New Way to ID Invisible Intruders on Wireless LANs

Bergkamp10 writes "Australia's University of Technology in Queensland has created a groundbreaking new system that can detect invisible intruders on wireless LANs. Wireless networks have been almost impossible to thoroughly secure as they possess no clearly defined boundaries, instead they are defined by the quality and strength of the receiving antenna. QUT Information Security Institute researcher Dr Jason Smith has invented a new system to detect eavesdropping on unencrypted networks or active hijackings of computer sessions when a legitimate user who is logged onto the network leaves the connection. Smith has created a series of monitoring techniques that when used together can detect both attackers and configuration mistakes in network devices."

Signal roundtrip times is the tipoff

[BadAnalogyGuy]

This is a good heuristic, but may be misleading in the case of faulty client hardware or over-active powersaving routines.

But look, if you want a secure wifi, perhaps you're misunderstanding the need for wifi. Pervasive internet connections without wires is what we want. If you want to broadcast wifi, you ought to be required to provide this service to all listeners (how many times have I been to a customer site which had wifi that was locked down and inaccessible?). If you want to implement some sort of auth system to create private networks atop the wifi, hey, that's cool too. But leave the router open, wouldya?