intercepted an SSID or had the knowledge to hack in could have walked away with their email, passwords, you name it. I honestly don't think WEP was enabled because it was still 'in development' and we were waiting for firmware releases. But they wouldn't let us wait. I hear that the 2nd generation deployment is a little more secure, but you are kidding yourself if you think this was an isolated incident. The potential for commercial spying is huge since wireless (like all the other gizmos) hit the executives first. And those of you talking about limited range - not quite. I use 802.11 to share my pipe with the inlaws next door. Next door is about 500 feet away through the woods. But the signal strength is great and I'm just using the std antennas, not a high gain patch. So it goes farther than you think outside, even when it seems like its really weak inside at short distances.

Don't get me wrong - I love 802.11b and use it all the time. But I use WEP and my access points are on an isolated LAN tied to an IPSec box which allows me to get to my internal firewalled LAN. Sure, throughput is an issue, but in those cases, I get my ass off the couch and sit at my desktop! :)

Re:WARNING! THIS IS A FLEMISH TROLL (1)

ChipperClipper (313049) | more than 13 years ago | (#456490)

Canada, Eh?

I betcha you never watched Southpark. Otherwise you wouldn't have considered Canada. They make perfectly good trashcans there!

Source of the Stockholm rumor (2)

Max Hyre (1974) | more than 13 years ago | (#456493)

I first heard about the Stockholm situation (which I'm certain is no different from that of NYC, London, Paris (if you read French :-), &c.) from this copy [counterpane.com] of Bruce Schneier's Crypto-gram newsletter [counterpane.com] . It's near the bottom---search for ``anecdote''.

Makes me wish I had a WaveLAN...

Re:Wireless Worthlessness (1)

churchr (24226) | more than 13 years ago | (#456496)

In the circumstance you describe, the fact that it was a wireless LAN makes no difference. You can packet sniff ethernet just as well.

And in either case, the solution is to use a VPN.

Anyone see last year's MacHack contest? (1)

Anonymous Coward | more than 13 years ago | (#456503)

One of the top 3 hacks was an application that put an airport card into promiscuous mode and showed ever .gif or .jpeg file that came across the network. It was pretty funny.

-D

Already been done.... (1)

Trelane (16124) | more than 13 years ago | (#456504)

For an amusing (and somewhat scary) display of Prior Art, see what some of the land/world's premiere techs were doing at the USENIX technical conference in San Diego last summer. Dug Song presented a WiP (Work in Progress) entitled, roughly, "Passwords Found on a Conference Wireless Network." Unfortunately, I cannot find a link right now. There should be enough data here to find it from either USENIX [www.usenix.org] or Dug Song's pages. Hrm. If it's archived anywhere.

Re:Wildly Popular ? (2)

frog51 (51816) | more than 13 years ago | (#456505)

Starbucks are also going to roll it out in the UK as well, just a bit delayed.

802.11 is more popular (by numbers anyway) in the UK at the moment, as it has some nice peculiarities which allow very dense Access Point packing and higher range - great for use in stores and warehouses like Tesco, Sainsbury etc, but 802.11b has more potential bandwidth-wise.

Once we get onto the 25Ghz band and transmitting at 50Mbit/s the price of the lower spec kit will be easily within reach of the home user (it almost is now - I have a wireless network in my house:) but we'll always be behind the US as we are limited to 100mW so we need more AP's for the same area. Of course we won't get our brains fried as fast!


Frog51

Solutions (2)

Max von H. (19283) | more than 13 years ago | (#456506)

"I'd be curious to see what people think about the possibility of securing a network that sends data through the air."

For one, you could try a lead-coated bunker so that even Superman and the MPAA won't be able to tap into your precious air waves.

After that, if you're scared about air contamination (all that data has to run through it, no?) you can try accomplishing a complete vacuum ; the NASA has some big pumps for lease.

Having to wear a spacesuit for kernel hacking on an iBook while sitting on the pot will bring you to total geekness!

/max

Re:Or encryption? (4)

nosilA (8112) | more than 13 years ago | (#456507)

There are 3 major problems with WEP (which stands for "Wired Equivalanet Privacy," BTW. I will list them in order of increasing severity.

1) Key distribution. If you aren't the only person on the network, getting the key out to other people is a non-trivial task and can be the weakest link.

2) 40-bit - the standard WEP keysize is completely insufficient and can be cracked in relatively no time. 128bit versions of the hardware are available, however, so this is an improvement.

3) This is the biggie - the WEP authentication protocol relies on DNS and is therefore prone to massive man-in-the-middle attacks. There is a paper by Jesse Walker called "Wireless LANs Unsafe at Any Key Size; and analysis of the WEP encapsulation" that I encourage everyone to read.

WEP is especially dangerous because it establishes a false sense of security that cause people to be more willing to send sensitive data over the network. You still need to use some other encryption method on to of WEP - even at best it gives the privacy of a standard ethernet LAN.

