CNN Notices that WiFi is Insecure

josh3736 writes "From CNN comes an article that makes painstakingly obvious to the public what we already knew: 802.11 security is horrible. The article points out that nearly 40% of wireless network APs haven't even been changed from defaults and as many as 80% of home APs have encryption disabled. The article goes on to say that '[t]o make matters worse, users who don't secure their networks are often the very people who don't keep their computers up to date with the latest security patches and antivirus software.' It also accuses WiFi manufacturers of disabling security measures by default to make wireless easy to the lowest common denominator. My favorite quote? 'Experts say that while Wi-Fi hardware makers have made initial setup easy, the enabling of security is anything but. Meanwhile, average users are no longer tech savvy.' Which is to say that they at one point were?"

You think that's bad?

[jalefkowit]

If cheap-o consumer routers getting 0wned thanks to pathetic Wi-Fi security seems bad, consider this: at least one vendor of e-voting systems depends on WEP as the only security measure between their voting machines and the ballot-counting system.

Yes, that's right -- ballots are passed wirelessly, and only protected via standard 802.11 WEP. How long until someone tries to 0wn a polling place? Or, worse, just sniffs the ballots out of the air and dumps them to a log file (so much for the secret ballot), say?

I wrote the article linked to above when the systems were being evaluated in Fairfax County, Virginia -- a wealthy and populous suburb of Washington, DC -- but they've since been approved by the county board of elections and used in two elections to date. Who knows how many other local governments have bought into similar systems?

Re:Just how do you setup WEP anyway?

[pe1rxq]

WEP can be cracked... but it requires an effort.
The key in protecting something is to make the time needed to get in as long as possible.
Without wep most cards will join a network within seconds, with wep you are already save for most wardrivers (they are usually not warparkers).

MAC filtering as you mentioned is an even bigger security hole than wep. Look up the 'hwaddr' option in the ifconfig man page.

The combination of no beacons, mac filtering and wep will make your network such a hard target that it will take a considerable effort for someone to use it.

Jeroen

Re:Just how do you setup WEP anyway?

[Ummagumma]

"It actually disconnects from and reconnects to the AP every minute or two, with predictable results (stutter, even disconnection from the server.)"

You may want to check your hardware. Mine (on 4 different machines, home and work) does not act like this.

"To make things even more fun, it prevents third party configuration tools from working (like linksys' for example, though I believe Intel's will work properly.) There aren't even any usable workarounds."

You can simply uncheck 'Use Windows to configure my Wireless Settings', and third party tools work perfectly fine. As a matter of fact, Im typing this on an 802.11g network, on WinXP, using a Netgear with the Netgear utility, and not XP configuring my settings.

I get the feeling you either have bad hardware, or don't know what you are doing.

Re:Just how do you setup WEP anyway?

[pnutjam]

If have SSID broadcast turned off on your AP the standard XP wireless configeration module will drop the connection randomly and look for any SSID's broadcasting. I've seen this problem on multiple computers with different NIC's.

Ananova had a blurb about this, I don't have time to look for the link.