Diary of a Network Geek

The trials and tribulations of a Certified Novell Engineer who's been stranded in Houston, Texas.

8/22/2007

WiFi Security

Filed under: Advice from your Uncle Jim,Criticism, Marginalia, and Notes,Fun Work,Geek Work,Novell,The Dark Side,The Network Geek at Home — Posted by the Network Geek during the Hour of the Rooster which is in the early evening or 7:45 pm for you boring, normal people.
The moon is Waxing Gibbous

Or, the lack thereof.

Okay, so, those of you who know me and my professional career know that security is near and dear to my heart.  Now, I’m no hacker or even a full time security professional, but I’m very, very aware of security and how important it is.  In my last post, I mentioned how much I love having so much wifi connectivity and how nice it was when I was in the hospital to have that easy access.  Well, that’s still true, but I also know how open and insecure that wireless connection is.
This year at DefCon, there was a very popular demo that showed just how easy it was to get information off a wireless connection and exploit it.  In fact, some poor attendee, who should have known better, got his Gmail account hacked, in public, because he didn’t secure his connection properly.  And, earlier this year, some German security experts went on at length about how insecure the WEP protocol is and why that shouldn’t be your only line of defense on wireless networks.

Now, as much as I enjoy my wifi, I’ve also been very vocal about how insecure wifi networks are, by their very nature, for years.  In fact, I got into a rather heated “discussion” with a co-worker and our mutual manager about that at a former job.  Somehow, neither of these gentlemen quite understood how throwing packets out all over, where anyone could snoop them, was an inherently insecure system, even if you used advanced encryption.  Encryption, as the hackers say, is meant to be broken, and sooner or later, it always is.  Again, this is all just logic and reason, but, in a world where anyone who manages a website and a handfull of PCs can call himself a Director of IT, the practical application of logic and reason is a rare thing indeed.
So, enjoy those free wifi connections at your favorite coffee house, but, keep in mind how easy it is for a hacker, or even a script kiddie, to pull vital information off that wide open connection.

(And, if you’re going to DefCon, check out their “Be Prepared” guide, or the DefCon survival guide at the Register.)


Advice from your Uncle Jim:
"In God we trust. All others we polygraph."


Powered by WordPress
Any links to sites selling any reviewed item, including but not limited to Amazon, may be affiliate links which will pay me some tiny bit of money if used to purchase the item, but this site does no paid reviews and all opinions are my own.