Other technologies are under development to improve the state of wireless security, such as the IEEE 802.11 Task Group E, which is trying to develop an authentication scheme suitable for 802.11 wireless networks, or the IEEE 802.1x protocol which will do similar things at a more generic level.

There is no existing good solution to the wireless problem (PPPoE hacks aside).

-Alison

automated cracking in 5 hours with off-the-shelf (1)

abde (136025) | more than 13 years ago | (#456508)



if you look at the actual research page [berkeley.edu] you'll get much more in-depth information about this, far more than the article.



The researchers say that all of the following are possible using off-the-shelf hardware:



  • Passive attacks to decrypt traffic based on statistical
    analysis.
  • Active attack to inject new traffic from unauthorized mobile
    stations, based on known plaintext.
  • Active attacks to decrypt traffic, based on tricking the access point.
  • Dictionary-building attack that, after analysis of about a day's
    worth of traffic, allows real-time automated decryption of all traffic.


It only takes 5 hours to collect enough information to mount a statistical attack! They also describe both passive and active attacks that are possible in some detail. This isnt something to shrug off - even a passive attack is potentially very damaging. And it's not exotic hardware - you can get a lot of mileage just out of your consumer hardware.



There's also a draft [berkeley.edu] of the paper available from the research group.



No, HS Wireless system worthless. (1)

juuri (7678) | more than 13 years ago | (#456509)

Just because thats the way your HS wireless LAN is setup don't think its done like that in the business world. Every business WLAN I've seen has had WEP turned on, every transaction done over that network has been SSL or using a VPN package. Yes, this includes SSL for mail and even the corporate intranets...

What you said is also true of most every LAN I've seen... as in "let me just say that this (a LAN) is one of the most ridiculously insecure technologies in the world, just waiting for packets to be pulled off the wire...". The simple fact is most business WLANs are new enough to where security is a concern, most LANs aren't, and it shows.

A relevant story (2)

edyesed (228067) | more than 13 years ago | (#456510)

This [yahoo.com] Flawhoo story points to www.isaac.cs.berkeley.edu [berkeley.edu] . Where they have appearanlty contrived a way/used the 802.11 standards to sniff on a 802.11 network. Pretty neat schtuff for all you NetworkAdmins who have put that into place already. no we can 0Wn3 j00.

Re:Frequency hopping, spread spectrum ? (2)

bluGill (862) | more than 13 years ago | (#456529)

That won't help. FHSS does prevent those who don't know the next frequency from listening. However every device on your network knows the next frequency and the time to change to it. So you shift to an appearently random different frequency, but at the same moment so does the guy listening. The army uses FHSS with an algorithm that we don't know, thus we can't know the next frequency to shift to or when to shift. We could figgure out what frequ7encies they are using and record all, if the data is worth it we might be able to put it togather, but that is a hard task. (Potentially NP)

The difference between FHSS and DSSS is DS hops at a known time to the next frequency in order, while FH hops to the next frequency in what appears to be random order. 802.11 defines that either can be used. FH is cheaper to impliment, but it turns out that more companies worked in DS (which is accually inferior except the FCC allows it to transmit data faster) and compititon drove the price down.

Re:Wireless Worthlessness (1)

joe52 (74496) | more than 13 years ago | (#456530)

My high school is one of the first in the country to use Apple's AirPort wireless technology in the classroom. We all have Apple iBooks. Everyone uses AOL Instant Messenger in class all day long. :-)

One day someone figured out that packet sniffers can be used on the network to see other people's POPmail passwords and AIM conversations, as well as whatever websites they are at. It is genuinely disturbing. However, I am terrified of telling our administration about this because of a kill-the-messenger syndrome.

Let me just say that this is one of the most ridiculously insecure technologies in the world, just waiting for the packets to be pulled down out of the air with a packet sniffer program like EtherPeek. People have been doing this for months around here.


How is this different from any other LAN? If I let you sit down at a computer in my room and you run a packet sniffer, you'll be able to see all of the traffic going to and coming from the other machines in the room. When I was in college the same was probably true for my entire dorm (the LAN was not switched inside the dorms). This is how networks work. If you don't want someone else reading your passwords or your instant messages, encrypt them.
The only difference with wireless is that someone who sin't supposed to be on the LAN might find their way in, but it sounds like the authorized users are causing most of the problems.

802.11 (1)

demon-cw (162676) | more than 13 years ago | (#456531)

I thought the point of 802.11 was using spread spectrum?! So if you want to intercept a wireless transmission you'll have to use a spectrum analyzer. If i'm correct with that one (flame me if you must, i'm no electronic-specialist), that's not the most likely setup for a skript kiddie...

Plus you'll have to know the SSID and break the encryption. So if you use a directed antenna, say, 3 degree AND use some kind of VPN over the WEP-encryption it shoud be quiet secure.

