Slashdot Mirror
UN Advised on Wireless Insecurity
otisaardvark writes "There's an article on the BBC about how the UN is being briefed on the problems of wireless networks. Predictable conclusions - security is mainly compromised through human, not technological factors."
What would be secure?
Although it is encrypted, it is most likely that within two years, it will be possible to crack this.
Cables are securer.
Assembling etherkillers for fun an profit
Back in the 80s you could buy a cellphone and then by using a scanner, could tune into the frequency used by the phone to intercept calls. If you were really clever, and had the right *cough* 'dodgy' software you could send control messages to the phone to activate the mouthpiece, so you can literally tap people.
Cellphones were new, and people just wanted them for the coolness/convenience factor and didn't realize the security ramifications.
In the corporate world there's a certain apathy to hackers. Many execs think.. 'No hacker would be interested in our data, it's just boring business stuff'. That may be so, but when the cops are sniffing your CEO downloading kiddy porn and some script kiddie has just deleted all of your mail, you will think again.
Wireless networks are similar to cellphones in this regard. Companies think they're cool and convenient, so they're hopping on the bandwagon.
So, we need to do what they did with cellphones. Digitally modulate the data over the wireless network and encrypt it within the hardware. Waiting for people to install their own security systems is futile. The manufacturers should make wireless devices encrypt on the fly, just like cellphones do.
This will benefit most companies, since they can dabble in inside trading, downloading warez, etc, and the Feds won't be able to track it, so it benefits everyone really.
mogorific carpentry experiments
Whenever any product ships with pre-set default passwords or settings, there is always a segment of the population who will plug it in, see that it's working, and walk away. When a user plugs in a WiFi router, it should require the user to either turn on WEP, or make the user very aware that using the router in its default mode allows any other WiFi device that comes within range to connect, and that includes people who you might not want to let in.
Some people actually want to provide free bandwidth to the community, and I can't blame them for that. However, users need to know when they set themselves up with no security, that will be interpreted by the world as an open invitation for the public to come on in. If you want to block that, enable some sort of security.
Yeah, back in the late-'70s, I had a multi-band radio that could pick up cellular conversations. As a teenager back then, I had an absolute blast listening to calls. It was better than TV. And I promise you, covertly listening in to a hot call between a guy and his girl when you're 16 years old is pretty impressive stuff! :lol:
I never got into blue-box stuff, but pre-scrambled cellular was heaps of fun.
Last time I checked (and it's my job to) WEP and wireless security are still broken, as far as standards are concerned. 802.1x (PEAP, LEAP, whatever you want to call it) isn't appropriate in all (or even most, IMHO) situtations, and fixes to WEP like TKIP aren't widely deployed.
Wireless will continue to have security issues as long as the underlying security technology is broken and is hard to deploy in a secure, stable, and manageble fashion.
That's a technology factor in my book.
Predictable conclusions - security is mainly compromised through human, not technological factors.
Presumably this is referring to the human failing that was responsible for the flaws in 802.11b design? 802.11b simply *cannot* be made secure. Beacon frames are not encrypted, MAC addresses are not encrypted. Capture approx 1Gb of network traffic and you can decrypt the WEP key. Once you do that, you are in. There is little difference between the time needed to crack 40bit and 128bit WEP keys.
Do not deploy an 802.11b network in an environment where you would not fix cabled LAN ports to the outside of your building with flashing neon signs pointing to them with "PLUG IN HERE!" written on them.
Roll on a truly secure standard.
Is that it is so darned easy to listen into the communications. If you can listen in, and interfere with little effort, instantly many attacks become available to you, especially man in the middle attacks.
But, not only can you break into the network, most of the time, you can actively listen in, and just record everything until you get the encryption code in the future (which is actually a pretty easy thing to do with some social engineering.)
If you want the data to be secure use fiberglass wiring, it is the most secure, but if you want convinience, then you'll have to trade off some of the security in enchange for a easier system to use. It's really as simple as that. It's not the human factor, is the human desire for convinience that commonly leads to the largest security breaches.
~ kjrose
For example, are the data links insecure--I dont think so as most are now 128bit encrypted, right?
could it be that access to the local net offering a way around the firewall? Dont some, or maybe all, wi-fi links have built in capabitlity for password protected connections. If so does this not make them as good as any firewall?
So is the whole problem just people not activating these feature? if so is this not just the same as any other unprotected wired network when people dont turn on their firewall?
Some drink at the fountain of knowledge. Others just gargle.
COuld someone elaborate here. Why is a WEP key more vulnerable than say an SSH key? Why is it insecure to have unencrypted Beacon frames and MAC addressses. What info is being given up by these or how can these be exploited in a way particular to wireless?
and given encrypted transmissions why is WiFi more suceptible to man-in-the-middle attacks than any SSH connection?
Some drink at the fountain of knowledge. Others just gargle.
But surely if you want to provide wireless capabilities on your corporate network you put the access point in a DMZ and have users come in via a VPN, just as if they were working from home and connecting over the "public" Internet.
I'm using an 802.11b network with 128-bit encryption, meaningless passwords (not "admin" or "router"), and the WAP will recognize only the MAC of the portable (yes, that can be spoofed, but it keeps out random strangers). Finally, the access point is in the basement, so its reception zone is mostly up, not horizontal.
There could be specific weaknesses in my brands of hardware, but that's another problem.
