80% of WiFi Networks are still Insecure, Kismet Author Says

acz writes "The brain and guts driving the development of Kismet is Mike Kershaw alias Dragorn, who works during the day on IBM mainframes and hacks code at night. Kismet is simply the best war driving tool out there plus it's free as in GPL and can even run on your linux PDA. In a recent interview posted on HERT today, he says: 'I've become entirely jaded towards security as a whole (or rather, people's complete lack of it) and not much surprises me when it comes to open wireless networks. ... the overall percentage of unencrypted networks is still at about 80%.'"

I'm Confused Now

[Stuart+Gibson]

Are we supposed to be securing our WiFi networks to stop people using them as SPAMming outlets and entry points to delicate data, or are we supposed to be leaving our WiFi networks open so we can share our connectivity and bring about a utopian world of high speed, anywhere connectivity?

(Yes, yes, I know, the right security for the right place)

Stuart

Re:I'm Confused Now

[utexaspunk]

i agree. shouldn't we just leave the networks open and have secure computers? what's the problem with having a wide open network if you've got your computer all patched up and are encrypting your e-mail, etc?

seems to me that if you secure your data at the earliest possible point, it doesn't matter what sort of insecure territory (and there will likely always be insecure territory SOMEWHERE) it passes through to get to its destination.

No WEP? So what!

[Just+Some+Guy]

We've been over this time and again, but my own WLAN is wide open; anyone with any MAC can connect without WEP, and I even broadcast the SSID.

Of course, that gets you an IP that lets you ping the firewall. More specifically, you can ping the dedicated NIC on the paranoid OpenBSD server that lets through connections to my Squid server (which requires authentication), my mailserver (which requires authentication), my DNS server, and my NTP server.

If getting an IP on my WLAN counts as "insecure", then count my network as bad. However, that's a bit too broad a brush for my tastes. In my setup WEP offers no advantages whatsoever so I never bothered with it, but I guess that makes me just another dumb newbie in their survey.

Unencrypted data-link does not mean insecure!

[DrMindWarp]

The WiFi data-link layer may not be encrypted in 80% of cases but that doesn't mean that encryption isn't used or enforced at a higher level. You can run VPN, SSL, ssh etc. quite happily over what might appear to be an 'insecure' WiFi link.

As WEP isn't that robust there seems to be little point in deluding oneself - thus many networks will be unencrypted at that layer by design rather than by default.

Tell me how many wireless networks you can associate with and actually use.

Re:Wardriving just proves it

[timmyf2371]

They have the mentality of "I plugged it in and it just works! Whoopee!"

Isn't that the way it should be though?

Last time I bought a new TV, I switched it on, pressed a few buttons as indicated by the quick-start guide and it auto-tuned all the channels - same with my VCR. If I want to do something advanced such as mess about changing picture settings etc then I'll read the relevant section of the manual.

If I buy a hifi system and plug in the revelant speaker cables, popping a CD into the drive and pressing play generally results in music. Similarly, should I want to (for example) record every 2nd track on a CD to casette then I'll read the relevant section of the manual.

That's how computer technology should be - I don't need to read a manual to work my other home entertainment devices and I don't see why computer technology should be any different.

Re:To assuage conspiracy theorists out there

[mwillems]

>> Can someone answer the following:
>> Why aren't WAPs shipped with encryption
>> turned on by default?

Because the power of WiFi is that it is easy to use. My neighbour could not possibly use it if it wasn't.

WEP is complicated. You need to be able to shell in (sometimes even to a port other than 80) from within the LAN. Then you need to know an admin ID/password. Then you need to know what on earth hex/ascii/etc mean, and 56/128/etc bits (and how the security ranslates to a number of characters). Then you need to set it all up using complex menus, and then you need to figure out how to set up all PC's (which call it something else).

By this time we would have lost the typical buyer, oh, 5 times over. That is why it is shipped open by default - the support would cost a fortune, otherwise. WEP is way too complex in its consumer implementation.

Michael

Re:Some on purpose to promote free WiFi.

Do you hold the door open for old ladies entering a shopping center? Do you board all your windows up? When merging, do you make sure to cut off the other driver?

Do you speak in whispers and wear a mask at all times so no one hears your precious sounds or gets the pleasure out of seeing you smile?

If you have a full shopping cart, do you make sure the guy with a single item behind you stays stuck behind you?