Oracle ad? (2)

ceswiedler (165311) | more than 13 years ago | (#456532)

What's with the GIGANTIC Oracle ad? I honestly couldn't read the frigging article, the ad flashed so much. Banner ads are okay, but not animated GIF's in the MIDDLE of the article...

Re:One word (1)

romkey (145460) | more than 13 years ago | (#456533)

no, several words... "End-to-end encryption". If you're using security end-to-end (SSL, SSH, IPsec, documention encryption) the only privacy considerations you may have will be traffic analysis, and it won't matter what physical network you're running over. Sure, you can secure your local net all to hell but you still don't know what your packets will be traversing once you leave your network.

Re:Already been done.... (1)

mr100percent (57156) | more than 13 years ago | (#456534)

Now that I think of it, there were lots of powerbooks open, and people sitting on the floor, getting a connection on to the T1 or whatever they were running.

Not quite correct...read on (3)

frog51 (51816) | more than 13 years ago | (#456535)

Frequency hopping is basically like an ordinary radio transmitter which is tuned to a different frequency every 100ms or whatever your rate is. The signal strength on each frequency is max, and if you know the hop sequence, you can follow the signal.

Direct Sequence does not hop!! It takes the input signal and combines it with a long chipping sequence in such a way that what was a peak at one frequency becomes a very low broad signal. The military like this because you can get the whole signal to lie at a lower level than rf noise - making it an absolute bugger to find, let alone read. The radio for these is much more expensive but the price is coming down.

Most of the major manufacturers sell both kinds - Symbol and Cisco being the two top brands. Symbol's kit is rebadged by people like 3Com, and Cisco bought Aironet or Telxon, before Symbol bought Telxon. Lucent do quite a good 11Mbit/s Point to Point link as well.


Frog51

If you pay attention... (1)

Arkleseizure (251525) | more than 13 years ago | (#456536)

...you'll realise it's already here [opengroup.org] :P

Kerberos (1)

mr100percent (57156) | more than 13 years ago | (#456537)

This wouldn't be a big problem if I were running SSH, SSL, and kerberos.

Re:If you pay attention... (2)

BrK (39585) | more than 13 years ago | (#456538)

Bluetooth has been hyped for over 2 years now. There are *101* products listed there. The bulk of them are chipsets and "development" stuff, and many of the products listed there are variations of the same product or chipset from the same company. Even if you expand the search you still get a ratio of ~80% "develop tools/chipsets/IP stacks", ~10% real stuff (ooooh, a Bluetooth cellphone headset) and ~10% vapor products, or manufacturers like Sony listing 28 variations of the same laptop that (supposedly) has Bluetooth. Great, you can use the Bluetooth headset to talk to your overpriced Vaio laptop. There are very few real true things that you're going to find on the shelves of BestBuy/CompUSA/Frys, etc.

Re:Oh, great (2)

Salamander (33735) | more than 13 years ago | (#456539)

for a access point an IV is likely to get reused

Hm. Looked fine in preview, but something seems to've been lost. What I meant to say was "for a totally saturated access point".

New York Stock Exchange is going wireless (1)

regen (124808) | more than 13 years ago | (#456540)

The new trading floor being built at 30 Broad St. in New York will have wireless (802.11) connection from the POSTs and trading terminals.

Better security all around (1)

Anonymous Coward | more than 13 years ago | (#456559)

One positive thing about this is that security will be taken much more seriously and hopefully more money and research will take place out of necessity. Most businesses I know aren't too concerned about having un-encrypted data flowing through the network because they are physically fairly secure. If they switched to wireless, security and encryption would of course become very important to them. I can only see this as a good thing. There will definitely be a big demand for "security" experts.

Promiscuous (4)

photozz (168291) | more than 13 years ago | (#456560)

"What about promiscuous mode devices within range of transmitters, or satellite communications?"

Sounds like my last experiance at a bar........

Closed netowrk (2)

mr100percent (57156) | more than 13 years ago | (#456561)

Simple, I have an Airport connected to a linksys in my house. I simply enable a closed network, so you can't pick up the airport without knowing the exact IP address.

Plus, Apple runs 40-bit encryption for their Airport. Not only that, I setup the base station so it blocks out clients that aren't on my MAC address "allow"list.

Pretty much, I feel safe, both at home and over then net, becuause I run Appletalk, which doesn't go beyond the router to the cable modem.

Re:Wireless Worthlessness (1)

evilpete (26941) | more than 13 years ago | (#456562)

They'd probably switch off the lan - no more free wireless internet.
+++++

Re:Oh, great (5)

Salamander (33735) | more than 13 years ago | (#456563)

I took another look at the link to the paper [berkeley.edu] provided in cid #13 (thanks!) and here are some observations.

The first attack follows directly from the above observation. A passive eavesdropper can intercept all wireless traffic, until an IV collision occurs.

