News

The Incredible Hype bursts from wireless security drive

An important publicity vehicle has been launched, on which incredible hype can be mounted, in the battle to persuade reluctant businesses to buy security hardware, software and solution services. Do we care?

Stubbornly refusing to get worried about wireless security, the world is to get a kick up the bum from this week, from an organisation called "The Worldwide Wardrive" - trying to encourage us to take it seriously.

The organisation has done one wardrive already - last year, 31 August to 7 September - which discovered lots and lots of wireless sites, not all of which were entirely secure. They found nearly 10,000 sites in total, of which six and a half thousand had no WEP security at all.

Now they're doing it again, and before you go to their site, be warned, switch off colour on your display. It will tell you (the site):

Q: "What do you hope to accomplish?"

A: "We feel that many end users are not aware that the factory or "default" settings on Access Points do not take any security measures into account. By providing these statistics we hope that end users will become aware of the need to take simple measures to secure their access points."

It's a great idea, in that it draws attention to wireless networking, and yes, it might well draw attention to the need for security for those who need security, too. But mostly, it's going to be an opportunity for anybody associated with security to publicise themselves.

First off the block, is this: "Bluesocket Responds With WarDrive Defense Offer To Prevent WLAN Vulnerabilities" - Bluesocket has announced the WarDrive Defense loaner program to protect organisations during the wardrive.

"The upcoming WorldWide WarDrive will attract a larger number of participants than earlier wardrives, who in turn will detect an even greater count of unsecure access points," said Geoff Davies, managing director of i-sec, a London-based IT security consultancy. In September 2001, I-Sec identified more than 60 vulnerable networks during a 45-minute drive around the City of London. "As more wireless networks are deployed without using appropriate security technology, the potential for security breaches increases dramatically," said Davies.

Well, yes, it does. And frankly, so does the Internet; and the main reason most people can't be bothered, is that they actually have no wonderful secrets worth stealing.

The "Mobile Campaign" is thinking of launching a WorldWideWindow drive. We'll send shock troops into every city, town and village, armed with catapults. Activists will expose the fact that houses, offices and even factory premises are protected from assault, firebombing or even entry, by nothing more than a thin layer of frangible glass, which the least effort can shatter. We feel that many home users are not aware of the fact that the factory or 'default' settings on vision enhancement portals do not provide protection against catapults, or worse ...

Amusingly, wardriving - a lot older than last year's campaign - has some publicity ground to make up. In its coverage of the world wide wardrive, InfoWorld reporter href="http://www.infoworld.com/articles/hn/xml/02/10/24/021024hnwardrive8.xml"> Ephraim Schwartz speculated: "Wardrive appears to be an offshoot of warchalking, another tactic intended to disclose unsecured wireless networks."

The bandwagon leaving the station will be joined by many more security consultants! - make sure of your seat, and book now. And full kudos to Bluesocket for being first to reserve space on this publicity vehicle!

"Bluesocket, Inc builds products to secure and manage wireless networks," said Eric Janszen, CEO, Bluesocket, Inc. "Many organisations will not want to see their wireless LANs attacked during the wardriving event next week. Some will shut off their wireless LANs or turn on WEP security. Both of these approaches will potentially deny legitimate access to many users of their wireless LANs," said Janszen.

To show how well Bluesocket products prevent attacks on wireless LANs without preventing access by legitimate users; Bluesocket is making available 100 WG-1000 Wireless Gateways on loan for the period of the wardriving event starting Oct. 24, 2002. To participate, call: (in America) +1-781-328-0800 x240 or send email to wardrivedefense@bluesocket.com