Slashdot Mirror

← Back to Stories (view on slashdot.org)

Home WiFi Network Security Failings Exposed

Posted by CmdrTaco on from the passwords-are-for-suckers dept.

An anonymous reader writes "The shocking state of home wireless (Wi-Fi) network security in the UK has been revealed by a life assistance company study. CPP used an 'ethical hacker,' Jason Hart, to test thousands of Wi-Fi networks across six UK cities, including London. He found that many didn't even have a password and roughly half of home UK Wi-Fi networks could be hacked in less than 5 seconds."

14 of 161 comments (clear)

  1. "Life assistance" = identity theft protection by Sockatume · · Score: 3, Informative

    If you were in any doubt as to why they were sponsoring a study which discovered something scary about the intertrons.

    --
    No kidding!!! What do you say at this point?
  2. No password WiFi != unsecured by Omnifarious · · Score: 5, Informative

    My Wi-Fi has no password, and that's a purposeful choice. While evaluating the passwords on WiFi that does have a password is a reasonable analysis, it's not reasonable to call any WiFi without a password as unsecured.

    --
    Need a Python, C++, Unix, Linux develop
    1. Re:No password WiFi != unsecured by rotide · · Score: 3, Informative

      Frankly, spoofing wireless MAC addresses are easier than cracking WEP. Hell, one of the first steps in using backtrack, etc, is to spoof your mac before associating with the AP.

    2. Re:No password WiFi != unsecured by JayJay.br · · Score: 5, Informative

      Not if the communication is not encrypted and there is any traffic at the time.

  3. No password may be a feature not a bug by kherr · · Score: 4, Interesting

    There is no way to know if the open wifi networks are open intentionally or not. Just ask Bruce Schneier. Saying they're "open to criminals" is biased, maybe "open to visitors" would be more appropriate. How come coffee shops and other businesses with open wifi aren't called out for letting criminals access the network?

  4. Re:No password WiFi == unsecured by Anonymous Coward · · Score: 4, Insightful

    You seem to be confusing "unsecured" with "insecure". They do not mean the same thing.

    Unsecured WIFI means you have no password..

    Just because it's intentionally unsecured doesn't mean it's not unsecured.

  5. Umm, no. by schon · · Score: 4, Insightful

    My Wi-Fi has no password, and that's a purposeful choice.

    Which doesn't mean it's not unsecured. It just means that it's unsecured on purpose.

    Supposed you have a bicycle. You chain it to a lamppost. It is now secured.
    Supposed you take the same bicycle and decide purposely to not chain it to anything. Just because you decided not to chain it doesn't make it magically secured. It's still unsecured, you just made the decision not to secure it.

  6. Re:OT Question by mellon · · Score: 5, Interesting

    Yes. Vote in the November election. Lobby your congresscritters to keep the common carrier defense applicable to the Internet.

  7. Lets face it... by Darkness404 · · Score: 4, Interesting

    Lets face it, yeah, wi-fi routers can be hacked, yeah, a lot of people don't have secure wi-fi, but in all honesty does it matter to most people? Credit card information already should be encrypted with HTTPS so that wouldn't be sniffed, most sites let you use security to log in, etc.

    --
    Taxation is legalized theft, no more, no less.
  8. 5 seconds? by cfc-12 · · Score: 5, Funny

    He found that many didn't even have a password and roughly half of home UK Wi-Fi networks could be hacked in less than 5 seconds."

    I'm impressed. I can't connect to my own wireless network in less than 5 seconds.

  9. Not Shocking by timeOday · · Score: 5, Insightful
    I hate the alarming tone of these passe "war driving" articles. A car or home can be broken into in 5 seconds by breaking a window. Most mailboxes where I live (including mine) are just boxes with a little non-locking door on the front that anybody can open.

    And yet, the world keeps on turning.

    Hopping onto somebody's wifi doesn't mean anything. It doesn't mean you can get their personal documents, or banking info, or anything else.

    1. Re:Not Shocking by Nidi62 · · Score: 3, Insightful

      Hopping onto somebody's wifi doesn't mean anything. It doesn't mean you can get their personal documents, or banking info, or anything else.

      But you CAN download music on their network and ruin them for life if the RIAA/MPAA finds out.

      --
      The only thing necessary for evil to triumph is for it to be pitted against a slightly greater evil
  10. Rubbish. by Curmudgeonlyoldbloke · · Score: 3, Informative

    "* We found that nearly a quarter of private wireless networks has no password whatsoever attached, making them immediately accessible to criminals."

    So that's not just home networks then, that includes businesses deliberatly running open wifi as a service to visitors, and all sorts of commercial access points that are "open" in that they get you to a login provider for the service, which you then have to log in to? How many these "private wireless networks" are adhoc wireless on one PC connected to nothing in particular?

    The first link is just an advert selling snake-oil, the second contains no information to speak of. No link to any "report" at all.

  11. Re:OT Question by bsDaemon · · Score: 3, Interesting

    Not in the sense of a W or a K station, but its still broadcasting radio traffic. It still doesn't make you a common carrier due to other restrictions. Most things people think are common carriers aren't and never were. Likewise, "safe harbor" means that if the carrier meets the requirements for compliance with CALEA, that they can't be held liable for not being able to do anymore.

    Either way, the end case is the same. Neither of these constructs have anything AT ALL to do with whether or not you're going to get boned if someone jumps on your AP and starts committing crimes.