You're Not As Secure As You Think... Except Maybe On Wireless Networks

from the myths dept

Stories that list out the top (insert random number here) myths about security seem to come out every other week or so. However, this latest one from Information Week is somewhat amusing in that it's basically a list of items saying you're not nearly as secure as you think you are, but then the last point basically says: except if you're on a wireless network. Apparently, the idea that wireless networks are insecure has been so drilled into so many minds that many people ignore the fact that you can be pretty secure on a wireless network if you know what you're doing.


Reader Comments (rss)

(Flattened / Threaded)

  1.  
    identicon
    WifiNinja, Oct 11th, 2005 @ 4:42pm

    Need to Understand Wireless

    Wireless security is much more than WEP. Turning WPA-PSK (Shared Key) is just as bad as WEP. Since the user is going to use a small passpharse that can easily be broken. Also makes a big deal about MITM, yet fails to mention that as an issue with Wireless. His article is right on the other points, guess his editor did not want an all negative article. We seen this before from Analyist, and publications. Wireless is not as bad as people are saying. Yea, its WORST!

     

    reply to this | link to this | view in thread ]

  2.  
    identicon
    Rickler, Oct 11th, 2005 @ 6:20pm

    Say what?

    Wireless networks use radio waves... how is broadcasting your data over the air more secure then through a wire?

    It's the difference between a walky-talky and telephone.

     

    reply to this | link to this | view in thread ]

  3.  
    identicon
    Kerry Garrison, Oct 11th, 2005 @ 6:25pm

    Re: Say what?

    Are you running any encryption on that wired network of yours? I thought not.

     

    reply to this | link to this | view in thread ]

  4.  
    identicon
    Chris, Oct 11th, 2005 @ 6:41pm

    read it again

    "As long as you know what you are doing"

    did you not read this? if you encrypt your wireless, and block the things you need to block, its more secure than wired, mainly because wired does not have as many security features as wireless, becasue people think that it IS safe, and wireless is NOT, but id say its the opposite becasue of the hype.

     

    reply to this | link to this | view in thread ]

  5.  
    identicon
    G, Oct 11th, 2005 @ 6:54pm

    Re: read it again

    You can crack anything with enough time - wireless is easily cracked because it's right there in the air. And if you apply "As long as you know what you are doing" on wired networks - it's far more secure (ie. fiber cables, network tunneling, user authenthication [biometrics or smarcards] data encryption, intrusion detection, proper network management and just to name a few tricks). That network consultant guy - he's on crack - suggesting that wireless is more secured or IPv6 is bulletproof.

     

    reply to this | link to this | view in thread ]

  6.  
    identicon
    10 pound, Oct 11th, 2005 @ 6:55pm

    Re: read it again

    Wired is fine as long as you use good WEP and its not financial/goverment/enterprise class data xfers

     

    reply to this | link to this | view in thread ]

  7.  
    identicon
    10 pound, Oct 11th, 2005 @ 6:55pm

    Re: read it again

    Wireless is fine as long as you use good WEP and its not financial/goverment/enterprise class data xfers

     

    reply to this | link to this | view in thread ]

  8.  
    identicon
    Chris H, Oct 11th, 2005 @ 7:38pm

    No Subject Given

    I would NOT rely on WEP encryption. It can be broken within a half hour or less using two laptops with the right software. I ran WEP on my network for a while thinking it as very secure... then I did some research and learned just how vulnerable I was.

    You're much better off using WPA since the key changes often enough to keep anyone from being able to figure it out. Unfortunately, not all wireless adapters support it. The standard IBM T42 laptop being one of them.

    If all you have for encryption is WEP I'd suggest, MAC Address filtering, non-broadcast SSID, turning it off when not in use, and setting up a honeypot (an un-encrypted wireless router that is standalone and not connected to the Internet... to help slow most "war-drivers" down).

    The biggest mistake you can make is thinking no one in your neighborhood is "tech savvy" enough to hop on your network. Not only can you not know that for sure... but war driving is becoming a popular hobby for a lot of people.

     

    reply to this | link to this | view in thread ]

  9.  
    icon
    Mike (profile), Oct 11th, 2005 @ 7:48pm

    Re: read it again

    Heh. The point of the article wasn't that wireless networks are completely secure. Everyone knows they're not... but to counter the argument that they're automatically not secure and dangerous to use.

     

    reply to this | link to this | view in thread ]

  10.  
    identicon
    jr, Oct 11th, 2005 @ 8:13pm

    No Subject Given

    wireless is not safe.....wire is not safe.....
    the internet is not safe.....there is no such thing as secure.............i run 2 servers....& im not safe....these damn kids these days hack everything they see..........

     

    reply to this | link to this | view in thread ]

  11.  
    identicon
    Rickler, Oct 11th, 2005 @ 8:41pm

    Re: read it again

    Ok I see now, I was thinking more about home use; wasn't considering a large building. Yea, someone could splice in and collect the packets. But they can just get to the wireless router or the CAT cables and do that too. But really it would be a hell of a lot easyier to sit out in a car and collet a few million packets and just crack it.