Am I mistaken that this provides reasonably good security? I don't expect to screen out the NSA, but do most snoops. If not, can someone type up a checklist for the well-meaning but slight clueless 802.11 administrator?
Human error certainly includes misconfiguration, but if configuration is too hard for most people to understand I think it is the technology that is faulty -- human factors design and all that.
I'm glad they're making these weaknesses more public. Doonesbury did a good job in the Sunday strip a while ago.
First thing in a Google search for WEP:f aq.htm l
http://www.isaac.cs.berkeley.edu/isaac/wep-
The difference is that openssl is implemented more rigourously than WEP. IANAC (I am not a cryptographer), but it sound like the WEP folks put it into place without sufficient review and now we are stuck with a less-than-robustly-designed standard.
Sometimes, combining two encryption methods can result in something weaker than either of the two original methods, in that they kind of partially decrypt each other.
There are two kinds of sysadmins: paranoids and losers. I'm both kinds.
Although it is encrypted, it is most likely that within two years, it will be possible to crack this.
Cables are securer.
With a wire cutter I can crack a cable today. Cables are not more secure. They are just slightly less accessible.
"I have opinions of my own, strong opinions, but I don't always agree with them." -- George H. W. Bush
You can make wireless (802.1x) as secure as wired by putting all your wireless users on a VPN. Unsecured wireless users are just like having open access to the insides of your network and completely bypassing peripheral security measures like firewalls. The real question is how to make *all* your computing and networking resources more secure. Wirelessness per se won't be the problem.
CERIAS is part of Purdue University, not Indiana University. I'm sure heads will roll when Coach Keady finds out about this. 8)
--
Ed
- Very insecure (no passwords, all users can do everything).
- Have a bad GUI (noone knows how the users will use it yet).
- Filled with bugs.
And since noone ever has time for a complete refactoring of the code (not a rewrite from scratch)... then that stuff usually never gets fixed in future versions.Sex - Find It
My favourite quote from the whole article:
"Wireless technology is going to be deployed across the globe either securely or insecurely" --David Black, Accenture
Now that doesn't seem obvious does it?
The Welkin: Online Music Reviews
To the responders, thank you. I'd like to draw folks' attention to the "good enough" portion of my query. After all, encryption is just a game of staying a step ahead of the decrypters.
:)
Because any practical encryption can be cracked -- I assume SSL and whatever underlies ssh and, with difficulty, PGP -- what is "adequate" under what is currently readily available? ANything? I get the sense that breaking into a secured (not "secure") 802.11 link at least requires more than just getting a scanner to tap analog cellphones. (Remember Newt Gingrich's indiscretion?
Last, it should be reiterated that human weakness such as social engineering and administrator goofs is the most likely and traditionnal sources of security breaches. Thus a need for regular independent audits by trusted (gasp) humans.
One more time, in regular English? I understoon everything up to "nope." :)
VPN does raise the security bar, but isn't a direct answer to wireless security. I'd prefer all of my wireless communications to be private.
I also posted a follow-up to the original post which may clarify my intent.
How many heists of credit card numbers are done online? Compare this to how many heists of credit card numbers are done meatside.
Meatside wins. You know why? It's a hell of a lot easier to make Joe Blow think you're someone you're not, than it is to neutralize computerized security.
Remember kids, Mitnick "hacked" the minds of people more than he did computers. So did the other famous 'ev1l l33t h4x0rZ!'.
"Code Red!" you shout. "Nimda!" you cry. These incidents and others aren't even related to the above. These were the result of script kiddies and the weakness of human security. Any dolt who got nailed by Code Red, for example, deserved it - Microsoft had a patch out long before the shit hit the fan.
Wireless is a nightmare waiting to happen. It isn't secure out of the box. It isn't 'as secure' as hard wire, even if it is encrypted. One can just pull data out of the air with wireless; one needs to actually defeat rent a cops with water pistols to jack into a hard-wired system with a laptop.
What happens when the clueless do a wireless install at the office, fail to utilize encryption, and pretty much leave things wide open? Won't happen? It's happening now, and if the infamous Microsoft worms weren't enough of a display that it *will* happen..
Security. Ahh, blessed security. Fire your damnable MCSE's, take the donuts out of the rent-a-cop office and give out higher salaries all around.
Oh, and remember, make sure the 'computer-knowledgable' secretaries know NOT TO GIVE OUT THEIR FRIGGIN PASSWORDS TO ANYONE.
K thx bye.
Wired security builds on top of the physical security you already have, while wireless security can pass through many physical boundaries, and so needs more protection to be equally secure.
For example, to tap into my wired network at home, you'd need to first get access to my house. This is dangerous, and there's a real risk of getting arrested. To tap into my wireless network, you'd need to sit outside my house for a few hours in a truck. It's much less likely you'd get caught doing that, and if you did the consequences would be much smaller.
Because of this, people who wouldn't dream of going on a burglary spree will cheerily drive around in a truck looking for wireless access points to use.
In other words, the barrier to breaking into a wireless network is much lower than for a wired network, so there are many more people who are willing to do it, so it's more likely to happen.
My Web Page
At least with cleartext, people who care about security, but might not know how secure something is, will turn on encryption via SSL or SSH.
With WEP, people may think that since it isn't sent in the clear, they don't have to go and encrypt their IP traffic which is going over it.
--
Internet Explorer (n): Another bug -- that is, a feature that can't be turned off -- in Windows.