Or, the lack thereof.
Okay, so, those of you who know me and my professional career know that security is near and dear to my heart. Now, I’m no hacker or even a full time security professional, but I’m very, very aware of security and how important it is. In my last post, I mentioned how much I love having so much wifi connectivity and how nice it was when I was in the hospital to have that easy access. Well, that’s still true, but I also know how open and insecure that wireless connection is.
This year at DefCon, there was a very popular demo that showed just how easy it was to get information off a wireless connection and exploit it. In fact, some poor attendee, who should have known better, got his Gmail account hacked, in public, because he didn’t secure his connection properly. And, earlier this year, some German security experts went on at length about how insecure the WEP protocol is and why that shouldn’t be your only line of defense on wireless networks.
Now, as much as I enjoy my wifi, I’ve also been very vocal about how insecure wifi networks are, by their very nature, for years. In fact, I got into a rather heated “discussion” with a co-worker and our mutual manager about that at a former job. Somehow, neither of these gentlemen quite understood how throwing packets out all over, where anyone could snoop them, was an inherently insecure system, even if you used advanced encryption. Encryption, as the hackers say, is meant to be broken, and sooner or later, it always is. Again, this is all just logic and reason, but, in a world where anyone who manages a website and a handfull of PCs can call himself a Director of IT, the practical application of logic and reason is a rare thing indeed.
So, enjoy those free wifi connections at your favorite coffee house, but, keep in mind how easy it is for a hacker, or even a script kiddie, to pull vital information off that wide open connection.
(And, if you’re going to DefCon, check out their “Be Prepared” guide, or the DefCon survival guide at the Register.)
Advice from your Uncle Jim:
"They don't hold meetings about rainbows."