     

    reply to this | link to this | view in thread ]

  12.  
    icon
    erica ann (profile), Oct 11th, 2005 @ 9:48pm

    Re: No Subject Given

    Don't forget turn off DHCP and also change the channels. With different channels having different strengths, a lot of people overlook the fact that you want the wireless to be in the range of where you are, but not past it.

    Also.. I have seen countless number of people take those precautions BUT not change the default settings for the SSID and password <shakes her head>

    As for if you have to use WEP.. unfortunately a lot of people still do. Netgear, Linksys, D-Link and others who did not have WPA on their firmware (or compatibility on the NIC) a few years ago... There are still people running the same WAPS. Heck there are still some that don't even care if it is unsecured.. and do not understand why.

    I had to do demonstrations to teach how to install wireless a couple of years ago.. and I also did many installs.

    Some may call it cheesy, but I made a flash video of some of it one night when I was bored.

    http://www.girlgeekette.net/2005/09/04/wireless-networking-the-wifi-movie/

    I even have some posts on the subjects on wireless from experiences I have seen and researched / taught

    http://www.girlgeekette.net/category/wireless-info/

     

    reply to this | link to this | view in thread ]

  13.  
    identicon
    Tim, Oct 11th, 2005 @ 9:50pm

    lol

    Anyone with a little know-how of wireless networks with a wireless capable laptop and a linux live CD (take your pick of the hundreds out there) could crack any level of encryption there is out there on WiFi access points. This even includes the latest WPA with either username athentication and sercure certificate. And as for MAC filtering... spoofing a MAC address is one of the oldest tricks there is. The most secure computer there is is the one that is unplugged.

     

    reply to this | link to this | view in thread ]

  14.  
    identicon
    readCarefully, Oct 11th, 2005 @ 11:55pm

    You are all missing the point here

    "You're Not As Secure As You Think... Except Maybe On Wireless Networks" - The title says it all... On a wired network, there is a sense of security... which is falsely placed. Hence a wired network is not as secure as you "THINK" it is.

    On the other hand, for wireless, it is taken for granted that the network is not secure, and hence it is as secure as you "THINK" it is.

     

    reply to this | link to this | view in thread ]

  15.  
    icon
    erica ann (profile), Oct 12th, 2005 @ 1:01am

    Re: You are all missing the point here

    Thank you! If people did not already have it in their mind that wireless was NOT secure... then it would not be as secure as they "thought" it was... hence they think it is not secure and they are right, it is NOT... being where they get it is as secure as they think it is. (love that play on words! .. its like trying to figure out triple and quardruple negatives with fuzzy logic)

    (For the most part that is.. I have to agree there ARE ways to lock it down good and have it MORE secure than most believe it is(n't), but it will never have the security that wired does.)

     

    reply to this | link to this | view in thread ]

  16.  
    identicon
    Bob3000, Oct 12th, 2005 @ 4:33am

    No Subject Given

    Geez man it ain't rocket science: enable strong encryption and MAC filtering and you can feel pretty good about your wireless network.

     

    reply to this | link to this | view in thread ]

  17.  
    icon
    erica ann (profile), Oct 12th, 2005 @ 8:18am

    Re: No Subject Given

    MAC filtering - it is easier to spoof a MAC than using Wepcrack to crack wep... its just s key change in teh regiatry or ifconfig in linux.
    And when reading packets, its not hard to find the MAC address to spoof or the ip scheme used..

    it is not exactly the best defense around.

     

    reply to this | link to this | view in thread ]

  18.  
    identicon
    Mousky, Oct 12th, 2005 @ 4:19pm

    Re: No Subject Given

    It's not about being 100% secure, it's about making it difficult for people to break into your system. Yes, MAC address can be spoofed. Yes, WEP can be cracked. But if you have two wireless networks in range with similar signal strengths, and network A is not broadcasting SSID, uses MAC filtering, uses 128 WEP and manually assigns an IP while network B is set at "out-the-box" settings, which one are you going to tap in to?

     

    reply to this | link to this | view in thread ]

  19.  
    identicon
    Anonymous Coward, Oct 12th, 2005 @ 4:50pm

    WEP and WPA both suck

    Run IPSec ontop and then and only then are you truely secure.

     

    reply to this | link to this | view in thread ]

  20.  
    icon
    erica ann (profile), Oct 12th, 2005 @ 10:19pm

    Re: No Subject Given

    Depends on who you are. There are pleanty who would purposely crack the WEP and MAC filtered one just to show how unsecure it is. Out of the box is no challenge.

    WPA.. now that is a different story. Especially combined with MAC filtering, no ssid broadcast, change the defaults, change channels to reduce the signal strenth, disabling dhcp, etc.. That is the one to use to make it "more" secure.

    The whole point of the article anyway was to show that people realize how insecure wireless.

     

    reply to this | link to this | view in thread ]

  21.  
    identicon
    ko6728, Apr 25th, 2008 @ 11:15am

    Re: lol

    You are wrong.

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This