Thursday, July 07, 2005

The Ugly Myth Of WiFi Security Risks

Look anywhere on the net, or in a current technology magazine, and you will quickly find article after article bemoaning the sorry state of "WiFi security," and warning people about the risks of having their WiFi networks hacked. My favorite example is the FBI road show that seems to be touring the country, scaring the bejeezus out of folks by actually demonstrating how to crack a WEP encrypted WiFi LAN in about three minutes. Scary stuff, right?

We are warned that a WiFi sniffer/cracker/wardriver guy can intercept our logins for our online banking, our credit card numbers and personal information that we key into a shopping site, and, any other frighteningly personal data that we send out over a wireless LAN. And then, we're shocked with the oft-quoted statistic that about 70% of WiFi LAN setups are running "naked," that is, completely unsecured! That is certainly an unsettling situation, right?

The Truth About Stealing WiFi Data

I have spent the past couple of weeks making calls, sending emails, and, studying the web, trying to get as many WiFi security experts to answer the following question as possible: "Just exactly how many documented cases have you personally seen of a WiFi crook actually collecting, deciphering, and then criminally using any personal data that was captured in the air, from a WiFi network... not from one of the computers on the network, but, directly from the WiFi packets being transmitted?"

Zero. Nada. None. Never. It hasn't happened. It is a myth.

I'll not reveal the name of the FBI agent I managed to speak with on this topic, as he is actually one of the guys traveling around putting on the aforementioned 3-minute cracking exhibition. But, even he mumbled his way around and around until finally admitting that cracking the WEP encryption was pretty easy, but that actually then retrieving and making any nefarious use of any sensitive data contained in the zillions of packets scooting around a WiFi LAN was virtually impossible. He really, really wanted to focus the conversation on the idea of cracking the WiFi network to gain access to the computers on the LAN. I, however, made him squirm by staying zeroed in on the idea of retrieving comprehensible data directly from the LAN traffic.

So, with just a little effort, I have managed to dig up yet another tech industry conspiracy to compel users to overspend on technology features, and, to over-involve themselves in unneeded technology complexity. (the first was discovering the utter lack of risk to Mac OS X viruses)

Why Your WiFi Data Is Actually Safe

To summarize my findings in very simplistic lay terms, the traffic on a WiFi network is transmitted in tiny little chunks of chopped up data, called "packets." Each data packet has a pile of network protocol stuff codified at the start and end, and, has about 1Kb of actual user data sandwiched in the middle. And, the packets themselves are in no particular sequence, when intercepted. Frankly, figuring out what any of it actually means is harder than guessing the next card to pop out of a 6-deck shoe at a Las Vegas blackjack table. It is theoretically possible, but, it is several orders of magnitude harder than simply cracking the encryption scheme of a WEP enabled WiFi LAN. It's hard enough that, after some 40 conversations with active WiFi industry security people, I haven't found even one example of it actually ever having been done.

Interestingly, I also cannot find even one such expert willing to buck the herd and to say this for publication. Cowards.

The Practical Approach To WiFi Security

Based on my findings, I am adopting the following WiFi security protocol for my own home and business LAN systems:

1. Secure each computer that's attached to the network.

2. Leave the WiFi network in "public" mode (unencrypted/unpassworded).

With this approach, all of my files (and my network transmitted traffic) are safe, it remains a snap for any WiFi client device to instantly connect to my networks, and, the worst "crime" that anyone can commit against me is to occasionally sneak a free connection to one of my T-1 Internet hookups.

Don't believe me. Do your own research, and verify the great WiFi security myth for yourself. And, keep all of this in mind the next time you read some article by a self-touted security expert extolling the virtues of a zillion unnecessary complexities he wants you to dial into your WiFi setup.


Anonymous Anonymous said...

I think the biggest risk in an open WiFi network is being busted for someone else sending spam, downloading kiddieporn, trying to hack into the Pentegon, etc. That it really the only reason I encrypt my WiFi with WEP.


6:46 PM, July 07, 2005  
Anonymous patrick said...

I simply use the Wireless Access table in my WAP to allow ONLY the wireless MAC Addresses that I own, thus denying wireless access to anyone else. They can "see" my network, but can't logon to it. Is this not the simplest way to lock it down? Sure, you have to add any new wireless computers to the router's access table, but it's a one-time entry and takes 30 seconds.

1:37 AM, July 29, 2005  

Post a Comment

<< Home