"IV" is "initialization vector" and is the same as what is elsewhere called a "salt". The IV is 24 bits; in a previous paragraph the authors had calculated that for a access point an IV is likely to get reused after about five hours. From this we're apparently supposed to conclude that it's a trivial matter to store every packet until an IV collision occurs, and then use the contents of both packets to recover plaintext. They even seem to be aware that two packets often won't be enough, but fail to mention that you need to save and search another five hours' worth of peak-bandwidth traffic to get anywhere in that case.

To be fair, they do point out a pretty serious flaw in a particular implementation of 802.11b, specifically Lucent's, which sets the IV to zero when the card is initialized and merely increments it for each packet. That does indeed make life way too easy for crackers.

we have been able to successfully intercept WEP-encrypted transmissions by changing the configuration of the drivers. We were able to confuse the firmware enough that the ciphertext (encrypted form) of unrecognized packets was returned to us

I would say that this is likely to be well beyond the capabilities of most script kiddies, and is probably pretty easy for 802.11b equipment vendors to address.

Many 802.11 products come with programmable firmware, which can be reverse-engineered and modified to provide the ability to inject traffic to attackers. Granted, such reverse-engineering is a significant time investment (we have not done this ourselves)

Damn right they haven't. Writing drivers is enough of a pain when the hardware engineer is sitting right next to you. It's harder when you have no access to hardware docs, and harder still when the hardware vendor might actively be attempting to thwart your efforts.

The real problem is not in the paper itself, though, but in the way it was reported. Consider this conclusion, from the paper:

The protocol's problems is a result of misunderstanding of some cryptographic primitives and therefore combining them in insecure ways. These attacks point to the improtance of inviting public review from people with expertise in cryptographic protocol design; had this been done, the problems stated here would have surely been avoided.

Yeah, like there have never been any problems discovered in crypto products from the self-appointed experts. Uh huh. But I'll let that slide. Now, for contrast, here's an excerpt from the ZDnet article:

."During the design process, the crypto community wasn't invited to participate," says Goldberg, now chief scientist at Zero Knowledge Systems Inc., a privacy-software firm in Montreal.

That's a pretty inflammatory statement, and apparently not far from being an outright lie. It was irresponsible (or possibly venal) of Ian Goldberg to make such a statement, and doubly so for WSJ's Jared Sandberg. As I said before, there is a matter for serious concern here, but the scaremongering from these people is not helping. The right thing to do would have been to alert the equipment manufacturers, discreetly, and let them decide how they want to alert their customers.

Re:Wireless Worthlessness (1)

HongPong (226840) | more than 13 years ago | (#456564)

They banned encryption. Yes, they banned it. They aren't aware that https is encryption, I guess. Here is the principal's email:

* Students are not allowed to download music to their laptops (i.e., macster/napster).

* MPA reserves the right to inspect the hard drive of any laptop computer. In order to do so, the following are not allowed: file encryption, password protection of individual files, or password protection of keyboard access to the computer.

* Students are not allowed to play network-based or on-line games while at school.

* Students should be able to prove that they own any games installed on their hard drives (i.e. produce a CD or product license if requested). It is not permissible to have "bootlegged" software on student computers.

Students in violation of the above rules will be subject to disciplinary action.

And yes, they told me this encryption restriction extends to email as well. Shortly thereafter, they banned using the CD-ROM drives for anything except school stuff because too many ignorant kids didn't know how to open them. Frankly it's depressing to be thought of as such a criminal. I wasn't allowed to tell people that "Encrypt" is a command in the File menu. The knowledge is dangerous. :-(

--

Block the airwaves (1)

SanLouBlues (245548) | more than 13 years ago | (#456565)

Put a faraday cage in the walls of your house, and block EMP too.

Re:Closed network (1)

mr100percent (57156) | more than 13 years ago | (#456566)

Yeah, I know it sucks compared to TCP, but I prefer Appletalk for security reasons. It's really hard to hack into an Appletalk network from behind a linksys, and I turned off the appletalk over TCP. That is a reason for Apple to be more secure than NT.

Besides, it makes it a little harder to snoop, even though it's slower and crummier than TCP, but i don't send gigs of data through Airport, Ethernet's faster.

Still Airport is way nifty, just keep it closed and cloaked.

URL for referenced paper (2)

nosilA (8112) | more than 13 years ago | (#456567)

Okay, the only place I could find a soft copy of this is a zip of a word document - sorry, but here's the link [ieee.org]
-Alison

Layered Security (1)

Aztech (240868) | more than 13 years ago | (#456568)

As always with security, you shouldn't have a single point of failure... make sure you encrypt the upper level protocols with the likes of VPND [sunsite.dk] , IPSec or something similar.

