Can Faraday Cages Tame Wi-Fi?

mrraven writes "An article at TechWorld discusses the increased need for wireless network security. One possible solution to this problem is the use of building-wide Faraday cages to block the wireless signal from 'leaking'." From the article: "Small installations of RF shielding don't have to be expensive, and the basic concept of a Faraday cage can be extended to all kinds of small everyday objects. Leather wallets sandwiched with a conductive RF-shielding layer can prevent RFID scanners from reading personal information implanted in everything from RFID-enabled access control cards to some credit cards; they're widely available for as little as US$15. For those favoring a more DIY route, several Web sites have information on how to make an RFID-blocking wallet with duct tape and aluminum foil."

UK defense system

[legoburner]

BAE in the UK have made a wallpaper to do just this. No word on if it is available to consumers though I bet there is a market in the paranoid EM fearing folk that live near 'evil' cell phone masts.

Leaky

[QuantumFTL]

I'm sure this will help minimize effects of leakage, but no building can have a "perfect" faraday cage on standard wifi frequencies - the wavelengths are far smaller than the openings required for humans to enter and exit the building.

Once again, it's probably better to focus on good encryption, though this is hardly much help to defeat certain on-site DOS attacks. Then again, that's what your security force is for :)

Why does it have to be a physical?

[DoubleRing]

There are so many ways of securing a wireless network without the messy business of placing a mesh wire around the building. The university in the town I live in has a campus wide wireless network. They then use a vpn system (cisco, I believe) to regulate access. Simply, anyone can connect to the wireless network, but you are given no access unless you connect to the university's vpn. Then from there, depending on that account's permissions, you can access the Internet and the university network permissions. I think this system is probably the best ideas because very little additional hardware is required, each account has a separate username/password combination (if the password is compromised, you only are dealing with a single user), and has the added bonus of being able to access the university resources from home. Plus, it works flawlessly with Linux.

Re:The truth may be out there...

[arivanov]

It does not need to be a tin hat.

Our office has IR tempered glass (which is quite common in "all-glass" buildings nowdays.

Stops WiFi dead in its tracks. The signal drops by 20+db when going outside the building to the point where you can no longer home in with a normal receiver. Granted, this will not help against a professional attacker, but it is more then enough against random wardriving k1dd10tz.

So if you have to chose between two buildings which are all-glass and glass windows + wall for a new office the all-glass is better as far as WiFi is concerned. Wardrivers aside, allocating channels without worrying about neighbours is quite a nice thing to have.