Study: Wi-Fi users Still Don't Encrypt

← Back to Stories (view on slashdot.org)

Study: Wi-Fi users Still Don't Encrypt

Posted by CowboyNeal on Saturday July 5, 2003 @02:20AM from the won't-you-come-on-in dept.

Shackleford writes "SecurityFocus has an article saying that two days of electronic eavesdropping at the 802.11 Planet Expo in Boston last week sniffed out more evidence that most Wi-Fi users still aren't securing their networks. Security vendor AirDefense set up two of its commercial 'AirDefense Guard' sensors at opposite corners of the exhibit hall at the Boston World Trade Center, the site of the conference, and for two days analyzed the traffic flowing between conference-goers and 141 unencrypted access points set up by the conference for public use, and by vendors on the floor. What they found was that users checking their e-mail through unencrypted POP connections vastly outnumbered those using a VPN or another encrypted tunnel. Only three percent of e-mail downloads were encrypted on the first day of the conference, 12 percent on the second day."

3 of 283 comments (clear)

Min score:

Reason:

Sort:

Good basic WLAN security info... by pir8garth · 2003-07-05 02:30 · Score: 5, Informative

There is some good basic WLAN security info on AirDefense's knowledge center section of their website...

--
Something clever...
WEll by mindstrm · 2003-07-05 03:17 · Score: 5, Informative

the point of WEP is misunderstood, as well. Yes, it was poorly implemented.. but it was not supposed to be the data security layer anyway... just "wired equivalent"
That means.. it was supposed to be roughly as hard to get access to the actual network packets as it is when someone has a wired lan.

The wire is not secure, as you know. Wires can be tapped numerous ways, invasively, or passively. Yes, the logic is kind of flawed, the situation is different.. but it just makes it harder to sniff, not impossible.

IT wasn't supposed to be a replacement for using secure protocols.
yeah, wardrive and prove it! by MyDixieWrecked · 2003-07-05 03:24 · Score: 5, Informative

I went wardriving the other day through a rich neighborhood in NJ. Good ol kismac, my Ti, and the stock Airport card/ antennas. After a 10 minute drive, we discovered nearly 20 open networks. A mere 5 of them using WEP.
I was surprised that I was able to pick these up from the street. Also surprising was the names of some of the networks, I mean kittyNET, c'mon!
Also, it's amazing how many people have linksys.
USE WEP, PEOPLE! Or at least configure your router to only accept your computers' MAC address! jeez.
There's lots of reasons to close your network to the outside. The main one being that you don't want to give people access to your LAN. Most people don't password their computers from other machines on the LAN, since they figure it's secure, but it's not. Also, I tried the default linksys password ("admin") on a couple of the networks, and would have been able to change router settings. Imagine setting up a dreamcast w/ wifi outisde of someone's house on their external power outlets and serving warez off their connection. sheesh.
these routers should come with little pamphlets about wireless security.

--

...spike
Ewwwwww, coconut...