Coincidentally, it has been reported [wired.com] that sensitive data from the Davo's World Economic Forum [weforum.com] was stolen last week, and Microsoft and Compaq were touting the benefits of 802.11b network on the iPaq PocketPC, they issued all 2300 attendees with a device and installed numerous access points throughout the complex, hotel's etc. I wonder if this could of been the source of the exploit ?

It seems wherever Bill Gates [microsoft.com] (cheesy grin) goes... security flaws travel with him (like a fly to sh1t).

Re:Wireless Worthlessness (1)

m2e (215374) | more than 13 years ago | (#456569)

So just use IPsec or something similar. You don't encrypt/password protect files or keyboard access to the computer, but network traffic. So https is fine, ssh too.

Do these rules apply only to school-owned notebooks, or also to your own?

You Really Can't (1)

PantherX (23953) | more than 13 years ago | (#456570)

Yes, you can have encryption, but any Radio Shack geek can get the equipment to be a node on your network, most likely an invisible one and start cracking err... hacking? (simantics )

Anybody who implimented this sort of thing and claims that he/she "didn't know" should be fired. Nuff Said.

Re:Wireless Worthlessness (1)

lizardboy (160143) | more than 13 years ago | (#456571)

use web based email though ssl/https. The bonus is that your email boxes are stored offsite. And if can find it use chat clients that support ssl or the like too. Fight the system without them knowing.

lizard boy.

Wireless lans just asking to be hacked (3)

11thangel (103409) | more than 13 years ago | (#456573)

A wireless lan can be tapped by anyone with a radio and some electronics skills. The only way to secure it is with encryption. But of course, as we saw with ssh, even encrypted protocols arent totally secure. Wireless lans would probably be useful, but for a security minded user, they are completely useless. Of course, that won't stop high sales from people who just don't care about people downloading whatever they happen to be saying on IRC, but i'll be sticking with ugly wires for now =)

Direct link and my experiences (4)

ckd (72611) | more than 13 years ago | (#456574)

Some information about their analysis [berkeley.edu] is available.

Personally, I wasn't counting on WEP anyway, which is why I didn't bother buying the Lucent Gold cards. I just wish IPsec were more common, so that I wouldn't have to tunnel quite so much through ssh.

Of course, then there are unencrypted wireless networks like the ones at USENIX. Dug Song's presentation on dsniff [monkey.org] was a big hit; look for the "Passwords Found on a Wireless Network" paper. (PostScript only, sorry.)

Encryption (1)

sharkticon (312992) | more than 13 years ago | (#456576)

At the moment people worried about their data being intercepted by the Government or other organisations already use encryption such as PGP on things like email, and use SSH rather than Telnet and so on. These people will simply continue to use encryption on their wireless devices. Sure traffic is easier to detect, but the problem for any such snooper is still cracking the encryption, which is by far the more difficult task.

Of course the majority won't care about privacy then, just as they don't now...

a new cottage industry (3)

enrico_suave (179651) | more than 13 years ago | (#456578)

Hepa filters for wireless network traffic...

*Shrug*

E.
www.randomdrivel.com [randomdrivel.com] -- All that is NOT fit to link to

Solution: (1)

Anonymous Coward | more than 13 years ago | (#456579)

Encryption at the data link level. Solved.

WaveLAN Security (5)

Joel Rowbottom (89350) | more than 13 years ago | (#456582)

You'd be surprised the fun which goes on at conferences such as RIPE and IETF when WaveLAN virgins get onto the network and realise it isn't secure.

You might have heard of a guy called Randy Bush, whose favourite party trick at such events is to sniff the WaveLAN, and email out to captured POP3 usernames their own password with the message 'Be careful with radio!'. It's not even a switched network as a default install.

Setting up some sort of VPN using PoPToP isn't a bad idea in such cases, although WaveLAN does have some security built into it. Personally I use the Buffalo Technology kit which seems to work for 'doze, BSD and Linux.

I've heard rumours that if you wander through Stockholm's business district or through the Square Mile in London, if you're in promiscuous mode you can pick up all sorts of transmissions and a large number of DHCP servers offering IPs to anyone who gets the ESS ID right.

Hope this helps someone. Just be careful out there ;)

Re:Hmm (1)

wiredog (43288) | more than 13 years ago | (#456588)

Since when is this a family [goatse.cx] website?

SSL Tunnel (1)

Midnight Thunder (17205) | more than 13 years ago | (#456589)

It is at times like this that I feel that an SSL tunnel probably isn't such a bad idea. Basically all data transmitted between the workstation and the bridge computer would be encrypted, irrespective of the top level protocol. Between the two you could place 'insecure' technologies such a wireless networks. The advantage with this approach is that it is much easier to update the software running on either of the two computers, than it is to wait for the firmware of these devices to get an update. An additional advantage is that you can choose your own encryption scheme - as long as it recognised by the workstation and the SSL bridge.

