Slashdot Mirror

← Back to Stories (view on slashdot.org)

New WiFi HaLow Protocol May Bring Old Security Issues With It

Posted by timothy on from the danger-everywhere dept.

Trailrunner7 writes: Perhaps because smart lightbulbs that refuse firmware updates and refrigerators with blue screens of death aren't enough fun on their own, a new WiFi protocol designed specifically for IoT devices and appliances is on the horizon, bringing with it all of the potential security challenges you've come to know and love in WiFi classic. The new protocol is based on the 802.11ah standard from the IEEE and is being billed as Wi-Fi HaLow by the Wi-Fi Alliance. Wi-Fi HaLow differs from the wireless signal that most current devices uses in a couple of key ways. First, it's designed as a low-powered protocol and will operate in the range below one gigahertz. Second, the protocol will have a much longer range than traditional Wi-Fi, a feature that will make it attractive for use in applications such as connecting traffic lights and cameras in smart cities. But, as with any new protocol or system, Wi-Fi HaLow will carry with it new security considerations to face. And one of the main challenges will be securing all of the various implementations of the protocol.

5 of 65 comments (clear)

  1. Great idea! by mwvdlee · · Score: 5, Funny

    I've always wanted to be able to control traffic lights.

    --
    Slashdot social media options: AIM, ICQ, Yahoo, Jabber and Mobile Text. Why no MySpace?
  2. "Could" by 93+Escort+Wagon · · Score: 5, Insightful

    The article basically says all this could happen. It says nothing about the new protocol; nor does it talk about anything specific that's known about it.

    It pretty much boils down to "here's a new protocol, and since new protocols often have security holes, this one may also have security holes."

    --
    #DeleteChrome
  3. FUD by OzPeter · · Score: 4, Insightful

    TFA is pure unadulterated FUD

    --
    I am Slashdot. Are you Slashdot as well?
  4. Dupe. Uninformative. Silly speculation. by Bearhouse · · Score: 4, Interesting

    Bonus points for overuse of the word "protocol".
    By the way, the "much longer range" (debatable)...that's a function of the wavelength guys, not the protocol.

    Anyway, dupe. Was widely discussed here the other day; can be bothered to find TFA.
    Was a nice nerdy conversation about range vs. antenna design vs. signals stomping all over each other...
    More info on 11ah here;
    https://en.wikipedia.org/wiki/...

    Don't see how this will bring any more - or less -security. If, and it's a big if, people learn from the mistakes of the past, then our previous experiences with wifi should make people more aware of the design risks and take proper steps to secure stuff.
    Of course, with all of the continuing revelations about hard-coded passwords, crap firmware and backdoors in everything from routers (both pro and consumer grade), "smart" meters and "smart house security solutions" *cough* the betting is probably that cheapo IoT devices will be as insecure as hell.
    But that's hardly the fault of the standard...

  5. Re:We don't need another band by Rob+Lister · · Score: 5, Interesting
    AC, all of what you wrote misses almost completely.

    The IEEEE is the Goldilocks looking for the perfect spectrum and I am not sure that's even realistic.

    Perfect is in the eye of the objective.
    * 2.4GHz band is ideal for many applications but not all.
    * 5GHz band has more bandwidth than 2.4 but also less range.
    * 900MHz band has less bandwidth than 2.4GHz band but also more range.

    So what is your objective?

    One can argue that there was no need for the HaLow because other protocols exist for communicating on that range, but that's a different argument. If other protocols suit the objective better, nothing prevents them from being used.