Do you stand right in the middle of a busy crosswalk making everyone walk around you, just because you can?

Do you avoid donating to charities?

People like you are the problem with the world today. Only be nice when it's legislated. You suck.

Re:Some on purpose to promote free WiFi.

That's as stupid as saying that if someone taps into your phone line (note the "unsecured" wires coming into the side of your house!!!) and calls in a threat that you would be liable.

Of course thats not true. Sure, you might be investigated... but in both cases probably cleared. The wireless case is even more clear-cut because it's easy to see that it was left open. The phone lines would be much harder to explain why you let someone on your property to tap in like that, and didn't shoot them while they were connecting alligator clips to your wires.

Re:PRoblem is I only have wep

[radish]

Contrary to what some other posters have said, I'd posit that it's secure enough for the home user.

Even if it could be cracked in an hour (I doubt that figure - the number of packets needed for an analysis is huge, and unless your network is very busy it will take much longer than that) - most would-be attackers (a) don't know how and (b) can't be bothered. Think about it, 99% of people looking at your AP just want free net access. Chances are there are multiple available APs (in my apartment I can pick up at least 5). If one's closed, they'll just move on to the next. It's the "don't outrun the bear, just outrun the other guy" situation.

Sure, if some ubergeek happens to live within range of you, and really wants in to your network (for some unspecified reason - to steal your pr0n?) then they could get it. What are the chances of that happening? Well it depends how think the tinfoil in your hat is. But it doesn't keep me awake at night.

Why Should People Secure Their Wireless?

[allgood2]

Obviously, I'm in the minority here at Slashdot, but I've got to say, "So What! Why Should People Secure Their Wireless Network?" Sure corporations should or at least create set-ups where the wireless network is removed from the wired network and of course all that effort to secure the computers, but I've never understood the great push for security on a wireless networks.

For me I'm of the school that you shouldn't depend on your network for security for your computer. This view recently discussed by Jeff Schiller, MIT's Network Manager at Syllabus http://www.syllabus.com/article.asp?id=9193. I think he makes some great arguments.

Recently, it seems that people have just jumped on the bandwagon that YOU MUST secure your network, and I guess for the bevy of Windows users out there, with little options for ever successfully securing their computer, this is probably true and one way to get around it. But I find wireless network security to be the antithesis of what wireless connectivity promotes--freedom. So it makes great sense that people would not secure their networks.

Wired Networks by their nature are someone closed off, insuring their security or closing them off further is no big deal. You would expect to have to handle 2, 3, 5, 10 random clients on a wired network. Sure with laptops it happens more, but typically a wired network is somewhat more static in design. You have switches, ports, hubs--it's all very physical. So sure secure it.

But wireless networks promote freedom--you can use your laptop anywhere (anywhere with wireless). But security warps that message. Freedom has always had its limitations, but now the limitation is that someone else owns the air you need to use. What's the point of going to a coffee shop, an administrative building or even sitting on your neighbors porch with your laptop if you still can't get internet access when wireless connectivity is available.

Sure their should be tools to prevent abuse. I don't want someone to start downloading movies off my wireless network, but WHY WOULD SHOULD I CARE if they just use it. I expect the same reciprocity if I'm in the town square or at a coffee shop or just down the street at a friends.

Securing your network has become synonymous with securing your computer and its not. Someone decided that it was impossible to secure their computer, with all the software with bugs and wholes, with various operating systems working against your efforts. So the rallying cry became secure your network.

So fine. Secure your landline, but leave your wireless alone. Sure change the default settings, after all one neighborhood really shouldn't have 50 linksys access points. I'm all for letting people know whose wireless access point they're using. I'd don't want someone taking over my access point, but with various hacking tools, the effort is the same regardless if I've secured my access point.

But if Sue next door wants to use my wireless, go ahead. Don't ask me. Don't make me add you to an exception list or hand over a password. Just use it dammit and be respectful. It's there, and it doesn't really cost me anything more than what I'm currently paying to have you or 20-30 other guest using it.

Encryption, Authentication, and Authorization, and common sense work well enough for keeping the information I need to be secure, relatively secure. I'd rather have someone distracting by the beauty of playing Doom from their front porch using my access point, then banging on my access point try to hack my setup security so they can get free access, when I could have just offered it.

So I say, "Offer It!" Secure what you need secure and open everything else. It makes life easier, and produces good karma as well.