Monday, November 14, 2005

Article: Wireless security

This article isn't strictly on mobile phones, but it's on wireless security, which applies to wireless routers, notebooks, PDAs and even upcoming wifi smart phones. The reason for it is not to explain the details of it, just to raise awareness to the reason why security is important. For a very good technical security discussion I suggest listening to recent episodes of the Security Now! podcast. There's also other long papers and articles on the subject such as this one at ArsTechnica. I won't attempt to duplicate their effort, but just to point out the important things that end users need to worry about when using wireless technologies.

There are 2 types of security issues when using a wireless network. First is unauthorized use, and the second is data collection, usually done with packet sniffing. The first thing you need to do when dealing with wireless access is to prevent unauthorized devices from connecting. Most routers can be configured to have MAC Address Filtering. This is a very simple list of addresses of devices that are allowed to connect. All you have to do is go in the properties of every computer or device to find their MAC address (their unique network interface address) and input them on that list. Be aware however that this will just prevent casual unauthorized access, such as someone connecting to a nearby access point by mistake. Hackers can spoof an address and bypass that easily.

The second item to enable on any wireless network is encryption. Now there are 2 types of encryption protocols available on any recent device: WEP and WPA. WEP is the original protocol and is badly written. It's very easy to crack the code of a WEP encryption and you should avoid it unless it's your only choice. WPA is a very strong encryption, and it's what you should use if available. Simply by turning on WPA encryption, and selecting a strong passphrase that you input in your router and all devices you want to connect, you are then safe from any kind of attack. The good passphrase is however the key, because selecting WPA and leaving the default passphrase or picking a simple phrase composed of english words will not do you any good.

It's estimated that over 35% of wireless networks are completly open and unsecured. The worse part is that many of the things you do, such as getting emails or sending passwords to any unprotected web page, is done in the clear. So when using wireless, either as a simple home network or using a mobile device at a hotspot, the one thing you need to be careful about is to use WPA encryption, or at least WEP if WPA is not available, to protect yourself. Other solutions include VPNs, but that's a whole other subject.


Post a Comment

<< Home