Slashdot Mirror

← Back to Stories (view on slashdot.org)

UN Advised on Wireless Insecurity

Posted by CowboyNeal on from the wireless-tapping dept.

otisaardvark writes "There's an article on the BBC about how the UN is being briefed on the problems of wireless networks. Predictable conclusions - security is mainly compromised through human, not technological factors."

6 of 81 comments (clear)

  1. Re:Why is it insecure by John+Fulmer · · Score: 5, Informative

    >For example, are the data links insecure--I dont
    >think so as most are now 128bit encrypted, right?

    128-bit encryption without knowing the cryptographic algorithm used is meaningless as a definition of crypto strength, especially if the encryption is badly designed and broken; both of which are true for 128-bit WEP. Do a google search on it and you'll find the papers that describe the vulnerablility, and the tools to exploit it.

    WEP is what hapens when non-crypto people design crypto.

    Here's a starter link Look at the '802.11 Encryption" section

  2. I'm no expert... by Boss,+Pointy+Haired · · Score: 5, Informative

    But surely if you want to provide wireless capabilities on your corporate network you put the access point in a DMZ and have users come in via a VPN, just as if they were working from home and connecting over the "public" Internet.

  3. Re:Why is it insecure: follow up by perp · · Score: 3, Informative

    First thing in a Google search for WEP:
    http://www.isaac.cs.berkeley.edu/isaac/wep-f aq.htm l

    The difference is that openssl is implemented more rigourously than WEP. IANAC (I am not a cryptographer), but it sound like the WEP folks put it into place without sufficient review and now we are stuck with a less-than-robustly-designed standard.

    Sometimes, combining two encryption methods can result in something weaker than either of the two original methods, in that they kind of partially decrypt each other.

    --
    There are two kinds of sysadmins: paranoids and losers. I'm both kinds.
  4. as secure as wired by nurac · · Score: 3, Informative

    You can make wireless (802.1x) as secure as wired by putting all your wireless users on a VPN. Unsecured wireless users are just like having open access to the insides of your network and completely bypassing peripheral security measures like firewalls. The real question is how to make *all* your computing and networking resources more secure. Wirelessness per se won't be the problem.

  5. Correction to Article by coj · · Score: 2, Informative

    CERIAS is part of Purdue University, not Indiana University. I'm sure heads will roll when Coach Keady finds out about this. 8)

    --
    Ed

  6. Re:It's like cellphones all over again by GigsVT · · Score: 2, Informative

    Let me take this a step further. It seems like it always turns out that IP traffic should have been encrypted. Why don't we encrypt all IP traffic to begin with?

    Probably because when IP traffic was developed, computers weren't fast enough. You do know TCP/IP has been around before 1993, right? :)

    Even if encrypted IP was put in place before the Internet went public, 386/486 class computers that were common at the time could barely keep up with unencrypted traffic over fast modems. Remember when your browser rendering speed was more important than your connection speed?

    As far as cell phones go, I might be talking out of my ass here, but I know the FCC has rules against encrypted transmissions on many bands. I wouldn't be surprised if it was (still is) illegal to encrypt cell phone traffic.

    --
    I've had enough abrasive sigs. Kittens are cute and fuzzy.