Wireless lans a hacking tool. 802.11 planted on me (5)

Anonymous Coward | more than 13 years ago | (#456590)

One day, while tracing a network cable, I came across a D-Link 802.11 base station hidden inside the ceiling just above the network wiring closet. No one knews who put it there nor how long it had been there. The mfg date on the device was 1998, so it couldn't have been longer than that, but still...

This is scary shit.

It takes 10 seconds to plug one of these into your network and a power outlet and you're instantaneously wide open, without knowing it. And if you've got network outlets all over your building, it's just that much easier for you to be "bugged", especially since network outlets often appear in rooms not considered to need securing, like lobbys and waiting rooms and such.

If you're a sysadmin in a really large building, can you really know that every RJ45 jack is being used legitimately? If the spy device is listen -> xmit only, and ignores arp requests, it is invisible other than one extra link light among hundreds on the rack or on some distant hub/switch.

Re:Oh, great (2)

Salamander (33735) | more than 13 years ago | (#456591)

wow, you have really got to be a dedicated gek to take your laptop with you when you are taking a leek.

Well, yeah. I am. ;-)

I guess I could claim that I was testing the transmitter's range or something, but it really was just a "because I can" sort of thing. I don't expect I'll be making a habit of it, though it might be handy next time I get a bad burrito or something and expect an extended bathroom stay.

Re:New York Stock Exchange is going wireless (1)

mr100percent (57156) | more than 13 years ago | (#456592)

So is Disneyworld, but it's mostly for the cash registers.

Re:What about BlueTooth (1)

Rosonowski (250492) | more than 13 years ago | (#456593)

My step-dad is working for Hidden Mind [hiddenmind.com] , and they do alot of java stuff for wireless apps (you know, cellphones, Blackberrys [blackberry.com] , Pagers, all sorts of cool stuff, so he talks alot about bluetooth. It's such a short range at 30-40 feet. But It seems like it would be a little hard for someone to hack you while following you around. Not to mention impractcal

*shrugs*

"I have not slept a wink"

Apple's AirPort traffic is encrypted (2)

uglyhead69 (186990) | more than 13 years ago | (#456594)

Apple's AirPort traffic is encrypted. So if you're sniffing, you're doing it over copper, not from the airwaves. Granted Apple only uses a 40 bit cipher, but I imagine that its enough to keep even the most brilliant high school geek busy for months. On a side note... Packet sniffers sure are cool aren't they?

Young Admin (1)

CrazyJoel (146417) | more than 13 years ago | (#456595)

How paranoid does an admin need to be? How do I get my superiors to know that my paranoia is justified? Most people seem to see security as an obstacle to access.

Do NOT Aim at Your Own Feet! (1)

pokrefke (146856) | more than 13 years ago | (#456596)

"However, I am terrified of telling our administration about this because of a kill-the-messenger syndrome."

-Quoted directly from original message

http://hongpong.dyndns.org/me/mail-college.html
-Note the reply address on the envelope

Me thinks the lad just shot himeself in the foot.

Re:Already been done.... (1)

mr100percent (57156) | more than 13 years ago | (#456597)

Hey, I was doing that at Macworld NY!

You'd be suprised how many open networks that were showing up. Not only that, there were many, many computers wityh guest file sharing on. Maybe I shoulda snagged Photoshop while I was at it. ;)

Re:Wireless Worthlessness (2)

fm6 (162816) | more than 13 years ago | (#456598)

Why not just send the message anonymously via the administrations' own mail accounts? That would get their attention.

I'm not sure how much good anonymous email would do. In any case, I would not hack into somebody's email to demonstrate lack of security. That only intensifies the "kill the messenger" problem. I speak from personal experience.

__________________

Or encryption? (2)

omarius (52253) | more than 13 years ago | (#456599)

I have installed many WaveLan radios, and run most of them with encryption. To sniff an encrypted WaveLan network, you'd have to know:

The frequency

The "network number"

The encryption secret

I haven't heard of ways to arbitrarily break into one of these without some serious and expensive equipment.

-Omar

damn (1)

Anonymous Coward | more than 13 years ago | (#456600)

Now i have to worry when i view porn in the bathroom if my boss is snooping in on me

Wildly Popular ? (2)

dingbat_hp (98241) | more than 13 years ago | (#456601)

the wildly popular 802.11b wireless networking technologies

Is this a true description of WiFi ?

I'm in the UK, in a real geek environment, and we've only just gone partially wireless. By UK standards, I think we're still ahead of the pack.

What's it like in the USA ? Are AirPorts really popping up in every Starbucks ?

WEP (1)

Alcoholist (160427) | more than 13 years ago | (#456602)

And here I thought WEP stood for Windows Entertainment Pack. :)

Wireless Worthlessness (5)

HongPong (226840) | more than 13 years ago | (#456603)

My high school [k12.mn.us] is one of the first in the country to use Apple's AirPort wireless technology in the classroom. We all have Apple iBooks. Everyone uses AOL Instant Messenger in class all day long. :-)

One day someone figured out that packet sniffers can be used on the network to see other people's POPmail passwords and AIM conversations, as well as whatever websites they are at. It is genuinely disturbing. However, I am terrified of telling our administration about this because of a kill-the-messenger syndrome.

