Nor can the average user afford $6,000 for a WLAN "gateway" device such as Bluesocket, which merely duplicates what you can implement for free with the native security architecture of Linux or Windows Server plus some custom scripts. Thus, the major problem is not awareness of security risks, but rather the availability of products that are inexpensive, powerful and easy to use.
Before losing thousands of dollars to a vendor that will pull the rug out from under you in a year if you don't pay their high upgrade prices, and before paying thousands for hardware that you can build for free, consider taking the time to learn to use an alternative.
Do you see Wardriving as an extensive problem?
"Ethical" Wardriving is not only beneficial, but it is also a mandatory skill for every WLAN administrator. However, "unethical" Wardrivers could potentially pose great problems. When you hear media quotes from security experts claiming that Wardriving is an insignificant threat, you might consider taking that with a grain of salt.
Wireless security is subject to interference and therefore to Denial of Service attacks. What can be done to protect from such attacks?
As an electrical engineer, I don't see it a major issue. RF interference and jamming can be fixed with patience and a solid understanding of electromagnetics and signal processing. More dangerous to WLANs is government restrictions on spectrum. It is important for every individual to express her views to the government about the need for expanded, unrestricted WLAN spectrum.
A significant part in the process of developing wireless networks is ensuring that the data on wireless devices is secure. What do you see as the biggest threats to that security?
All of the traditional network attacks apply to WLANs, compounded by the lack of physical security inherent to wireless. This includes application cracking, sniffing, spoofing, denial of service, and of course social engineering. In addition, "airborne" wireless viruses will invariably pose a problem, although no one can predict when or to what extent. Anyone who says that wireless viruses will never exist or will never be troublesome has not really studied the viral cycle beyond elementary biology. The truth is that in nature viruses infect ALL organisms, even simple bacteria. Thus, any new technology or platform will eventually be vulnerable when it reaches a modicum of sophistication. It is a natural law.
What are your predictions for the future when it comes to wireless security?
Whether for good or for evil, Microsoft is set to dominate the handheld and miniature device OS market. Not only is Windows CE robust, efficient and truly multi-tasking, but we must not forget that Microsoft has a tendency towards "over-enthusiastic" methods of competition. Thus, Pocket PC and Smartphone (and other spinoffs of CE) will probably dominate, whether we like it or not. Unfortunately, as Microsoft itself admits, Pocket PC itself is utterly bereft of any security architecture whatsoever. Although Microsoft plans to fix this, it is more likely that we will have to rely on third party products.
What are your future plans? Any exciting new projects?
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.