Slashdot Mirror
Paint Provides Network Protection
thefickler writes "Forget WEP and WPA; I'm switching over to the EM-SEC Coating System, a recently announced paint developed by EM-SEC Technologies that acts as an electromagnetic fortress, allowing a wireless network to be contained within painted walls without fear of someone tapping in or hacking wireless networks. The EM-SEC Coating System is clearly the most secure option aside from stringing out the CAT5, and can be safely used to protect wireless networks in business and government facilities."
I hope no one ever wants to use a cell phone in your house.
This is my sig, there are many like it, but this one is mine...
Sure it is safe untill somebody needs to open a window or door? Or is this to keep the wifi signal in prison safe? Another fine example of security by obscurity: it never works and is only a good idea as a complement to a setup that is secure without it.
This space is intentionally staring blankly at you
Anyone who needs their network to be more than casually "safe" needs to run cat5. Running some cable is too much of a problem, but repainting your house and installing some specialty doors and windows is somehow easier?
We are all just people.
Governments have a great habit of wasting money by trying to dot every 'i' and cross every 't'. Of course, you can never achieve perfection, but their endless quest does have the effect of each extra step costing enormous amounts of extra money with minimal incremental benefit.
In this case: WPA (and many other layers of encryption) = free. Painting a building with special paint = £$massive.
What's scary is that someone from a government department will mandate this kind of tosh - and suddenly every government building (including leisure centres) will have to have it.
Of course, the irony is that - once they get paint like this, people will feel overly secure - reduce the more sensible types of encryption - and then leave the loading bay doors open, right next to a wireless repeater, pouring forth their unencrypted secrets.
If a job's not worth doing, it's not worth doing right.
You know, just because you don't understand why the army needs this, doesn't meam they're automatically complete idiots.
Here's a thought for you: any good defense is built in layers. So if one layer fails, the others are there to prevent a complete catastrophe. This doesn't mean they won't enable encryption, maybe even an extra layer of encryption on top of WPA, it means that they'll _also_ have a physical EM shielding layer to pick the slack if someone made a mistake.
Additionally, the army has a long history of using and dealing with counter-measures. You don't see people trying to actively jam your home network, but in case of a war, that's exactly what the army might have to deal with. Whether actual pure jamming, or just an EMP from a nuke frying all your electronics, if the shit hits the fan big time. So when that happens, you'd rather most of it was shortcircuited by the building being a big Faraday cage.
Additionally, the army has to deal with EM radiation out of the building in more ways than some wardriver surfing for porn on your home network. It can be someone intentionally placing a transmitter somewhere, to some spy leaking the encryption keys, to being basically tagged for an EM seeking missile. While a Faraday cage won't make any of those 100% impossible, it gives you one extra chance against it. E.g., if someone left the door open near a repeater, you can notice you suddenly detect EM radiation around a building that was supposed to have none. E.g., sure, someone could climb on the roof and place their emitter for the missile there, but there's a chance someone will see them, whereas a modified laptop/clock/whatever in a drawer might not even get noticed until it's set to activate at midnight in anticipation for an enemy strike. Etc.
Additionally, the army is a bigger target than your home network. A wardriver will just go for whatever unsecured network is in the neighbourhood, and not even bother to crack your encryption. You're not worth it. You're one of millions of networks, each perfectly equivalent to any other, for his purposes. Even with the old WEP, chances are noone stood around long enough to gather packets and crack your keys, because, again, it wasn't worth the effort. A spy isn't as easily deterred. He won't go for Aunt Emma's home network instead. And he can devote disproportionate computing power and manpower to cracking the codes of a potential enemy superpower.
Of course, you can stick your head in the sand, put a big "WAP can't ever be cracked" poster and feel secure. What if you're wrong? Even for WEP it took two years for the vulnerability to be published. Plus, for the standard WW2 example, the Germans didn't think Enigma had been cracked either. (Nor did the civillians in most allied countries, for that matter. It was top secret.) What if some bright chinese mathematician comes up with some brilliant new way to decrypt it? Would you rather bet on that never happening, _or_ have an extra layer of defense just in case? Because from where I stand, given high enough stakes, the latter looks like the much smarter choice.
Basically, get your head out of the ass, and out of the "I'm teh genius, anyone doing things otherwise than me is automatically an idiot" mentality. Most often that should just be your hint that you don't actually understand what's happening there, and you're operating on just wild assumptions and pseudo-data pulled out of the ass to support that "I'm teh genius" preconception. And, as they say: Garbage In, Garbage Out.
A polar bear is a cartesian bear after a coordinate transform.