Let me just say that this is one of the most ridiculously insecure technologies in the world, just waiting for the packets to be pulled down out of the air with a packet sniffer program like EtherPeek. People have been doing this for months around here.

This is just a school. It's terrifying to think that the world's important financial institutions rely on this technology's security.

--

I figured it had to happen... (1)

cmowire (254489) | more than 13 years ago | (#456604)

I figured that it had to happen.

I mean, the people at the University of Illinois at Urbana-Champaign have been against Wireless Ethernet for a while, primarily because -- even before WEP was known to be crackable -- Wireless Ethernet was a shared medium open to sniffing.

Re:Wildly Popular ? (2)

dachshund (300733) | more than 13 years ago | (#456605)

What's it like in the USA ? Are AirPorts really popping up in every Starbucks ?

Actually, Starbucks is unrolling some sort of plan just like that. It's not available yet, and when it is it'll probably have a bunch of restrictions on it. But that's about the shape of it.

Re:Narrow beam antennas and gain (4)

Technician (215283) | more than 13 years ago | (#456610)

I agree on the impact of using high gain antennas for sniffing. A wireless port has a short 1/4 or 5/8th wave antenna which usualy has a gain of less than 6 DB because of it's non directional signal.

Every 3 DB gain doubles the power recieved. Every 6 DB increase in antenna gain doubles the distance. (line of sight not over the horizon) A narrow beam dish antenna (old c-band TV dish) can have a gain over 36 DB.

If your 6 DB laptop has a range of 500 feet, the guy with the dish has 30 DB more receiving power and will get the same signal you get but from 16,000 feet. He doesn't have to be in your parking lot to sniff you. He just needs a reasonably clear line of sight. Do not be fooled thinking the range a low non directional antenna provides is all the further your signal travels. It isn't. It gets 6 DB weaker every doubling the distance it travels.

It may become too weak for you, but not for a high gain directional antenna. This gain is why a dish antanna can pick out one of many satelites spaced every 6 degrees in the sky over the equator that is transmitting with 50 watts per transponder 22,000 miles away.

Re:Convenience of wireless LANs (1)

afrazer (152398) | more than 13 years ago | (#456611)

I really agree with the importance of using a wireless LAN. I have one in my home and it certainly is a lifestyle change - the laptop goes from the home office to the kitchen to the bedroom and occasionally the bathroom, all the while connected to the internet and my desktop. My main original reason for getting it was that in my rented apartment, drilling or tearing up floors to lay cable was not an option. I am really happy with it, and would not go back to wires for anything.

If you like to lie in bed and read, you can basically go over to doing so full time with a wireless LAN. I have an intel anypoint wireless, which is only for win 98/ME :(, crashes occasionally, and is only 1.6 mbps, but it is still great. It makes it much more feasible to go "paperless" - there's no need to print something out when you can take the laptop with you (I would recommend getting a light laptop). I keep everything on my desktop with a big hard drive (music, recipes, technical documentation, data files), and the laptop with its faster processor and smaller hard drive has access to all this stuff from anywhere. I also connected my desktop to real stereo speakers in the living room, and got a remote control on the laptop which can control winamp on the desktop. So I can, theoretically, surf the net and control the stereo from the bathroom, just to give a real-life example.

I am encouraging people I work with to get the same network, so we can meet for lunch and just "be connected", whether at either of our houses or a remote location (no hub required).

Another major unintended benefit is that I need less computers. Rather than put a computer in each place I want one, and running all the cable, I just take the one computer wherever it is needed.

Also, as for security, I think the whole thing is overblown. I live in an apt. building, and my whole apt. is covered, but I don't think coverage extends too far beyond (on the box it says about 150' range, but I suspect less). I think that none of my neighbors have the same hardware as me, so hackers are much more likely to find me through my wired connection ot the internet. It's not like I have a sign in the front yard saying "Intel Anypoint Here", so why would anybody even think about trying to sniff? I can see where this would not apply in the business sector, but for the home user wireless is the way to go.

What I would really like to do is replace the laptop with a slightly different device. It would have everything the laptop does, but the screen would be able to fold all the way around, like the way people open a magazine and refold it backwards. This would make it possible to read the laptop much more comfortably. Also, I would like a utility to rotate the display 90 degrees so that I could get the aspect ratio of a piece of paper. A touch sensitive screen would make it sheer heaven. If anyone knows how to do that, tell me.

Re:Or encryption? (3)

fm6 (162816) | more than 13 years ago | (#456614)

WEP is especially dangerous because it establishes a false sense of security that cause people to be more willing to send sensitive data over the network.

