New Security Ideas From Intel

Scott writes "Intel is developing a new technology that could prevent unauthorized access to wireless networks using the time it takes for packets to arrive from the access point to the Wi-Fi user. This is one of several ideas were presented at Intel Developer Forum. Intel has also released a hardware-based solution to fight against worm spreading. From the report: 'The system monitors the number of external connections being made and if a higher network activity is detected, the computer is disconnected to prevent the infection of further machines on the network.'"

The security of your wireless network...

[Vyyper]

is only as strong as the weakest link.. which in most cases is the user.

If anyone actually bothers to turn it on..

[jcr]

Hey, kudos to Intel for coming up with this stuff, but I suspect that the majority of people who buy a wi-fi router in the next five years will still not bother to even change the default admin password.

-jcr

Re:If anyone actually bothers to turn it on..

[riptide_dot]

I suspect that the majority of people who buy a wi-fi router in the next five years will still not bother to even change the default admin password.

Or take any other measures to secure the device for that matter, like preventing access to unknown MACs, limiting usage to certain times of the day, not broadcasting the SSID, etc, etc...

This is one of those cases where some of the people that want devices like these have absolutely no idea how to use them correctly. To me, it's like handing the keys to a Ferrari to a 12 year old. ALL of my neighbors have open access points, so whenever people come over to my house with wireless equipment, I don't even bother to modify my network to let them in - I just tell them to sit by a window and inevitably they get all the bandwidth they need.

Intel is developing a new technology that could prevent unauthorized access to wireless networks using the time it takes for packets to arrive from the access point to the Wi-Fi user.

I think this is supposed to read "using the time it takes for packets to arrive from the Wi-Fi user to the access point. I have no idea how an access point would be able to monitor how long it took for its packets to make it to the clients...

Re:If anyone actually bothers to turn it on..

[merreborn]

I have no idea how an access point would be able to monitor how long it took for its packets to make it to the clients...

It probably measures the time between transmission, and the reciept of an ACK(nowledgement). Of course, you'd think a really bogged down machine with a USB Wifi adapter could concievably return ACKs a little slow, and get dropped.

All in all, it seems like a pretty goofy idea: "Secure your WAP: artificially limit it's already meager range!"

Re:If anyone actually bothers to turn it on..

[j.blechert]

Shouldn't the people who install the access points secure them and not the people who use them? You can't expect joe user to understand even what a MAC or SSID is.

Disconnects on too many connections...

[LittLe3Lue]

From the report: 'The system monitors the number of external connections being made and if a higher network activity is detected, the computer is disconnected to prevent the infection of further machines on the network.'

Please. Slashdot has had the same effect on websites for years.

Time to drag out this old chestnut:

[This+Old+Chestnut]

Security through proximity is not security at all.

Wrong vector, wrong layer, respectively.

[Tackhead]

> Intel is developing a new technology that could prevent unauthorized access to wireless networks using the time it takes for packets to arrive from the access point to the Wi-Fi user.

Crackers are developing new technologies to enable unauthorized access to wireless networks using the time it takes them to intercept and retransmit packets between the access point and the Wi-Fi user.

As for the "solution" of detecting worms by autokilling connections when bandwidth usage changes in a way that the software didn't predict, (in a way that's more likely to cripple your favorite P2P client software more than it's likely to disable a worm that decides to start slowly and ramp up), how about Intel gets off its sorry ass (if you felt a rant coming on, you were right) and comes up with a real solution to connection hijacking -- namely by implementing cryptographically strong authentication between client and access point at Layer 2 of the OSI model, not Layer 7.

Oh, right. Securing Layer 2 instead of Layer 7 would harm the interest of those in charge of writing Layers 8 (financial) and Layer 9 (political) of the 7-layer model.

Circuitbreaker *not for home users and developers*

[Lemming+Mark]

Before anyone gets too upset at the idea of their computers getting cut off from the internet for running P2P:

This kind of technology is not interesting to home users, or even for developer workstations: nobody is going to want to use a technology that cuts off their personal computer. The place it looks (IMHO) to be aimed at is ordinary user desktops in large corporations. These are (supposed to be) highly locked-down environment and controlled tightly by the sysadmins. In this environment, the IT manager is going to prefer inconveniencing a few users by cutting their 'net connection than managing a widescale worm outbreak that'll likely take the rest of the network down for everyone.

Horses for courses: home users and developers will still be best served by taking precautions (virus scanners and social countermeasures) and being vigilant for signs of an outbreak.

as if it wasnt easy enough...

[Anonymouse+Cownerd]

"The system monitors the number of external connections being made and if a higher network activity is detected, the computer is disconnected to prevent the infection of further machines on the network."

DOS attacks have just gotten easier.

so what's the solution?

[Deitheres]

I agree... about a year ago I did a quick wardrive around my mom's neighborhood (upper middle class suburb of Columbus, OH). I drove 3 blocks, and found 14 wireless networks. 10 were open. I tried using the default password for all of the router types (as identified by netstumbler), and it worked on 9 of the open networks... only 1 of the secured networks had not changed the default password.

What is the solution to this? I am hardly an expert on supply-side economics relating to production, but how hard would it be to set a random password for both the router and the wireless network? Include a piece of paper with both the password written on them (kind of like a manual addendum, that way each manual won't have to be customized). Or better yet, make the default password the serial number of the router. Extremely difficult to guess, usually a string of alpha and numerics, and the user could never really lose it (unless they removed the serial number sticker from the router).

There has to be a better way of doing things than what currently exists. To offer a product to consumers that has no security whatsoever in an out of the box condfiguration is moronic. Even more moronic is the fact that the consumer (I'm speaking in general terms of course) makes no effort to read the manual. You would think that logic would strike them in the face as they connect to their network for the first time...

"Oh, look, Windows automagically detected my wireless network!"
"Neat, now it's joined! That was easy..." ......

"Almost TOO easy"
*smack* (this is the sound of logic smacking them in the face)
"Wow, maybe I should do something so that it wouldn't be this easy for other people!"