Comment

A retro wireless network isn't just quaint. It's dangerous.

by Manek Dubash | posted on 19 September 2007

You don’t put barbed wire around your front door, and most people don’t install steel bars in front of their windows. The cost and inconvenience of so doing would just be too much -- greater than the security benefit gained.

Manek Dubash

Such is now standard fare for the security industry and experts, and most in the industry at least have a nodding acquaintance with the notion that security can never be absolute, but has to bear some relationship to the value of the stuff you're trying to protect, and how much you're prepared to pay to protect it.

Your stereo's worth a lot less than the Bank of England, for example -- no matter how good your stereo is -- and the various security measures deployed by you and the bank reflect that.

So it came as a bit of surprise this week to read of a new product that protects users against weaknesses in the WEP encryption scheme. If you remember WEP, then you'll know that it's been widely discredited as a means of wireless network encryption simply because it takes only seconds, using today's technology, to crack it.

According to Airtight, the vendor of said product, it's aiming the kit at a market that doesn't change its hardware much -- namely the retail sector, which is, apparently, still using handheld scanners, cash registers and VoIP phones whose wireless-borne data flows rely on WEP for protection.

According to one story, the new product seeks and blocks cracking attempts, and prevents both spoofed identity attacks and the use of compromised encryption keys.

Interestingly, this seems like a well-targeted product. But it's a pity that the market segment that needs it the most almost certainly won't have seen the news story, and certainly wouldn't shell out for it. I'm talking about small businesses and consumers, in particular those who bought into wireless three or more years ago and whose kit runs happily along, unchanged since that time.

While they're unlikely to be the target of wireless hackery, since the knowledge is so widespread now, it really is worth their while biting the bullet and upgrading their access points to WPA.

As for the clients, upgrading won't be that expensive. It's likely that any laptops old enough not to have built-in wireless -- assuming they've survived this long -- need only a new wireless adaptor. Either that, it'll be the final straw that drives people to Dell's Web site for a new machine. Meanwhile, new laptops will have WPA built in, so there's no excuse.

I think it's about time I changed my three-year-old access point...

Technorati tags:   
Time to update it... - You can discuss this article on our discussion board.
 Network Weekly is a weekly round-up of networking, telecoms and storage news, edited by Manek Dubash.

Related Articles

  • [in Features]
    A whisky flask. No, seriously ... it's a wireless. isn't it?[more...]
  • [in News]
    Wireless security? Not WEP! - that takes just 60 seconds to crack[more...]
  • [in News]
    Palm catches up with the wireless network in Munich devcon[more...]
  • [in News]
    IBC - no wireless access. But it's not incompetence after all. It's greed.[more...]
  • [in News]
    It's still a wireless, pocket game platform, not a golf scoring system[more...]
  • [in News]
    The end of the Wireless access point? - Pctel infects the network[more...]