Don't single out WEP for this problem. You run this risk with any security measure. To quote Bruce Schneier, security is a process, not a product. Not that I disagree with your general argument.

__________________

Re:Frequency hopping, spread spectrum ? (2)

BeBoxer (14448) | more than 13 years ago | (#456616)

You are missing the whole point here. 802.11b uses spread spectrum technologies, and I suspect that if you started from scratch trying to put together hardware to eavesdrop on 802.11b it would be a tough project. But, you are not starting from scratch. You are starting with a working receiver. You would have a hard time listening in on the military using consumer hardware, but if you were starting with a working military receiver it would be much much easier.

Add IPSEC, stir gently. (2)

Nonesuch (90847) | more than 13 years ago | (#456617)

My solution is to land the AirPort segment on a DMZ interface that can talk to only one device- a VPN endpoint 'switch' from Cisco or Nortel.

VPN solves the issue of using 'untrusted' internet connections to connect to the local trusted network, so it's an obvious solution to using untrusted wireless transmissions which have similar security risks to using the Internet... sniffing, MITM, etc.

Security of Wireless vs. Wired (3)

pgpckt (312866) | more than 13 years ago | (#456618)

I see minimal additional threat being generated from wireless networks. Wireless networks tend to be short range. Several college campuses and business have them, but wireless can only do so much and only transmit so far. Vulnerability is localized, not global like over wireless' wired cousin.

You still need a wired network regardless. And the hacking opportunities are better on a wired network. Several factors prevent hacking from being a viable activity over a wireless network. Low bandwidth is the most obvious. There are some implications for a denial-of-service attack, but these will affect end users, not servers, and with triangulation, it shouldn't be too hard to figure out who is jamming the signal.

The biggest thing is you need a good parity algorithm to account for data loss and encryption to prevent people from picking up sensitive data. However, I dismiss the claim that there is more exposure on a wireless network then a wired one, and hopefully you are using encryption when you give your credit card over the net anyway.
----------------------
Kurt A. Mueller
kurtm3@bigfoot.com
PGP key id:0x75D2DCCD

Nothing New. (1)

BrK (39585) | more than 13 years ago | (#456619)

So what does this article *really* tell us?
Wifi network cards are sending data through the air, and we already know that NOTHING is ever really all that secure, especially when you're trying to keep overheard/processing power required minimal.

SO, it would stand to reason that by deploying Wifi you are (potentially) saving money on wiring/setup, enabling users to move around more freely, and at the same time subjecting yourself to more security risks.

This should be elementary to just about any halfway decent admin, but considering that it's posted on Zdnet, it's not really targeted to admins, but to end users, managers, and others not-all-that-hip :)

Re:Or encryption? (clarification) (2)

omarius (52253) | more than 13 years ago | (#456620)

I should also point out to those unfamiliar with WaveLan that I mean encryption beyond the "WEP" ("Without Extant Protection" ;) ) that's available on the standard bronze cards. There are two encryption "levels," silver and gold, which use more daunting encryption methods. Unfortunately, they also cost more money--a separate and unfortunate issue that I will not address here. :)

-Omar

What about BlueTooth (1)

PlowKing (243392) | more than 13 years ago | (#456621)

Blue Tooth is going open up a whole new world for hackers. Think about it. As you are walking down the street a hacker is following behind you hacking into your Palm.

Oh, great (4)

Salamander (33735) | more than 13 years ago | (#456622)

I think a lot of people just don't realize how wireless networking can change the way you feel about computing. Until you've actually surfed from the couch, continued reading on a laptop while you get a drink out of the fridge - or even take a leak - all unencumbered and uninterrupted, I don't think you can fully appreciate the difference. It's amazing to think how accustomed we had all become to the limitations of wired connectivity.

Now this comes along. Right or wrong technically, real or imaginary, this will slow adoption of wireless networking technology. The risk-averse business types who make decisions about deployment will hesitate, so there will be fewer access points both within organizations and in public spaces (hotels, airport lounges, and so on). Companies will forbid their employees to use wireless networking when on the road, or simply not provide the equipment necessary for them to do so. I expect email from our own IT department any moment telling me that wireless is off limits until "investigation of this matter is complete" (which will take months).

All this loss of convenience occurs because a bunch of people who felt left out of a public IEEE standardization process have said the sky is falling. If you read the article, you'll notice that there's practically no real information that would allow anyone to judge how serious the risk really is, and there's a lot of scaremongering about how easy it will be for "script kiddies" to get the right software. How about the hardware? Yes, folks, you need extra hardware to do this, and you also need to be physically proximate to the target. I'm not at all convinced that the script kiddies will be able to take advantage of this hole - whatever it really is.

Yes, it sucks that there's any hole of any size in WEP, and even if the script kiddies can't exploit it the professional crooks might, but the sensationalistic way this is being reported is simply not responsible.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?
or Connect with...

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>