Slashdot Mirror

← Back to Stories (view on slashdot.org)

On The Current State of WiFi Security

Posted by Zonk on from the it's-not-good dept.

An anonymous reader writes "A Flexbeta article covers the basics of WiF security. The article mentions mentions various ways of securing a WiFi network, how easy it is to crack WEP, and what the IEEE is doing about WiFi security. From the article: 'In order to address the security issues of WEP and the current Wi-Fi standards of 802.11a/b/g, the Institute of Electrical and Electronics Engineers (IEEE) is developing a new standard that is called 802.11i. This standard was developed with security in mind. The new standard implements new security entitled Wi-Fi Protected Access (WPA), which takes advantage of the Temporal Key Integrity Protocol (TKIP), is easier to setup using a pre-shared key, and can use RADIUS authentication.'"

9 of 300 comments (clear)

  1. Why should I care? by Robertatwork · · Score: 4, Interesting

    I read a lot about wi-fi security. However, it keeps coming down to, why should I care? Yes, at work it is important to be very security aware. However, at home, I really don't care if someone is using my connection. If they are doing something that is hogging bandwidth, when I want to use it, I can boot them. My computer is protected and on the other side of a firewall. Information that passes over the router does not touch any storage device. So, back to the question, why should I care? (as a home user)

    1. Re:Why should I care? by truedfx · · Score: 2, Interesting

      Uh, you place child porn in the same category as downloading music (without even specifying that you're referring to illegally downloading music)?

    2. Re:Why should I care? by wandernotlost · · Score: 2, Interesting

      Haha, heh...wait, are you serious?

      While we're on the subject of naivete...I really don't get the whole idea of "wireless security." People should be focusing on secure end-to-end protocols, not trying to secure the link that goes from your computer to the next hop. You do realize that everything is sent in the clear after that hop, right?

      While making the wireless connection as secure as a wired connection (i.e. not very) may impede the casual traffic sniffer, it's really rather silly to think that it affors the user a "secure" connection to anywhere but that router in your house.

      If you're worried about terrorists and pedophiles creeping into your backyard and sneaking into your wireless network, you need to be concerned with access control, not secure communication.

      Besides, are you really comfortable with the idea that everything that goes across your network is loggable and directly traceable back to you? Kind of sounds like Big Brother to me. I'd rather we have a little bit of ambiguity here and there. I'll still be leaving my access point wide open, thanks.

  2. Ship APs with WPA Enabled? by domipheus · · Score: 3, Interesting

    As many people are saying, there is no point in advancing encryption standards if the average end user will not use it.

    On many sites, you sign up, and get given a random password. How hard would it be for manufacturers to ship AP's with a WPA enabled with a random password/key which is printed on the back of the user manual? (this is a genuine question) XP asks for a password when u try to connect to it automatically, and if you are using linux etc then you know know what the deal is anyway.

  3. A Real Question by L.+VeGas · · Score: 2, Interesting

    And I did RTFA.

    What's the bottom line for my home network? I've got WPA on my 802.11g network. I changed the default passwords, etc. Is there any realistic chance of being compromised?

    Also, as an individual and not a business, what motivation would someone have for doing so?

    --
    Best Windows Freeware
  4. Re:End user has the burden by Chaotic+Spyder · · Score: 2, Interesting

    Phaser® 750 Color Printer
    Ugh... I think it has more to do with people don't know how or why to secure it.
    I have helped a couple friends out with small computer problems. The Following Conversation Has happend a couple times

    ME:ohh.. Who has the laptop? you might want to get them to Secure the Wireless on this Router.
    Clueless Friend: umm.. wireless??? Laptop???
    Me: Yeah.. you have a wireless router and it's not encrypted and you still have all the deafault passwords.
    Clueless Friend: ohh.. we just bought the best router Future Shop had.. I dident know it had wireless
    ....
    ...
    ... Yeah Security needs to be better.. But The problem you speak of is not a problem with the protocall but how it is used...

    --
    Losers whine about their best, Winners go home to fuck the prom queen
  5. Re:WPA2, not WPA by joel48 · · Score: 2, Interesting

    "you would upgrade your infrastructure"

    That's exactly what the parent said, not by moving to WPA[2], but rather by running a VPN/IPSec over the WEP link. I would consider this to be almost a better solution than solely WPA2 (without question VPN over WPA2 is the best solution). The VPN provides an additional, *alternate* security layer.

  6. Here's why we need SOLID WiFi Security..... by 8127972 · · Score: 2, Interesting

    There was a case of a guy downloading child pron in Toronto by driving around at night and finding open WiFi networks (You know the ones.... Their SSID's are Linksys and Default). Apparently when he was caught, he was naked from the waist down looking at explicit images. (Ooh. Bad image)

    I point this out as I used to work for a VAR that sold WiFi products to businesses who would just order the products and throw them up onto their network rather than pay us to come in and properly install and secure the environment (which was usually Windows based). When this happened and I pointed it out to them that this could be them (or something worse might happen, such as the cops knocking on your door because they traced the downloads to their net connection), they changed their tune in a hurry and let us secure the networks.

    Places like Best Buy should hand this article out to their customers. That would reduce the problem in a hurry.

    --
    This is my opinion. To make sure you don't steal it, it's covered by the DMCA.
  7. Re:General Security by Mr.+Shiny+And+New · · Score: 2, Interesting

    There was an article in an IEEE magazine about this sort of thing not long ago. Basically a network admin wanted to set up WPA on his network using encryption and certificates etc. But the normal installation mode was too complex for his users, who happened to mainly be PhD research types (i.e. not dumb, but not computer nerds). So they ended up writing a little program that you put on the notebook computer, you bring the notebook into a room, point the IR at the computer in that room, press a button, and the notebook downloads the certificate and installs it and configures it.

    How hard would it be to include functionality like that into every WiFi device? Heck, you could do it without a line of sight if the router and client communicate by radio, and require confirmation at both ends that the right computer is talking to the right network. It wouldn't be that hard, really.