Slashdot Mirror
Paint Provides Network Protection
thefickler writes "Forget WEP and WPA; I'm switching over to the EM-SEC Coating System, a recently announced paint developed by EM-SEC Technologies that acts as an electromagnetic fortress, allowing a wireless network to be contained within painted walls without fear of someone tapping in or hacking wireless networks. The EM-SEC Coating System is clearly the most secure option aside from stringing out the CAT5, and can be safely used to protect wireless networks in business and government facilities."
I hope no one ever wants to use a cell phone in your house.
This is my sig, there are many like it, but this one is mine...
Sure it is safe untill somebody needs to open a window or door? Or is this to keep the wifi signal in prison safe? Another fine example of security by obscurity: it never works and is only a good idea as a complement to a setup that is secure without it.
This space is intentionally staring blankly at you
Anyone who needs their network to be more than casually "safe" needs to run cat5. Running some cable is too much of a problem, but repainting your house and installing some specialty doors and windows is somehow easier?
We are all just people.
Governments have a great habit of wasting money by trying to dot every 'i' and cross every 't'. Of course, you can never achieve perfection, but their endless quest does have the effect of each extra step costing enormous amounts of extra money with minimal incremental benefit.
In this case: WPA (and many other layers of encryption) = free. Painting a building with special paint = £$massive.
What's scary is that someone from a government department will mandate this kind of tosh - and suddenly every government building (including leisure centres) will have to have it.
Of course, the irony is that - once they get paint like this, people will feel overly secure - reduce the more sensible types of encryption - and then leave the loading bay doors open, right next to a wireless repeater, pouring forth their unencrypted secrets.
Just because your microwave doesn't leak microwaves doesn't mean that it doesn't leak heat. A warm environment will significantly speed up the effect. This will work on top of your refrigerator, too.
Wake up - the future is arriving faster than you think.
This 'solution' creates another problem - it prevents communication from happening.
It is one thing when a person in a cinema uses their phone - lack of education. And it is another thing when someone receives an SMS, being notified by vibra, without disturbing anyone. What if the SMS bears news about an emergency, or something that is of a critical importance?
Do you think it is 'cool' when you have a problem and your doctor is notified via SMS while they're watching a movie in a cinema or having dinner in a restaurant that uses this uber-paint?
We need to solve the original problem, not substitute it with a different one. My guess is that the answer lies within ourselves - self improvement, educating our children, etc. Paint will not change the human nature, only humans will.
The saddest poem
The problem isn't necessarily trying to dot every i and cross every t, or even government in particular. How hard is it to picture a good number of PHBs in the private sector reading this article and thinking "paint will make our network secure!"? The difference is that rather than your tax dollars being wasted, investment/operations dollars will be. Cost subsidized by the consumer in less competetive or more collusive markets.
To be pithy, the ultimate problem is "zeal without knowledge" -- or, to be a bit more verbose, quick institutionalization of specific rules and practices for their own sake, rather than the development of an institution with intelligence and introspection built-in and distributed throughout.
Tweet, tweet.
You know, just because you don't understand why the army needs this, doesn't meam they're automatically complete idiots.
Here's a thought for you: any good defense is built in layers. So if one layer fails, the others are there to prevent a complete catastrophe. This doesn't mean they won't enable encryption, maybe even an extra layer of encryption on top of WPA, it means that they'll _also_ have a physical EM shielding layer to pick the slack if someone made a mistake.
Additionally, the army has a long history of using and dealing with counter-measures. You don't see people trying to actively jam your home network, but in case of a war, that's exactly what the army might have to deal with. Whether actual pure jamming, or just an EMP from a nuke frying all your electronics, if the shit hits the fan big time. So when that happens, you'd rather most of it was shortcircuited by the building being a big Faraday cage.
Additionally, the army has to deal with EM radiation out of the building in more ways than some wardriver surfing for porn on your home network. It can be someone intentionally placing a transmitter somewhere, to some spy leaking the encryption keys, to being basically tagged for an EM seeking missile. While a Faraday cage won't make any of those 100% impossible, it gives you one extra chance against it. E.g., if someone left the door open near a repeater, you can notice you suddenly detect EM radiation around a building that was supposed to have none. E.g., sure, someone could climb on the roof and place their emitter for the missile there, but there's a chance someone will see them, whereas a modified laptop/clock/whatever in a drawer might not even get noticed until it's set to activate at midnight in anticipation for an enemy strike. Etc.
Additionally, the army is a bigger target than your home network. A wardriver will just go for whatever unsecured network is in the neighbourhood, and not even bother to crack your encryption. You're not worth it. You're one of millions of networks, each perfectly equivalent to any other, for his purposes. Even with the old WEP, chances are noone stood around long enough to gather packets and crack your keys, because, again, it wasn't worth the effort. A spy isn't as easily deterred. He won't go for Aunt Emma's home network instead. And he can devote disproportionate computing power and manpower to cracking the codes of a potential enemy superpower.
Of course, you can stick your head in the sand, put a big "WAP can't ever be cracked" poster and feel secure. What if you're wrong? Even for WEP it took two years for the vulnerability to be published. Plus, for the standard WW2 example, the Germans didn't think Enigma had been cracked either. (Nor did the civillians in most allied countries, for that matter. It was top secret.) What if some bright chinese mathematician comes up with some brilliant new way to decrypt it? Would you rather bet on that never happening, _or_ have an extra layer of defense just in case? Because from where I stand, given high enough stakes, the latter looks like the much smarter choice.
Basically, get your head out of the ass, and out of the "I'm teh genius, anyone doing things otherwise than me is automatically an idiot" mentality. Most often that should just be your hint that you don't actually understand what's happening there, and you're operating on just wild assumptions and pseudo-data pulled out of the ass to support that "I'm teh genius" preconception. And, as they say: Garbage In, Garbage Out.
A polar bear is a cartesian bear after a coordinate transform.